Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
File: fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa (raw, json)
Hash identifier: apZpinXHEkmL8B7+N+IdhDlW8zsBvQ0orgVLlFwYdoA=
Subject key identifier: 33:05:21:9A:04:61:51:DA:6B:74:3A:43:42:51:B7:1D:09:10:EE:F2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1EB40F3BF36168207D0AC69C54C850F69A48217B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
Signing time: Tue 05 Aug 2025 19:11:18 +0000
ROA not before: Tue 05 Aug 2025 19:11:18 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:b4:0f:3b:f3:61:68:20:7d:0a:c6:9c:54:c8:50:f6:9a:48:21:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:11:18 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5d0aae08c699519856120867ada3343a5c5c2202eb1602d92bbae8d5558ad900, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:15:98:ab:30:2a:a3:71:ec:04:36:8d:cd:8f:
21:c7:41:9e:1f:b3:87:48:cf:ed:33:0f:eb:55:e5:
69:0c:6e:47:ee:a3:e0:ad:e1:81:25:06:92:4f:0d:
ac:2c:e9:d8:e9:60:45:8d:69:1e:02:1f:4e:59:2a:
74:1d:a4:df:fc:8e:14:05:d4:2c:3d:a3:1c:fe:37:
6e:a7:c0:20:67:e2:0a:b1:de:2c:2e:4f:66:05:f6:
5b:fc:3d:36:3b:31:4f:7e:59:51:3c:ff:8a:c4:86:
4e:2a:cd:1e:7b:e6:3a:60:26:ac:0e:97:2a:73:ca:
03:81:7f:49:f2:a9:9c:e3:5d:11:a0:79:e0:fd:b4:
b0:5c:a8:1d:c6:fb:5a:0f:51:92:38:d3:6a:f5:f9:
81:2a:5d:92:88:5d:12:14:5f:57:50:3b:39:15:97:
be:17:14:e5:d7:5b:fd:e1:8f:a5:ed:8a:6c:c5:ce:
d1:24:6e:f6:cb:3e:6a:35:2d:b7:4b:a1:4c:ac:9e:
e9:f6:a5:f3:0f:da:e6:24:59:47:7e:fe:3e:05:1a:
1c:fc:8b:52:36:df:7c:60:fc:13:37:ad:52:11:6b:
ad:e2:c7:a8:50:a0:4e:86:f4:5a:5b:91:79:26:a1:
76:7b:2c:fb:94:12:5a:77:f9:68:5d:1e:29:d3:9a:
91:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:05:21:9A:04:61:51:DA:6B:74:3A:43:42:51:B7:1D:09:10:EE:F2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8000::/40
Signature Algorithm: sha256WithRSAEncryption
87:d0:39:b8:36:aa:1a:83:8c:df:e9:49:4c:8e:d2:9b:bd:44:
92:db:1e:e9:58:da:6c:ee:d9:d2:12:28:06:15:bb:76:7b:06:
e8:9b:22:8e:d5:e1:7f:cd:92:0b:1c:2b:3a:17:4d:99:f3:f0:
15:b1:ea:be:0a:98:53:23:9e:ec:d3:db:32:73:1e:78:cd:49:
72:ce:86:ff:96:4b:f5:1d:d0:e7:9b:20:9f:6d:36:d2:f8:87:
f3:f6:de:7c:9e:6a:b1:59:c0:92:1b:1c:ee:a7:d9:6d:ff:3b:
7b:65:c1:02:43:19:4c:19:6b:2c:fa:9d:02:b8:25:a6:0e:25:
96:c9:89:36:5a:d7:54:51:2a:24:2f:fb:bd:83:46:ec:f1:ea:
e5:e2:c5:64:9e:31:ed:c9:01:d5:63:34:5c:71:be:fe:1f:73:
32:20:3a:70:ca:c2:51:17:76:82:26:19:9a:ee:03:ad:af:64:
f1:07:17:8a:8c:c3:b2:95:70:48:0f:e5:3b:f3:0d:13:92:38:
fe:e6:b6:9c:69:54:31:68:84:36:47:62:43:5d:ec:33:81:40:
68:df:a9:7a:03:fe:13:15:b1:d6:d7:25:4e:1f:2c:82:10:e4:
a2:3d:9e:50:9b:58:6d:4b:58:ca:a9:09:58:2d:28:81:b4:a3:
a5:9b:37:cc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHrQPO/NhaCB9CsacVMhQ9ppIIXswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTExMThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkMGFhZTA4YzY5OTUxOTg1NjEyMDg2N2FkYTMzNDNhNWM1YzIyMDJlYjE2
MDJkOTJiYmFlOGQ1NTU4YWQ5MDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKcVmKswKqNx7AQ2jc2PIcdBnh+zh0jP7TMP61XlaQxuR+6j4K3hgSUGkk8N
rCzp2OlgRY1pHgIfTlkqdB2k3/yOFAXULD2jHP43bqfAIGfiCrHeLC5PZgX2W/w9
NjsxT35ZUTz/isSGTirNHnvmOmAmrA6XKnPKA4F/SfKpnONdEaB54P20sFyoHcb7
Wg9RkjjTavX5gSpdkohdEhRfV1A7ORWXvhcU5ddb/eGPpe2KbMXO0SRu9ss+ajUt
t0uhTKye6fal8w/a5iRZR37+PgUaHPyLUjbffGD8EzetUhFrreLHqFCgTob0WluR
eSahdnss+5QSWnf5aF0eKdOakTcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQzBSGa
BGFR2mt0OkNCUbcdCRDu8jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmMzY2YxZmYtMjA5ZC00NmY2LWE3ZGQtYTdiYTVkNWJmYmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DiA
MA0GCSqGSIb3DQEBCwUAA4IBAQCH0Dm4Nqoag4zf6UlMjtKbvUSS2x7pWNps7tnS
EigGFbt2ewbomyKO1eF/zZILHCs6F02Z8/AVseq+CphTI57s09sycx54zUlyzob/
lkv1HdDnmyCfbTbS+Ifz9t58nmqxWcCSGxzup9lt/zt7ZcECQxlMGWss+p0CuCWm
DiWWyYk2WtdUUSokL/u9g0bs8erl4sVknjHtyQHVYzRccb7+H3MyIDpwysJRF3aC
Jhma7gOtr2TxBxeKjMOylXBID+U78w0Tkjj+5racaVQxaIQ2R2JDXewzgUBo36l6
A/4TFbHW1yVOHyyCEOSiPZ5Qm1htS1jKqQlYLSiBtKOlmzfM
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:13 2025 by rpki-client