Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c6c4dd9-ed90-498e-88a4-f116875a7de2.roa
File: 3c6c4dd9-ed90-498e-88a4-f116875a7de2.roa (raw, json)
Hash identifier: +5a4ATopkjnY8gkWhWhg6OWdRK8FEfOQUb3KA6zKYZs=
Subject key identifier: CB:DC:C1:E3:76:B8:6E:E9:D9:CE:3C:2E:37:8F:CC:9A:78:75:49:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79B5DF64753B60751260C804370EF775E8DFEA6D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c6c4dd9-ed90-498e-88a4-f116875a7de2.roa
Signing time: Fri 11 Jul 2025 19:41:09 +0000
ROA not before: Fri 11 Jul 2025 19:41:09 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:6040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:b5:df:64:75:3b:60:75:12:60:c8:04:37:0e:f7:75:e8:df:ea:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:41:09 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=e0dd0e6098f138194e6466e86bc7418095f32bf52bdb58f43e28d5c779923da3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:01:28:03:04:d2:f2:50:c0:20:26:28:01:c0:
c1:e3:aa:95:79:57:0e:cc:80:99:40:88:b7:76:d9:
13:cb:8f:75:07:36:3e:50:b2:ce:10:4f:fe:b0:53:
6e:d1:d2:dd:ba:a1:41:a6:42:36:29:65:8a:7b:da:
f9:42:17:d2:5f:76:56:a1:ee:4a:29:03:32:55:e3:
1a:69:c8:d2:ce:70:e1:6c:02:70:ab:2a:a2:1d:0a:
59:7c:96:13:19:d8:aa:79:9f:fe:b8:c0:c5:b5:51:
33:d0:7f:bd:4d:85:96:50:c2:73:43:92:55:15:11:
09:2f:47:4b:50:d5:4b:2d:32:5a:3d:02:7e:00:13:
3c:4d:5e:5c:db:85:09:22:00:53:66:ec:2c:72:aa:
bc:92:9e:af:c5:a6:96:da:1d:3c:f3:2b:96:c3:c0:
b3:15:e8:bc:a9:f7:d5:7a:58:60:84:26:a1:a1:6a:
68:5d:1c:eb:34:16:d1:3f:ad:19:02:5b:dd:a6:90:
a2:19:91:b6:6a:31:5d:fa:5b:d9:b2:ac:4f:7a:6b:
4f:c7:9f:53:1a:1e:8a:f7:07:03:be:0e:e5:d9:28:
51:3e:3d:1d:92:f4:45:16:a1:ab:d2:fc:b8:8d:3b:
ba:51:4f:62:53:94:d0:4b:85:df:2c:43:7b:d0:64:
e2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:DC:C1:E3:76:B8:6E:E9:D9:CE:3C:2E:37:8F:CC:9A:78:75:49:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c6c4dd9-ed90-498e-88a4-f116875a7de2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:6040::/46
Signature Algorithm: sha256WithRSAEncryption
38:b0:da:29:a3:99:6f:c5:e4:a9:4d:f3:25:5f:04:c5:74:eb:
6b:c2:6e:10:0d:b7:f7:c9:c7:84:32:27:22:c0:33:55:0d:ca:
15:84:fd:e5:2f:2e:af:d2:fe:e9:81:fa:fc:47:c1:d4:a2:2c:
db:da:cf:a6:80:13:15:15:27:4f:fb:f4:e5:05:50:d0:ae:bf:
99:73:4f:97:a1:2d:b4:af:99:20:f3:c2:06:3d:bf:0c:b0:c4:
6f:a4:c6:85:e3:14:ea:b9:18:1e:24:23:0e:a8:86:54:75:b4:
70:77:4c:46:27:7b:55:33:3e:8d:5a:fe:f2:54:01:aa:89:f6:
30:60:76:0d:eb:38:67:09:77:16:d3:cb:c5:9e:22:d3:a4:06:
a8:18:02:4f:ea:b7:22:2a:24:61:b4:c5:f5:ae:53:2b:93:46:
8c:0c:7d:88:28:ba:38:32:80:ce:c3:25:3f:10:e4:f2:da:34:
40:71:8b:13:df:cf:4e:f5:45:b0:85:82:6c:28:b0:c3:53:07:
df:fb:c7:58:74:df:be:7a:1d:1d:fe:42:e7:de:1b:20:c2:65:
f4:70:c5:bb:54:bd:94:72:23:c8:04:a5:3c:6d:6e:cd:0a:94:
4e:45:2f:67:d6:16:fd:b0:f2:f4:a2:07:5a:a5:d0:f6:ba:b3:
f1:65:26:64
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUebXfZHU7YHUSYMgENw73dejf6m0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTQxMDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwZGQwZTYwOThmMTM4MTk0ZTY0NjZlODZiYzc0MTgwOTVmMzJiZjUyYmRi
NThmNDNlMjhkNWM3Nzk5MjNkYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMBKAME0vJQwCAmKAHAweOqlXlXDsyAmUCIt3bZE8uPdQc2PlCyzhBP/rBT
btHS3bqhQaZCNillinva+UIX0l92VqHuSikDMlXjGmnI0s5w4WwCcKsqoh0KWXyW
ExnYqnmf/rjAxbVRM9B/vU2FllDCc0OSVRURCS9HS1DVSy0yWj0CfgATPE1eXNuF
CSIAU2bsLHKqvJKer8WmltodPPMrlsPAsxXovKn31XpYYIQmoaFqaF0c6zQW0T+t
GQJb3aaQohmRtmoxXfpb2bKsT3prT8efUxoeivcHA74O5dkoUT49HZL0RRahq9L8
uI07ulFPYlOU0EuF3yxDe9Bk4ucCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTL3MHj
drhu6dnOPC43j8yaeHVJADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2M2YzRkZDktZWQ5MC00OThlLTg4YTQtZjExNjg3NWE3ZGUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVg
QDANBgkqhkiG9w0BAQsFAAOCAQEAOLDaKaOZb8XkqU3zJV8ExXTra8JuEA2398nH
hDInIsAzVQ3KFYT95S8ur9L+6YH6/EfB1KIs29rPpoATFRUnT/v05QVQ0K6/mXNP
l6EttK+ZIPPCBj2/DLDEb6TGheMU6rkYHiQjDqiGVHW0cHdMRid7VTM+jVr+8lQB
qon2MGB2Des4Zwl3FtPLxZ4i06QGqBgCT+q3IiokYbTF9a5TK5NGjAx9iCi6ODKA
zsMlPxDk8to0QHGLE9/PTvVFsIWCbCiww1MH3/vHWHTfvnodHf5C594bIMJl9HDF
u1S9lHIjyASlPG1uzQqUTkUvZ9YW/bDy9KIHWqXQ9rqz8WUmZA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:34:07 2025 by rpki-client