Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ca8b07f-9b0c-4146-bf64-26b25078ba32.roa
File: 3ca8b07f-9b0c-4146-bf64-26b25078ba32.roa (raw, json)
Hash identifier: yItG2DoWo52IJxS2bUUqzzI1r017VFY8RBFB7g9Lpq8=
Subject key identifier: 6C:C8:B5:06:A8:8E:46:AB:AE:D2:9E:1E:23:B8:69:57:03:75:C8:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6945EF97B8DFAE45AFFF02A3EEF11054CEAAF748
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ca8b07f-9b0c-4146-bf64-26b25078ba32.roa
Signing time: Fri 11 Jul 2025 20:00:47 +0000
ROA not before: Fri 11 Jul 2025 20:00:47 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:1080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:45:ef:97:b8:df:ae:45:af:ff:02:a3:ee:f1:10:54:ce:aa:f7:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:00:47 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=8175c57cb5308c22b2faf98553f6f8f95ad001b93bef66c0dac1af3f87249290, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6d:6a:ad:40:82:8b:bd:79:8f:10:07:49:e8:
97:2f:63:79:30:48:06:d1:70:44:92:06:3c:10:27:
7a:1e:e8:02:9a:76:27:a8:31:85:1d:5d:2b:f7:5c:
60:93:d0:f0:e3:2d:f6:01:7f:77:c6:92:f9:62:80:
b4:99:2b:5e:ec:50:70:fe:9d:a1:df:b2:88:aa:e7:
fe:ad:23:77:b5:ef:eb:73:2e:13:2c:58:a9:59:c5:
36:e3:69:9f:73:eb:54:b4:2d:a5:31:26:16:66:38:
93:69:58:1f:fb:33:d7:da:c1:d8:c8:b5:a9:d9:08:
5c:24:35:54:f8:03:f3:0e:e5:ed:28:bd:2c:54:9b:
31:69:41:8c:03:49:f8:3a:33:26:44:2c:dd:e6:7a:
d1:e7:dc:8a:89:45:9b:8e:32:3e:ca:5f:c1:6b:8f:
d8:c9:de:3a:ee:07:3d:e0:c5:2b:aa:a4:15:f4:a7:
3a:f0:3e:12:6f:98:3d:e8:cd:2a:a8:2f:15:55:32:
22:bf:e6:fd:84:d9:23:0c:89:ad:5d:7e:a9:fd:5f:
7e:0a:c9:fa:fd:4a:c3:70:9a:18:54:32:22:94:6a:
23:b6:33:4e:ad:55:20:d3:3a:15:d1:b8:39:38:44:
29:ce:0f:4f:18:06:98:9c:5e:ea:aa:31:94:8a:4c:
72:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C8:B5:06:A8:8E:46:AB:AE:D2:9E:1E:23:B8:69:57:03:75:C8:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ca8b07f-9b0c-4146-bf64-26b25078ba32.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:1080::/46
Signature Algorithm: sha256WithRSAEncryption
bd:3e:44:5f:7d:a0:c5:25:89:a3:fb:cc:54:5a:39:f5:2d:ba:
32:7c:fb:82:bf:72:f0:f5:81:31:e8:74:67:34:ec:f6:75:69:
c1:ac:5e:b1:e1:7a:2d:a8:90:9c:ad:b3:a5:6a:f0:1e:bc:a1:
0e:d2:68:73:5e:3c:7e:6a:0c:de:9d:ce:8a:7e:5f:ed:4b:25:
35:c9:8e:17:a6:66:33:01:2e:14:c6:ef:90:a0:ca:5a:f3:af:
12:d9:95:b8:25:3a:cd:76:96:6f:2c:02:95:ec:78:fc:d1:7f:
7c:e9:40:58:f2:00:12:58:5d:99:d9:63:cd:25:58:17:95:fc:
9b:e5:d6:1d:72:a8:e7:bf:3e:28:86:de:c0:b2:f3:3b:6a:8c:
0a:49:7e:55:97:1c:8f:4b:6e:5b:bc:7a:93:c4:4d:ba:4f:14:
89:60:b5:51:b8:6c:cb:78:c3:72:ed:b4:bc:e0:0e:ba:84:2e:
af:41:c6:27:11:58:1b:36:c3:22:0b:2d:8a:02:99:ad:e6:fe:
9b:a6:97:e4:e7:94:c9:11:de:28:1b:97:d6:35:fc:5b:50:01:
a5:4d:1a:ea:06:98:22:14:4f:db:13:8c:d4:59:ec:5e:2b:96:
13:97:53:17:11:ce:50:bb:e6:14:6a:72:db:9d:bd:f4:3c:1f:
85:d4:3f:72
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaUXvl7jfrkWv/wKj7vEQVM6q90gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAwNDdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxNzVjNTdjYjUzMDhjMjJiMmZhZjk4NTUzZjZmOGY5NWFkMDAxYjkzYmVm
NjZjMGRhYzFhZjNmODcyNDkyOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5taq1Agou9eY8QB0noly9jeTBIBtFwRJIGPBAneh7oApp2J6gxhR1dK/dc
YJPQ8OMt9gF/d8aS+WKAtJkrXuxQcP6dod+yiKrn/q0jd7Xv63MuEyxYqVnFNuNp
n3PrVLQtpTEmFmY4k2lYH/sz19rB2Mi1qdkIXCQ1VPgD8w7l7Si9LFSbMWlBjANJ
+DozJkQs3eZ60efciolFm44yPspfwWuP2MneOu4HPeDFK6qkFfSnOvA+Em+YPejN
KqgvFVUyIr/m/YTZIwyJrV1+qf1ffgrJ+v1Kw3CaGFQyIpRqI7YzTq1VINM6FdG4
OThEKc4PTxgGmJxe6qoxlIpMckcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRsyLUG
qI5Gq67Snh4juGlXA3XIITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2NhOGIwN2YtOWIwYy00MTQ2LWJmNjQtMjZiMjUwNzhiYTMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HsQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAvT5EX32gxSWJo/vMVFo59S26Mnz7gr9y8PWB
Meh0ZzTs9nVpwaxeseF6LaiQnK2zpWrwHryhDtJoc148fmoM3p3Oin5f7UslNcmO
F6ZmMwEuFMbvkKDKWvOvEtmVuCU6zXaWbywClex4/NF/fOlAWPIAElhdmdljzSVY
F5X8m+XWHXKo578+KIbewLLzO2qMCkl+VZccj0tuW7x6k8RNuk8UiWC1Ubhsy3jD
cu20vOAOuoQur0HGJxFYGzbDIgstigKZreb+m6aX5OeUyRHeKBuX1jX8W1ABpU0a
6gaYIhRP2xOM1FnsXiuWE5dTFxHOULvmFGpy25299DwfhdQ/cg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:35:55 2025 by rpki-client