Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
File: 3f1caa71-8276-42c2-bf3a-470ac560fb89.roa (raw, json)
Hash identifier: RCq/J3y/5mUFsVa6YSLpFjqM0CMF6VUr5eJ+qgLdR6A=
Subject key identifier: 76:D8:FB:BA:2B:35:D6:FF:97:EE:58:E6:BC:70:DF:75:30:F5:75:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5FE84946E7C544E32C2BE1BB7C7D4F7F49553DE0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
Signing time: Fri 11 Jul 2025 20:50:05 +0000
ROA not before: Fri 11 Jul 2025 20:50:05 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:e8:49:46:e7:c5:44:e3:2c:2b:e1:bb:7c:7d:4f:7f:49:55:3d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:50:05 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=2a9f3c3b828fbe167fe68607836298f41ab1e0dd8fb623dc49e529f0e67d52c3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:33:82:20:9e:25:a9:d1:85:16:09:cf:04:b2:
8f:6d:bf:68:e8:04:32:39:a8:f1:95:ae:63:4b:c1:
5e:b6:ce:98:1a:9c:26:86:40:fc:4c:bd:67:d6:c4:
47:8e:25:a2:3e:ab:42:cc:75:39:16:89:7a:ee:3f:
45:cf:b8:75:a3:b9:83:4e:63:e6:b1:87:13:5f:5e:
04:9e:29:aa:29:ee:0f:4f:02:a2:b9:0e:16:c7:01:
c7:a7:d9:cb:48:06:ec:6f:cf:49:f1:33:bf:65:f2:
a5:e2:da:d5:57:ea:83:a1:de:88:43:f4:89:b2:8a:
31:93:f7:9e:11:f9:36:80:b2:92:d1:6f:75:35:9f:
c8:c0:b9:ed:2a:71:a4:ae:73:4b:fb:87:e9:88:73:
ee:28:27:e9:b7:c7:31:27:c7:01:62:ec:87:8b:ee:
4b:0c:98:a3:d6:03:5d:f4:3e:70:ae:dc:16:06:fe:
2c:98:44:c4:8c:39:83:dd:a8:d8:6d:52:f5:81:e0:
ec:1e:c0:d2:0b:b8:0f:7c:92:8d:7b:5e:2b:c6:bd:
29:55:13:ad:c4:bf:60:a7:72:f8:6f:f8:b8:e4:1a:
71:90:af:f2:18:62:a3:66:69:1c:63:f7:38:f5:90:
f4:83:f6:06:b2:b3:04:6b:24:51:04:f4:de:0f:a8:
d0:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D8:FB:BA:2B:35:D6:FF:97:EE:58:E6:BC:70:DF:75:30:F5:75:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d::/37
Signature Algorithm: sha256WithRSAEncryption
93:18:45:69:a0:a1:73:93:2b:42:7c:46:36:78:78:b3:cf:88:
0c:5f:f7:46:fc:0e:94:36:c1:5c:c0:b7:f8:a5:4f:cd:d8:20:
96:02:03:6a:8f:e9:7d:ca:6f:2d:6f:c7:fb:4b:cc:5e:4c:ba:
56:57:23:68:85:66:d6:2a:7d:45:3c:2e:00:08:a9:c4:a0:06:
74:2e:c6:13:eb:80:df:06:07:8f:d1:28:56:97:84:2c:6f:34:
3e:3e:a0:a9:37:55:ff:b5:89:ed:35:7e:be:a7:3e:b8:f5:fb:
6c:41:31:19:ad:3f:57:6b:21:41:ae:4d:43:11:12:3d:ac:aa:
86:3b:25:2b:9b:e0:cf:a9:91:8d:e6:4b:03:a6:10:be:fb:e7:
5b:c3:61:a3:73:20:18:5c:8a:5d:83:98:bb:4a:66:ab:51:d9:
9c:a6:b2:3c:19:0f:d5:df:04:1e:8e:56:0c:d9:f9:6f:14:fb:
fc:36:54:23:f2:92:af:4a:48:f5:b0:59:b8:24:e5:5b:67:9b:
43:c2:c6:ca:0c:12:11:90:c6:5f:3c:a2:5e:37:58:da:ab:5e:
f1:60:33:c9:c1:e5:28:d6:46:49:05:f3:2e:10:81:b9:0a:f6:
1f:4e:ac:ab:b1:3a:f2:a0:c5:b5:91:a5:04:a2:cf:9a:c2:5a:
4f:d5:2d:d6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX+hJRufFROMsK+G7fH1Pf0lVPeAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDUwMDVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhOWYzYzNiODI4ZmJlMTY3ZmU2ODYwNzgzNjI5OGY0MWFiMWUwZGQ4ZmI2
MjNkYzQ5ZTUyOWYwZTY3ZDUyYzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKszgiCeJanRhRYJzwSyj22/aOgEMjmo8ZWuY0vBXrbOmBqcJoZA/Ey9Z9bE
R44loj6rQsx1ORaJeu4/Rc+4daO5g05j5rGHE19eBJ4pqinuD08CorkOFscBx6fZ
y0gG7G/PSfEzv2XypeLa1Vfqg6HeiEP0ibKKMZP3nhH5NoCyktFvdTWfyMC57Spx
pK5zS/uH6Yhz7ign6bfHMSfHAWLsh4vuSwyYo9YDXfQ+cK7cFgb+LJhExIw5g92o
2G1S9YHg7B7A0gu4D3ySjXteK8a9KVUTrcS/YKdy+G/4uOQacZCv8hhio2ZpHGP3
OPWQ9IP2BrKzBGskUQT03g+o0BcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR22Pu6
KzXW/5fuWOa8cN91MPV1yjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2YxY2FhNzEtODI3Ni00MmMyLWJmM2EtNDcwYWM1NjBmYjg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0A
MA0GCSqGSIb3DQEBCwUAA4IBAQCTGEVpoKFzkytCfEY2eHizz4gMX/dG/A6UNsFc
wLf4pU/N2CCWAgNqj+l9ym8tb8f7S8xeTLpWVyNohWbWKn1FPC4ACKnEoAZ0LsYT
64DfBgeP0ShWl4QsbzQ+PqCpN1X/tYntNX6+pz649ftsQTEZrT9XayFBrk1DERI9
rKqGOyUrm+DPqZGN5ksDphC+++dbw2GjcyAYXIpdg5i7SmarUdmcprI8GQ/V3wQe
jlYM2flvFPv8NlQj8pKvSkj1sFm4JOVbZ5tDwsbKDBIRkMZfPKJeN1jaq17xYDPJ
weUo1kZJBfMuEIG5CvYfTqyrsTryoMW1kaUEos+awlpP1S3W
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:37 2025 by rpki-client