Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
File: 9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa (raw, json)
Hash identifier: 0tkfeatS2u0N0sQkOn41WCL+WR37Ialwdy5YdW+qy2w=
Subject key identifier: 8F:2E:CE:E0:03:7B:77:85:EF:40:73:9F:C3:99:EA:9F:6D:E9:54:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A154C94BCA097A1E31FD36FEF73FC4D0EFBB688
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
Signing time: Fri 11 Jul 2025 19:20:40 +0000
ROA not before: Fri 11 Jul 2025 19:20:40 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:15:4c:94:bc:a0:97:a1:e3:1f:d3:6f:ef:73:fc:4d:0e:fb:b6:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:20:40 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=446c1e27381d670efc28f108f0c66e9f689850bce8fd2b9887f02564570cc215, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:39:12:68:fb:f8:4a:aa:11:fb:75:fd:e0:d3:
84:1d:b6:73:2d:4a:0e:0b:08:6e:e7:e7:fc:ba:60:
35:2b:d0:68:46:48:61:ec:ce:f9:a7:03:81:0e:29:
d0:e8:0d:99:74:98:08:b1:f2:e7:e6:41:4a:ac:cb:
43:9f:9b:9d:ca:a7:e9:c8:cc:ff:dc:6a:bd:4c:5f:
09:73:e7:86:a2:de:af:29:9c:6d:19:e9:9b:6b:78:
c4:e0:59:55:ec:bd:f7:e3:0a:a6:84:ed:cc:f1:98:
79:cc:ed:b5:7f:27:0c:90:4b:02:6a:06:67:38:72:
0b:1d:3c:d4:a7:ba:51:8e:35:08:a3:42:9d:f0:2d:
55:9c:46:b1:18:fc:e5:ac:3f:16:32:2a:62:99:6e:
cb:a7:a2:46:27:51:36:5d:92:56:eb:c6:5c:c8:fc:
51:75:72:f2:02:a7:82:b0:95:48:65:7e:ab:31:a8:
83:e8:73:5a:53:95:6d:14:b9:8f:29:73:4e:fc:8f:
aa:ff:21:2c:fc:0c:37:39:50:e3:c5:38:26:cb:ab:
62:b5:c5:da:95:81:27:8b:09:ba:be:14:5e:7e:6b:
54:b8:c9:e5:e5:eb:76:60:d8:51:7a:0e:48:7e:27:
b4:ba:09:ff:38:76:94:ca:91:53:80:9a:da:3d:9e:
bc:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:2E:CE:E0:03:7B:77:85:EF:40:73:9F:C3:99:EA:9F:6D:E9:54:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a000::/40
Signature Algorithm: sha256WithRSAEncryption
98:12:4e:43:5f:8c:b5:31:41:fc:39:5c:db:b4:0a:9f:18:c9:
7e:44:bd:d1:6b:fb:a5:ac:17:f3:b9:c0:ad:ba:4c:7e:a4:63:
ae:24:41:d8:56:58:19:27:a0:fa:0b:9d:ae:7a:44:9e:a5:fc:
88:3a:3d:3d:87:49:4b:5f:51:6b:7b:fd:61:0d:79:b8:d1:57:
38:20:45:78:73:11:7b:8e:5b:89:98:f3:28:13:44:0c:d3:86:
8a:4d:19:c0:27:e0:f8:24:39:fc:95:6a:3f:91:11:c7:dd:41:
fb:7e:c9:55:7d:bf:f0:69:35:bc:ae:db:07:56:ea:70:7b:cd:
ce:f0:f8:8d:10:0e:c3:1b:b5:c3:43:73:6f:d8:60:c4:47:45:
ad:2e:b7:56:69:b0:e2:4c:d0:a2:3e:d3:75:fc:27:f8:bc:b0:
7e:65:df:6d:c4:97:a0:aa:29:7d:4e:28:6e:fc:cc:b9:a5:e5:
f2:1a:e3:d2:a2:3a:f6:b1:29:3d:49:58:49:c6:20:7b:bd:d7:
56:f4:fe:8b:0b:df:fe:7d:f2:ff:b4:80:e1:3b:1e:d6:a4:c2:
cb:5c:10:bc:86:c6:2d:4c:e5:f5:12:35:f3:bb:fe:31:68:a4:
f2:48:c5:3a:b8:4f:a3:20:7c:64:e6:04:7d:14:0f:f8:5a:62:
65:25:03:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOhVMlLygl6HjH9Nv73P8TQ77togwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIwNDBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0NmMxZTI3MzgxZDY3MGVmYzI4ZjEwOGYwYzY2ZTlmNjg5ODUwYmNlOGZk
MmI5ODg3ZjAyNTY0NTcwY2MyMTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQ5Emj7+EqqEft1/eDThB22cy1KDgsIbufn/LpgNSvQaEZIYezO+acDgQ4p
0OgNmXSYCLHy5+ZBSqzLQ5+bncqn6cjM/9xqvUxfCXPnhqLerymcbRnpm2t4xOBZ
Vey99+MKpoTtzPGYeczttX8nDJBLAmoGZzhyCx081Ke6UY41CKNCnfAtVZxGsRj8
5aw/FjIqYpluy6eiRidRNl2SVuvGXMj8UXVy8gKngrCVSGV+qzGog+hzWlOVbRS5
jylzTvyPqv8hLPwMNzlQ48U4JsurYrXF2pWBJ4sJur4UXn5rVLjJ5eXrdmDYUXoO
SH4ntLoJ/zh2lMqRU4Ca2j2evN8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSPLs7g
A3t3he9Ac5/DmeqfbelU1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZkOTg3ZmEtMzBlOC00MGJjLTg5YzItZDg5NzA1ZDVmYjgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACg
MA0GCSqGSIb3DQEBCwUAA4IBAQCYEk5DX4y1MUH8OVzbtAqfGMl+RL3Ra/ulrBfz
ucCtukx+pGOuJEHYVlgZJ6D6C52uekSepfyIOj09h0lLX1Fre/1hDXm40Vc4IEV4
cxF7jluJmPMoE0QM04aKTRnAJ+D4JDn8lWo/kRHH3UH7fslVfb/waTW8rtsHVupw
e83O8PiNEA7DG7XDQ3Nv2GDER0WtLrdWabDiTNCiPtN1/Cf4vLB+Zd9txJegqil9
Tihu/My5peXyGuPSojr2sSk9SVhJxiB7vddW9P6LC9/+ffL/tIDhOx7WpMLLXBC8
hsYtTOX1EjXzu/4xaKTySMU6uE+jIHxk5gR9FA/4WmJlJQN0
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:46:28 2025 by rpki-client