Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
File: 3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa (raw, json)
Hash identifier: oQceiN5iPjDQVh5e6Pe/2zAj6tpMHrZ+wWXep/rCTXA=
Subject key identifier: 1D:BF:D1:48:FB:F7:93:42:76:CE:CE:7B:FF:58:22:44:C6:45:AD:54
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1097BEEF49CC0916056BC958EDD08A62C854AC01
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
Signing time: Mon 01 Sep 2025 21:20:04 +0000
ROA not before: Mon 01 Sep 2025 21:20:04 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:97:be:ef:49:cc:09:16:05:6b:c9:58:ed:d0:8a:62:c8:54:ac:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:20:04 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=191d909cb73fb5a3fa5852ccd971bff0104870970ed2808715efa05e12fbcc74, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9f:df:7c:55:4a:39:3f:be:52:e2:94:3d:5c:
29:04:55:06:d5:ae:b6:72:0f:f9:82:2f:55:cd:29:
80:35:61:90:dd:d7:7d:4b:4c:12:01:bf:53:2d:66:
f5:ba:61:c0:b8:9b:a4:8f:27:8d:cc:ea:0d:52:39:
b1:a6:2e:20:52:cc:da:da:61:37:8f:2a:f6:df:24:
e5:a0:14:12:d8:d1:c7:e1:10:28:ef:26:b5:ee:d6:
fa:c2:39:c1:86:ca:8b:67:a9:e8:4b:ae:57:fe:c6:
67:d1:dc:de:93:90:18:17:77:bc:d9:33:26:c5:2e:
96:1d:97:32:6e:44:e4:36:a3:c3:83:4f:dc:33:de:
49:2b:83:9c:bd:18:23:23:ea:ec:e6:2a:8a:91:bf:
92:22:38:3f:ce:aa:03:5c:db:24:d8:50:87:1d:b7:
37:11:86:67:00:a4:69:17:ea:c7:4a:aa:5a:d8:dd:
a8:d0:84:cb:e5:4c:9e:6d:f5:72:41:46:85:99:d5:
33:39:5b:4e:c8:96:88:47:ad:ea:0f:e6:84:5b:0c:
ea:a9:0e:ee:9a:d3:64:b7:43:9d:7e:49:8a:2d:40:
34:4f:4e:01:d4:ce:d8:19:41:17:19:0b:86:03:05:
01:b6:48:5b:ac:0c:c2:8a:b1:91:10:fc:e0:9b:de:
b3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:BF:D1:48:FB:F7:93:42:76:CE:CE:7B:FF:58:22:44:C6:45:AD:54
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/38
Signature Algorithm: sha256WithRSAEncryption
a1:ef:b2:d1:31:14:ab:b1:2e:59:24:cd:fa:64:d1:44:da:78:
3c:ca:0a:d5:6f:91:32:70:16:fd:9e:12:bd:04:63:c9:b1:da:
66:d1:3e:06:8a:6e:1d:e5:66:b7:66:e6:7f:56:7e:ed:c1:4e:
fc:d4:fd:09:0a:25:79:ab:21:1f:bc:7f:29:24:91:fb:56:75:
5f:38:5a:85:d5:ad:97:5c:40:5d:24:e4:e9:15:38:4e:22:06:
b1:87:84:b7:f5:4e:5a:4d:2e:4c:6f:ba:77:12:39:3d:df:8c:
ed:4c:fb:90:8d:f6:67:95:50:55:d3:fc:d8:bb:20:73:71:50:
f3:5f:21:44:96:43:37:28:dc:bb:3c:d8:ba:98:8c:60:92:fe:
33:f9:1a:80:52:b5:48:1f:7d:d4:c4:8d:eb:61:27:6e:5e:4c:
94:8b:1e:fb:63:b9:f5:7e:6b:bc:91:bf:7a:24:d1:83:38:f1:
a6:ad:ae:e1:7a:82:da:37:31:ad:ab:35:45:d8:6a:49:74:52:
f9:45:fb:43:ff:e8:53:6b:8a:d4:93:f7:b1:84:b7:fa:fa:57:
e9:52:b2:53:54:30:ef:1d:87:25:08:31:96:40:59:16:68:5c:
15:c6:48:f4:90:9c:71:64:0d:cf:4c:2d:52:9e:54:0b:71:b1:
a4:95:64:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEJe+70nMCRYFa8lY7dCKYshUrAEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIwMDRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5MWQ5MDljYjczZmI1YTNmYTU4NTJjY2Q5NzFiZmYwMTA0ODcwOTcwZWQy
ODA4NzE1ZWZhMDVlMTJmYmNjNzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANWf33xVSjk/vlLilD1cKQRVBtWutnIP+YIvVc0pgDVhkN3XfUtMEgG/Uy1m
9bphwLibpI8njczqDVI5saYuIFLM2tphN48q9t8k5aAUEtjRx+EQKO8mte7W+sI5
wYbKi2ep6EuuV/7GZ9Hc3pOQGBd3vNkzJsUulh2XMm5E5Dajw4NP3DPeSSuDnL0Y
IyPq7OYqipG/kiI4P86qA1zbJNhQhx23NxGGZwCkaRfqx0qqWtjdqNCEy+VMnm31
ckFGhZnVMzlbTsiWiEet6g/mhFsM6qkO7prTZLdDnX5Jii1ANE9OAdTO2BlBFxkL
hgMFAbZIW6wMwoqxkRD84JveswkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQdv9FI
+/eTQnbOznv/WCJExkWtVDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2NmN2FlOWQtZDg2My00ZGIyLTk2MzUtZmI4NjQ3OWNmMDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQCh77LRMRSrsS5ZJM36ZNFE2ng8ygrVb5EycBb9
nhK9BGPJsdpm0T4Gim4d5Wa3ZuZ/Vn7twU781P0JCiV5qyEfvH8pJJH7VnVfOFqF
1a2XXEBdJOTpFThOIgaxh4S39U5aTS5Mb7p3Ejk934ztTPuQjfZnlVBV0/zYuyBz
cVDzXyFElkM3KNy7PNi6mIxgkv4z+RqAUrVIH33UxI3rYSduXkyUix77Y7n1fmu8
kb96JNGDOPGmra7heoLaNzGtqzVF2GpJdFL5RftD/+hTa4rUk/exhLf6+lfpUrJT
VDDvHYclCDGWQFkWaFwVxkj0kJxxZA3PTC1SnlQLcbGklWSG
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:29 2025 by rpki-client