Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa
File: 3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa (raw, json)
Hash identifier: vDN/SeXf41f5LZlz5auarmWzxTbXs15H7xuov3nUg9g=
Subject key identifier: 2D:3A:80:4A:AD:FF:13:E1:2A:45:00:D9:27:13:3B:A2:78:CB:B7:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0BAABF8F4A279F17C250BFBD9D608F77D6C40CCB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa
Signing time: Mon 01 Sep 2025 20:00:48 +0000
ROA not before: Mon 01 Sep 2025 20:00:48 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:40a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:aa:bf:8f:4a:27:9f:17:c2:50:bf:bd:9d:60:8f:77:d6:c4:0c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:00:48 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=9c530837fc17a032673f976cf1f978e6b36af4f616f25f0ed270e8d2b23b9ef7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f8:07:4c:09:44:14:17:af:31:1a:97:0e:81:
71:9d:99:c0:dc:52:ce:b5:a4:8c:c6:6d:eb:47:a5:
b1:65:c7:d7:bc:5c:8f:8a:99:b4:be:e8:a2:26:41:
bc:56:30:a3:e6:5f:63:cb:c4:bc:e1:42:49:6e:a3:
cb:e5:60:71:e8:32:ad:b4:56:aa:ab:08:4f:25:55:
1c:07:0c:b7:a8:7b:e8:9a:65:eb:80:90:91:63:c0:
42:a0:a0:29:46:f9:ac:ac:39:00:9d:f4:17:23:b0:
2b:42:80:c3:52:18:46:d7:b2:0a:b4:67:f1:ec:15:
67:67:76:f6:ab:9a:4b:a1:81:52:d7:57:e0:d4:78:
ee:8e:e6:ff:62:f4:48:d2:99:07:6a:ee:a9:1d:f9:
68:aa:1b:73:0f:5c:61:b8:a1:9c:c1:89:88:6d:3f:
bd:2f:82:93:28:1a:20:26:e6:26:9a:1a:89:3e:e8:
90:5a:47:3d:43:39:9f:5f:12:f5:da:9e:08:16:69:
e2:b9:d1:3f:16:3d:fe:d6:4f:d9:6b:4f:d3:f8:74:
ac:af:9c:61:65:5b:14:c6:86:56:8b:b5:b9:df:aa:
23:db:e2:e4:84:07:fe:24:49:81:4c:17:e3:82:b4:
bf:c0:d3:88:56:03:ff:28:86:45:0c:32:a8:f5:28:
01:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:3A:80:4A:AD:FF:13:E1:2A:45:00:D9:27:13:3B:A2:78:CB:B7:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:40a0::/48
Signature Algorithm: sha256WithRSAEncryption
4b:52:11:fc:cc:62:b0:f2:12:e0:50:4c:fe:fb:46:74:31:24:
05:c2:4a:62:b5:1b:58:11:2e:25:32:45:be:fe:3c:11:38:64:
10:70:35:f6:14:75:d9:67:b0:15:57:16:72:52:64:12:f5:ab:
a0:54:0a:24:fe:6e:80:aa:7f:40:4f:af:4c:6a:d8:07:12:6a:
8e:10:d9:ff:96:f2:2e:a6:bc:be:1b:7f:c3:80:63:1f:69:64:
fb:28:69:14:42:81:50:4a:8b:07:ab:e5:e0:e4:c2:0b:50:a7:
40:74:58:5b:3b:71:91:64:ca:94:e1:63:66:41:c2:f8:c1:93:
dc:f8:4b:e1:7c:24:cb:b8:2b:a1:12:b2:76:be:71:4d:b3:8e:
ef:5a:87:57:1f:7d:f9:84:81:48:64:67:da:ef:01:24:16:22:
f4:8a:7b:03:5c:92:90:a5:1e:4b:6b:cc:15:5e:d8:cf:bd:be:
ad:20:34:d4:6b:0a:ad:22:70:e9:57:2a:30:b2:0b:c4:35:f3:
74:07:73:13:91:cc:e9:91:6d:fb:4c:ad:56:5a:62:cb:fc:8f:
1a:16:f3:90:c4:95:01:6e:3f:69:82:83:d5:a3:01:75:c6:8b:
dd:cd:d8:4d:fa:35:05:45:3f:7d:c1:cc:c4:18:3c:65:7b:72:
cb:be:04:e6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUC6q/j0onnxfCUL+9nWCPd9bEDMswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDAwNDhaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDljNTMwODM3ZmMxN2EwMzI2NzNmOTc2Y2YxZjk3OGU2YjM2YWY0ZjYxNmYy
NWYwZWQyNzBlOGQyYjIzYjllZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOX4B0wJRBQXrzEalw6BcZ2ZwNxSzrWkjMZt60elsWXH17xcj4qZtL7ooiZB
vFYwo+ZfY8vEvOFCSW6jy+VgcegyrbRWqqsITyVVHAcMt6h76Jpl64CQkWPAQqCg
KUb5rKw5AJ30FyOwK0KAw1IYRteyCrRn8ewVZ2d29quaS6GBUtdX4NR47o7m/2L0
SNKZB2ruqR35aKobcw9cYbihnMGJiG0/vS+CkygaICbmJpoaiT7okFpHPUM5n18S
9dqeCBZp4rnRPxY9/tZP2WtP0/h0rK+cYWVbFMaGVou1ud+qI9vi5IQH/iRJgUwX
44K0v8DTiFYD/yiGRQwyqPUoAWMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQtOoBK
rf8T4SpFANknEzuieMu36DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2RiNjZjODgtMGJiMC00NGQ2LWI2YTAtYWQ3ZGQwODczYzU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
oDANBgkqhkiG9w0BAQsFAAOCAQEAS1IR/MxisPIS4FBM/vtGdDEkBcJKYrUbWBEu
JTJFvv48EThkEHA19hR12WewFVcWclJkEvWroFQKJP5ugKp/QE+vTGrYBxJqjhDZ
/5byLqa8vht/w4BjH2lk+yhpFEKBUEqLB6vl4OTCC1CnQHRYWztxkWTKlOFjZkHC
+MGT3PhL4Xwky7groRKydr5xTbOO71qHVx99+YSBSGRn2u8BJBYi9Ip7A1ySkKUe
S2vMFV7Yz72+rSA01GsKrSJw6VcqMLILxDXzdAdzE5HM6ZFt+0ytVlpiy/yPGhbz
kMSVAW4/aYKD1aMBdcaL3c3YTfo1BUU/fcHMxBg8ZXtyy74E5g==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:03 2025 by rpki-client