Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
File: 3f1caa71-8276-42c2-bf3a-470ac560fb89.roa (raw, json)
Hash identifier: ff0z9Ddbc2yWnG6zddeVedmKriTAMYjd5znSG1/4WS8=
Subject key identifier: C3:03:34:C1:55:EA:8B:3C:13:2F:6F:60:35:A6:6B:87:CF:B6:1E:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C5BA027C37AD1CCAE71123683855848974773FF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
Signing time: Mon 01 Sep 2025 21:20:14 +0000
ROA not before: Mon 01 Sep 2025 21:20:14 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:5b:a0:27:c3:7a:d1:cc:ae:71:12:36:83:85:58:48:97:47:73:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:20:14 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=1d246cf9f3e063e27f8c603512c75b06f684296fbf549436f55ca97b4f2d09b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8f:fd:ec:55:1b:dd:62:d6:6a:fd:62:c2:e9:
4e:11:0a:be:fd:11:a6:56:39:56:dd:c8:9a:33:ff:
d1:57:27:87:78:84:7e:70:73:be:d3:da:a7:4f:0d:
f1:9b:79:3e:e5:dc:8c:d0:e4:94:7d:a3:f5:cd:fe:
bd:a4:40:73:2c:09:1e:aa:a9:43:f6:04:5f:9d:b4:
04:61:f2:11:c1:f1:35:7e:43:03:34:69:33:0e:4f:
2e:b0:3c:5e:b6:3d:c7:56:b4:f4:02:af:98:d6:42:
38:0f:b2:f3:3e:e7:b8:07:53:e0:a7:ed:a4:14:39:
82:14:b5:bc:f2:04:12:f8:f5:65:34:53:48:f2:84:
ee:b9:1c:38:d8:fe:e1:7f:f0:16:41:82:33:c2:34:
70:cd:47:28:97:93:c5:69:25:13:b5:f5:53:da:3d:
0f:3a:e3:b6:f1:c9:dc:d2:7f:86:fd:28:8c:7c:81:
06:7b:de:60:4d:da:32:ce:3e:46:c5:42:45:54:f0:
b5:7f:28:26:e2:0b:0b:93:64:e8:23:af:0a:ac:36:
8b:3a:08:5e:2a:00:f1:55:56:cf:dc:c5:b7:0d:cf:
9b:72:77:bf:1a:6f:27:25:b7:d1:91:50:57:ba:cb:
dc:ae:f0:8b:d4:2b:8a:55:7b:cf:bb:40:dd:ef:43:
d0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:03:34:C1:55:EA:8B:3C:13:2F:6F:60:35:A6:6B:87:CF:B6:1E:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d::/37
Signature Algorithm: sha256WithRSAEncryption
9f:05:73:65:16:50:dc:bb:23:93:ea:75:13:77:2a:b2:29:cd:
9a:e3:d0:7c:dd:7d:df:5e:28:e2:f4:19:84:9e:83:0b:23:fd:
e4:b4:f4:44:8c:75:2f:51:3d:db:3f:7b:7c:5b:b4:a0:66:d9:
26:24:31:53:7e:08:c0:e5:fd:ae:a2:16:c9:69:76:25:a2:cb:
be:1d:65:4b:5e:b9:3a:aa:08:89:89:a2:96:11:69:27:34:0f:
8d:28:e2:f7:13:56:39:30:34:53:a1:1f:4b:80:f1:c2:7c:32:
49:eb:f4:0a:c8:b8:74:fe:b3:ff:2e:dd:99:c9:6c:cd:8e:a4:
de:60:be:38:7a:0d:68:6f:d0:38:d7:c8:88:a6:6e:07:b6:44:
1c:33:99:76:d4:89:c3:8d:77:7b:6e:05:a3:09:01:82:b8:37:
61:a5:45:94:08:b1:aa:3d:14:19:59:9d:b4:ca:8a:f0:8a:a9:
f0:c0:b3:6f:f5:78:db:7a:16:76:88:9c:93:56:2e:25:f8:90:
f5:8b:11:9a:64:05:f0:1a:84:45:d7:00:a2:6c:3f:c4:79:1d:
eb:b3:dc:63:30:cd:9b:ee:06:3f:87:78:3a:5e:b9:b6:cc:d4:
34:8b:8e:0a:08:09:7c:6e:c5:00:e1:77:3f:2b:c5:c5:c0:da:
b0:b4:2d:aa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPFugJ8N60cyucRI2g4VYSJdHc/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIwMTRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkMjQ2Y2Y5ZjNlMDYzZTI3ZjhjNjAzNTEyYzc1YjA2ZjY4NDI5NmZiZjU0
OTQzNmY1NWNhOTdiNGYyZDA5YjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSP/exVG91i1mr9YsLpThEKvv0RplY5Vt3ImjP/0Vcnh3iEfnBzvtPap08N
8Zt5PuXcjNDklH2j9c3+vaRAcywJHqqpQ/YEX520BGHyEcHxNX5DAzRpMw5PLrA8
XrY9x1a09AKvmNZCOA+y8z7nuAdT4KftpBQ5ghS1vPIEEvj1ZTRTSPKE7rkcONj+
4X/wFkGCM8I0cM1HKJeTxWklE7X1U9o9DzrjtvHJ3NJ/hv0ojHyBBnveYE3aMs4+
RsVCRVTwtX8oJuILC5Nk6COvCqw2izoIXioA8VVWz9zFtw3Pm3J3vxpvJyW30ZFQ
V7rL3K7wi9QrilV7z7tA3e9D0DkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTDAzTB
VeqLPBMvb2A1pmuHz7YeFDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2YxY2FhNzEtODI3Ni00MmMyLWJmM2EtNDcwYWM1NjBmYjg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0A
MA0GCSqGSIb3DQEBCwUAA4IBAQCfBXNlFlDcuyOT6nUTdyqyKc2a49B83X3fXiji
9BmEnoMLI/3ktPREjHUvUT3bP3t8W7SgZtkmJDFTfgjA5f2uohbJaXYlosu+HWVL
Xrk6qgiJiaKWEWknNA+NKOL3E1Y5MDRToR9LgPHCfDJJ6/QKyLh0/rP/Lt2ZyWzN
jqTeYL44eg1ob9A418iIpm4HtkQcM5l21InDjXd7bgWjCQGCuDdhpUWUCLGqPRQZ
WZ20yorwiqnwwLNv9XjbehZ2iJyTVi4l+JD1ixGaZAXwGoRF1wCibD/EeR3rs9xj
MM2b7gY/h3g6Xrm2zNQ0i44KCAl8bsUA4Xc/K8XFwNqwtC2q
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:09:22 2025 by rpki-client