Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
File: 3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa (raw, json)
Hash identifier: TdU6sJcibAsKGV3cRLopIOhBXlryNEeuxXWgrradm+A=
Subject key identifier: D1:6A:C6:BA:2C:EA:77:21:38:1B:59:DC:34:30:24:9C:84:A5:B1:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D5CF494BCD685ABC09E4E9C1104EE86EAFE2B80
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
Signing time: Mon 01 Sep 2025 20:20:05 +0000
ROA not before: Mon 01 Sep 2025 20:20:05 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:5c:f4:94:bc:d6:85:ab:c0:9e:4e:9c:11:04:ee:86:ea:fe:2b:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:20:05 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=ed55e7e5f5cca3468ed72628f86cec23b3eba7b26e1a42f460617f82884b25ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:81:93:c3:12:5b:07:0b:03:70:60:65:2e:eb:
97:57:f2:1a:1f:1e:ce:ca:de:23:3a:80:5a:27:20:
de:a3:f4:c4:6d:eb:67:0a:6b:61:06:7f:65:da:81:
13:8e:1e:9b:a9:a3:75:0c:02:2e:bd:5c:83:c8:bc:
8c:cb:91:68:e6:d3:3c:0d:73:9f:63:12:8c:65:83:
66:89:e5:3a:d7:02:38:32:21:61:24:9d:61:a1:80:
77:db:09:55:06:1a:75:75:22:ae:03:4f:90:a5:aa:
00:ec:47:56:0c:51:66:7d:52:25:d5:cd:4e:8f:63:
db:67:4a:a4:10:98:dc:eb:1f:7d:01:ed:c0:37:2a:
11:c9:c8:59:1e:bf:94:35:fd:b8:03:50:be:85:cd:
7d:61:ff:93:ea:62:c3:36:06:85:fb:11:a2:76:34:
32:d7:ed:1c:08:cb:20:08:2b:d1:81:84:c9:a6:bc:
cb:80:ea:8d:8a:da:3e:77:b2:13:da:b0:93:d8:72:
bf:6d:86:f4:f7:a5:6a:23:f3:8b:86:20:42:f9:e2:
9c:ff:53:ec:2d:64:72:62:8c:c7:68:dc:31:30:a0:
6e:ce:1c:b8:4c:37:60:41:af:38:2a:2f:21:a1:ff:
0f:50:d8:28:04:0b:25:0a:ba:ee:f2:a5:66:94:d0:
82:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:6A:C6:BA:2C:EA:77:21:38:1B:59:DC:34:30:24:9C:84:A5:B1:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8040::/48
Signature Algorithm: sha256WithRSAEncryption
8a:87:cc:96:6e:21:77:f7:02:78:e7:af:98:75:80:25:12:02:
a0:10:51:03:1a:09:0b:d9:ee:3f:34:d9:5b:ed:05:ea:06:4c:
7b:eb:33:57:ee:dc:a2:c2:1a:d6:d5:ad:aa:4b:94:90:21:ad:
d7:97:ff:dc:36:42:28:e5:41:2f:63:59:df:9c:59:cd:3e:54:
ee:6d:2d:13:dc:cf:87:46:e4:1c:a2:6f:c1:ef:7d:3e:58:6e:
20:2a:fe:03:12:ea:0d:94:8a:f4:5a:bc:8a:db:1f:58:8f:0b:
82:c6:00:90:10:b9:7f:96:f7:fd:67:97:3f:ba:c0:10:fc:e6:
d7:60:f9:96:dc:06:1f:c6:dd:b7:b3:46:f9:18:1d:4d:e4:89:
14:29:39:a4:c8:f7:da:9d:c1:0f:f4:e9:4e:27:76:72:3d:08:
3b:93:b8:e4:53:77:30:30:36:6c:1e:00:df:bc:d4:19:cc:8c:
d6:75:48:b3:15:a6:c2:c1:d0:4f:16:9a:ba:d7:f1:36:96:98:
58:38:c3:f4:09:d2:88:4d:5b:68:b4:0c:75:c4:33:f6:99:a8:
c2:60:2c:6b:1a:21:22:7c:e5:28:4a:d1:73:91:c4:a6:13:5e:
ad:cd:88:3f:5b:18:7b:b0:a8:c4:28:75:7c:08:db:62:a1:ac:
1a:05:7a:49
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTVz0lLzWhavAnk6cEQTuhur+K4AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIwMDVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkNTVlN2U1ZjVjY2EzNDY4ZWQ3MjYyOGY4NmNlYzIzYjNlYmE3YjI2ZTFh
NDJmNDYwNjE3ZjgyODg0YjI1ZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWBk8MSWwcLA3BgZS7rl1fyGh8ezsreIzqAWicg3qP0xG3rZwprYQZ/ZdqB
E44em6mjdQwCLr1cg8i8jMuRaObTPA1zn2MSjGWDZonlOtcCODIhYSSdYaGAd9sJ
VQYadXUirgNPkKWqAOxHVgxRZn1SJdXNTo9j22dKpBCY3OsffQHtwDcqEcnIWR6/
lDX9uANQvoXNfWH/k+piwzYGhfsRonY0MtftHAjLIAgr0YGEyaa8y4DqjYraPney
E9qwk9hyv22G9PelaiPzi4YgQvninP9T7C1kcmKMx2jcMTCgbs4cuEw3YEGvOCov
IaH/D1DYKAQLJQq67vKlZpTQgtMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTRasa6
LOp3ITgbWdw0MCSchKWxPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Y1Y2MxY2EtMGRiYS00NGE3LThiYjMtZWZlODQ4Y2M3OWJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
QDANBgkqhkiG9w0BAQsFAAOCAQEAiofMlm4hd/cCeOevmHWAJRICoBBRAxoJC9nu
PzTZW+0F6gZMe+szV+7cosIa1tWtqkuUkCGt15f/3DZCKOVBL2NZ35xZzT5U7m0t
E9zPh0bkHKJvwe99PlhuICr+AxLqDZSK9Fq8itsfWI8LgsYAkBC5f5b3/WeXP7rA
EPzm12D5ltwGH8bdt7NG+RgdTeSJFCk5pMj32p3BD/TpTid2cj0IO5O45FN3MDA2
bB4A37zUGcyM1nVIsxWmwsHQTxaautfxNpaYWDjD9AnSiE1baLQMdcQz9pmowmAs
axohInzlKErRc5HEphNerc2IP1sYe7CoxCh1fAjbYqGsGgV6SQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:06 2025 by rpki-client