Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
File: 8cfa3133-8fd4-4816-ad14-c49146075f82.roa (raw, json)
Hash identifier: 8l4ZsSTmBLRhzUQ/rKgcQyKE7AuqI46vTkr9Dt8u774=
Subject key identifier: CC:C9:24:58:9F:B8:F5:EA:4C:60:2C:36:8E:B6:E1:7D:F6:23:7D:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F771D63DF3487CA0C6A953F027B1B7A1ED18CDE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
Signing time: Mon 01 Sep 2025 20:10:17 +0000
ROA not before: Mon 01 Sep 2025 20:10:17 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:77:1d:63:df:34:87:ca:0c:6a:95:3f:02:7b:1b:7a:1e:d1:8c:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:10:17 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=769f5cfe1cdcba9775361ec22b62244d96374d3d660cbaaad08be8f90a89d9a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:0b:14:58:88:02:d6:89:b0:31:31:19:e8:22:
c7:53:46:6a:e3:7a:22:72:74:ab:72:dd:6b:cf:f5:
9f:f6:fd:f1:52:31:d9:d0:68:17:a4:8c:60:47:4b:
fe:c8:8f:7c:fc:bf:07:f9:a6:5e:51:0d:d6:44:21:
42:2d:ce:6e:1c:e6:db:2b:f2:46:fa:f4:b0:e8:17:
48:2a:df:d9:30:09:8c:c2:b1:d5:73:e6:82:f0:4c:
d1:3d:a4:86:9e:28:b9:18:13:72:2f:6f:08:6d:bd:
4b:9b:ce:45:65:7d:64:40:78:c6:77:c7:53:81:a8:
f9:3d:aa:e1:d6:0d:f0:d1:49:ad:f9:35:0f:b2:b6:
be:2f:df:57:d7:e4:bd:ec:bf:24:94:5c:30:39:c5:
b9:0f:0a:f9:f8:0e:df:0f:51:c6:6d:c1:af:44:05:
20:f1:b7:e3:ce:af:95:ea:db:1b:73:40:72:14:0a:
83:2d:3b:5f:7b:b6:b3:c6:1c:81:d3:89:7d:ae:18:
9d:10:21:83:2e:a0:a3:ce:5d:f8:d9:ce:0a:ee:59:
4e:7d:ae:d7:3a:ee:54:f1:f3:66:1d:7c:01:1d:eb:
48:ce:18:b3:52:04:28:e1:7d:e9:e0:d0:b4:59:cf:
35:b4:20:a2:c9:67:66:af:b3:71:65:de:a3:ab:e5:
a2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:C9:24:58:9F:B8:F5:EA:4C:60:2C:36:8E:B6:E1:7D:F6:23:7D:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6000::/40
Signature Algorithm: sha256WithRSAEncryption
b4:6f:fd:b4:28:3f:7a:78:90:df:e6:0e:dd:4d:e6:58:40:4c:
b9:2d:ab:24:49:5d:83:36:4c:41:c0:e9:dc:73:1b:27:ae:0b:
55:19:1a:6b:86:3f:e7:e9:a5:cd:15:25:16:4a:a6:88:87:73:
a5:68:17:29:72:3c:92:92:b3:b8:65:10:5c:0f:2e:11:43:66:
77:32:90:59:12:5e:a7:eb:f7:27:4c:9a:90:20:65:f9:6e:9a:
0b:75:33:68:92:1c:ab:78:c9:15:97:b4:8d:10:74:23:6d:e3:
b7:48:99:7c:70:29:fb:33:f5:5c:04:9a:e4:47:fe:23:9a:e0:
ee:09:b7:b5:0b:d8:22:72:3c:ad:7f:15:60:39:ce:4f:59:42:
16:7f:0a:cd:87:a1:52:c9:ab:eb:85:a1:50:14:1b:fa:68:99:
fe:e0:09:6e:0b:83:92:a1:5b:94:1b:06:fa:48:b6:22:e8:ce:
e2:93:11:03:ef:48:24:ba:ad:e7:d9:62:58:a9:32:64:b7:b5:
96:2c:e4:ab:33:34:26:7c:95:1a:1c:db:bd:c4:a3:57:e4:32:
46:f8:60:26:be:2a:f2:77:e3:ab:39:05:bf:b7:d7:7e:fa:21:
73:f5:0b:46:ad:b4:66:6c:41:5c:30:02:26:8a:f0:1e:11:3f:
03:f2:9b:b8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP3cdY980h8oMapU/Ansbeh7RjN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDEwMTdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2OWY1Y2ZlMWNkY2JhOTc3NTM2MWVjMjJiNjIyNDRkOTYzNzRkM2Q2NjBj
YmFhYWQwOGJlOGY5MGE4OWQ5YTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPYLFFiIAtaJsDExGegix1NGauN6InJ0q3Lda8/1n/b98VIx2dBoF6SMYEdL
/siPfPy/B/mmXlEN1kQhQi3Obhzm2yvyRvr0sOgXSCrf2TAJjMKx1XPmgvBM0T2k
hp4ouRgTci9vCG29S5vORWV9ZEB4xnfHU4Go+T2q4dYN8NFJrfk1D7K2vi/fV9fk
vey/JJRcMDnFuQ8K+fgO3w9Rxm3Br0QFIPG3486vlerbG3NAchQKgy07X3u2s8Yc
gdOJfa4YnRAhgy6go85d+NnOCu5ZTn2u1zruVPHzZh18AR3rSM4Ys1IEKOF96eDQ
tFnPNbQgoslnZq+zcWXeo6vlonMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTMySRY
n7j16kxgLDaOtuF99iN9HTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNmYTMxMzMtOGZkNC00ODE2LWFkMTQtYzQ5MTQ2MDc1ZjgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJg
MA0GCSqGSIb3DQEBCwUAA4IBAQC0b/20KD96eJDf5g7dTeZYQEy5LaskSV2DNkxB
wOnccxsnrgtVGRprhj/n6aXNFSUWSqaIh3OlaBcpcjySkrO4ZRBcDy4RQ2Z3MpBZ
El6n6/cnTJqQIGX5bpoLdTNokhyreMkVl7SNEHQjbeO3SJl8cCn7M/VcBJrkR/4j
muDuCbe1C9gicjytfxVgOc5PWUIWfwrNh6FSyavrhaFQFBv6aJn+4AluC4OSoVuU
Gwb6SLYi6M7ikxED70gkuq3n2WJYqTJkt7WWLOSrMzQmfJUaHNu9xKNX5DJG+GAm
viryd+OrOQW/t9d++iFz9QtGrbRmbEFcMAImivAeET8D8pu4
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:29 2025 by rpki-client