Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
File: c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa (raw, json)
Hash identifier: J1/yyfFvNtWng11MNOKKGZQY4Tiad7qKbRU5gCiz3YM=
Subject key identifier: 3D:DE:5E:A8:BE:80:E0:BB:F9:B9:C1:94:03:3E:82:DA:41:52:42:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46119351F6AA9CF8B763C1F1A9C262B68E910F03
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
Signing time: Tue 05 Aug 2025 19:50:57 +0000
ROA not before: Tue 05 Aug 2025 19:50:57 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:11:93:51:f6:aa:9c:f8:b7:63:c1:f1:a9:c2:62:b6:8e:91:0f:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:50:57 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=fa263ff6f07de0eefb35a60c5ea1beaa56c832fad28162c5fc0734612c8fc16e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:61:d9:d2:10:79:6e:e8:fb:24:47:32:c8:a7:
da:9d:94:3a:da:58:da:0f:64:82:dc:1e:33:f5:e3:
eb:ff:7f:7e:4f:b0:a6:ab:5f:29:0f:ce:cd:27:51:
c9:c6:69:81:d7:05:9e:e9:79:cc:18:82:03:09:ba:
ee:2a:4f:39:65:cb:60:3b:28:6e:66:f0:a1:43:62:
8e:a2:73:d8:a5:98:48:c9:e8:aa:8f:2e:3b:0c:2a:
98:c0:da:11:ce:db:d7:90:e4:a0:fc:32:6e:d7:ae:
fd:fe:04:46:6f:64:bf:20:53:ff:b6:ff:2f:55:8f:
78:c7:bc:45:5a:a1:99:bb:86:b5:a3:df:b4:74:7e:
a9:e1:7b:ef:46:08:79:94:23:d4:4b:c9:53:f2:fb:
ea:66:d7:42:b4:d2:19:df:50:24:33:7b:34:6b:77:
02:2e:d1:53:d4:6b:7d:8a:43:18:72:03:cc:69:7b:
9c:e5:12:09:1b:74:27:31:a4:59:71:c0:93:85:34:
28:6e:8e:67:77:0c:2f:6c:61:3b:7f:64:51:68:e1:
17:af:70:01:c1:a7:52:55:db:a6:25:f9:ff:3a:f7:
00:6f:de:a9:76:00:c0:69:db:23:2b:d6:7d:a7:2a:
4f:09:7a:d4:48:3d:85:a3:5d:dc:fd:27:e2:43:dc:
80:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:DE:5E:A8:BE:80:E0:BB:F9:B9:C1:94:03:3E:82:DA:41:52:42:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:a000::/40
Signature Algorithm: sha256WithRSAEncryption
76:c6:04:ed:42:81:e2:fb:07:8b:fa:cd:61:02:60:8f:22:9a:
2d:48:e5:ce:1f:7d:19:6a:ad:81:62:71:90:2f:49:f8:23:74:
02:d1:a7:24:e5:1c:e1:72:c2:08:e1:20:55:1a:f5:50:62:73:
48:3b:83:33:1c:f9:a3:24:85:4c:39:c1:50:27:80:7d:15:7c:
cb:9b:06:22:ba:4a:ef:5c:fd:8a:3f:ae:c8:20:de:ec:f8:a5:
2a:5e:92:5f:c5:85:96:00:89:bd:4a:7b:a4:cd:5f:70:ed:4b:
98:5e:69:b1:05:c8:24:2d:1f:ad:2b:b7:58:40:73:c6:55:fe:
f3:e0:c9:48:fb:08:34:dc:70:d6:b1:2b:f1:47:da:a3:d8:65:
30:0a:4f:fe:d4:76:bd:48:2c:d1:41:d3:3d:2f:fe:ed:62:7c:
be:bb:a7:5f:3d:25:8a:e2:dd:90:ad:d3:eb:ad:9a:f6:21:b6:
a6:9f:89:a3:db:08:c5:34:51:c1:e9:8f:01:20:5a:8e:df:4c:
66:b9:7b:52:8d:dc:b3:42:d9:1f:94:e8:1c:79:0b:b4:54:5c:
89:2d:ea:17:e5:23:0a:ee:ed:1a:31:f6:5a:fe:c4:c3:79:13:
0f:4a:bf:7b:24:47:88:b2:94:d4:3f:6b:57:70:45:b4:89:09:
85:f5:50:0f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURhGTUfaqnPi3Y8HxqcJito6RDwMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUwNTdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhMjYzZmY2ZjA3ZGUwZWVmYjM1YTYwYzVlYTFiZWFhNTZjODMyZmFkMjgx
NjJjNWZjMDczNDYxMmM4ZmMxNmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMRh2dIQeW7o+yRHMsin2p2UOtpY2g9kgtweM/Xj6/9/fk+wpqtfKQ/OzSdR
ycZpgdcFnul5zBiCAwm67ipPOWXLYDsobmbwoUNijqJz2KWYSMnoqo8uOwwqmMDa
Ec7b15DkoPwybteu/f4ERm9kvyBT/7b/L1WPeMe8RVqhmbuGtaPftHR+qeF770YI
eZQj1EvJU/L76mbXQrTSGd9QJDN7NGt3Ai7RU9RrfYpDGHIDzGl7nOUSCRt0JzGk
WXHAk4U0KG6OZ3cML2xhO39kUWjhF69wAcGnUlXbpiX5/zr3AG/eqXYAwGnbIyvW
facqTwl61Eg9haNd3P0n4kPcgG8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ93l6o
voDgu/m5wZQDPoLaQVJCkzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzM5ZGQ3MWMtZjIyYy00YmI0LTljNmYtZGZjOGM2YTAyZmZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6g
MA0GCSqGSIb3DQEBCwUAA4IBAQB2xgTtQoHi+weL+s1hAmCPIpotSOXOH30Zaq2B
YnGQL0n4I3QC0ack5RzhcsII4SBVGvVQYnNIO4MzHPmjJIVMOcFQJ4B9FXzLmwYi
ukrvXP2KP67IIN7s+KUqXpJfxYWWAIm9SnukzV9w7UuYXmmxBcgkLR+tK7dYQHPG
Vf7z4MlI+wg03HDWsSvxR9qj2GUwCk/+1Ha9SCzRQdM9L/7tYny+u6dfPSWK4t2Q
rdPrrZr2Ibamn4mj2wjFNFHB6Y8BIFqO30xmuXtSjdyzQtkflOgceQu0VFyJLeoX
5SMK7u0aMfZa/sTDeRMPSr97JEeIspTUP2tXcEW0iQmF9VAP
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:43 2025 by rpki-client