Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
File: c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa (raw, json)
Hash identifier: UXNhr2+VjF4yYTgIcv3PE/s59IobzZj8+xFMGxyiLGQ=
Subject key identifier: FF:E6:5D:F1:79:7A:61:27:82:A6:58:3A:49:D1:EE:24:43:7B:60:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B61664AC2264B51E9E84B252850075D54F37B81
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
Signing time: Mon 01 Sep 2025 20:20:17 +0000
ROA not before: Mon 01 Sep 2025 20:20:17 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:61:66:4a:c2:26:4b:51:e9:e8:4b:25:28:50:07:5d:54:f3:7b:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:20:17 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=338910a03ad2ecbfc87eec176195e16ea22a82bf752878d624c9115b3b894e25, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7a:37:ae:5d:d9:8d:59:3c:ec:32:65:d6:6c:
e3:52:cb:de:cc:6e:70:b5:ac:2b:44:c8:f7:1f:2d:
ac:7c:2b:04:e3:72:39:46:7d:4f:70:bc:b8:19:26:
00:53:de:7b:ca:0b:17:69:9d:c8:c5:d5:8f:8d:4e:
3e:cf:0b:8b:2d:06:59:51:63:08:ac:54:e3:e6:83:
0f:0b:bf:08:53:32:7d:34:eb:bc:c9:41:44:fb:65:
71:1d:5f:3f:6f:12:fb:dc:0d:dd:aa:50:e0:1c:03:
42:0f:01:b1:7f:a6:94:73:3d:6a:ed:35:5f:66:d1:
51:c0:9d:18:c3:23:d3:a2:a0:e5:8a:5d:bd:8c:87:
ce:d0:9f:46:9f:67:70:1c:f8:47:4e:76:76:93:4d:
b9:f3:d5:8f:b0:3e:69:04:d6:30:37:e8:ff:59:40:
a8:24:d0:2c:af:28:1c:45:19:2b:78:83:a1:9d:cc:
bb:be:0d:5f:17:40:95:c8:cd:f9:61:ef:39:15:50:
f9:e6:30:78:6c:3d:5a:e4:bd:be:3c:68:1b:45:26:
95:0d:71:d4:18:46:ed:20:9a:d8:06:a7:d7:58:89:
c0:7a:99:17:13:4e:ea:ff:ef:e5:9b:bb:d0:3f:a8:
6c:29:e8:47:80:82:48:c0:a1:42:05:13:20:7d:f9:
ab:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E6:5D:F1:79:7A:61:27:82:A6:58:3A:49:D1:EE:24:43:7B:60:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2000::/40
Signature Algorithm: sha256WithRSAEncryption
8f:8c:cc:17:90:1e:c9:f0:c1:c3:c3:f7:2b:d2:c8:e7:45:8e:
dd:65:0e:d9:4c:a6:d9:2a:e9:be:82:06:4e:9f:a2:06:ce:05:
b9:2f:a6:d5:7c:c5:72:4a:a5:7f:0f:2d:dc:c1:26:1c:a6:41:
53:e2:fd:36:a8:56:5b:62:6a:ea:69:8c:ad:80:3f:ee:7a:8f:
a8:93:96:45:a1:79:9f:86:81:e7:bc:f5:4b:a3:80:a7:2e:d4:
ad:f1:81:ba:74:aa:c1:f5:da:bb:8c:8e:40:0e:c4:9e:ce:ef:
e6:ce:1a:7a:56:89:fc:c9:41:39:72:92:ca:85:c2:27:e5:e4:
17:94:1a:43:b3:91:d1:e5:ab:f4:09:12:10:97:23:87:81:70:
e9:09:00:9b:1f:60:65:4b:cf:d5:11:2d:04:6d:5b:06:37:23:
21:49:ca:ed:e5:5c:35:bc:80:18:3d:07:76:1d:71:57:18:b6:
e3:46:7e:4b:6e:c4:60:c1:79:3f:50:38:03:bf:8c:19:f2:ee:
ea:51:ec:d5:14:99:f9:5c:9b:37:f4:cb:dc:db:03:10:47:6d:
34:61:56:23:15:2b:d2:fb:6f:2e:79:56:66:3c:e5:d3:c1:6b:
f9:54:cb:83:48:ae:f4:30:fa:4a:37:22:63:da:2b:f8:cc:46:
6f:12:aa:78
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC2FmSsImS1Hp6EslKFAHXVTze4EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIwMTdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzODkxMGEwM2FkMmVjYmZjODdlZWMxNzYxOTVlMTZlYTIyYTgyYmY3NTI4
NzhkNjI0YzkxMTViM2I4OTRlMjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIp6N65d2Y1ZPOwyZdZs41LL3sxucLWsK0TI9x8trHwrBONyOUZ9T3C8uBkm
AFPee8oLF2mdyMXVj41OPs8Liy0GWVFjCKxU4+aDDwu/CFMyfTTrvMlBRPtlcR1f
P28S+9wN3apQ4BwDQg8BsX+mlHM9au01X2bRUcCdGMMj06Kg5YpdvYyHztCfRp9n
cBz4R052dpNNufPVj7A+aQTWMDfo/1lAqCTQLK8oHEUZK3iDoZ3Mu74NXxdAlcjN
+WHvORVQ+eYweGw9WuS9vjxoG0UmlQ1x1BhG7SCa2Aan11iJwHqZFxNO6v/v5Zu7
0D+obCnoR4CCSMChQgUTIH35q40CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT/5l3x
eXphJ4KmWDpJ0e4kQ3tgkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzNmNGIwZTAtZGY2ZC00ODFhLThkNzUtNzcwOWU1NDVkMWU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIg
MA0GCSqGSIb3DQEBCwUAA4IBAQCPjMwXkB7J8MHDw/cr0sjnRY7dZQ7ZTKbZKum+
ggZOn6IGzgW5L6bVfMVySqV/Dy3cwSYcpkFT4v02qFZbYmrqaYytgD/ueo+ok5ZF
oXmfhoHnvPVLo4CnLtSt8YG6dKrB9dq7jI5ADsSezu/mzhp6Von8yUE5cpLKhcIn
5eQXlBpDs5HR5av0CRIQlyOHgXDpCQCbH2BlS8/VES0EbVsGNyMhScrt5Vw1vIAY
PQd2HXFXGLbjRn5LbsRgwXk/UDgDv4wZ8u7qUezVFJn5XJs39Mvc2wMQR200YVYj
FSvS+28ueVZmPOXTwWv5VMuDSK70MPpKNyJj2iv4zEZvEqp4
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:07 2025 by rpki-client