Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
File: ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa (raw, json)
Hash identifier: /nCkR3hCDF2aS0p4tSfmzE2QEM2CrFNoYKuuAQWgn7A=
Subject key identifier: 03:8D:B7:98:EB:B7:17:9E:59:A5:AE:B5:41:C2:93:B8:61:D1:3A:54
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A8C1F67047377794358E0EDEA44F567F1172386
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
Signing time: Mon 01 Sep 2025 20:21:36 +0000
ROA not before: Mon 01 Sep 2025 20:21:36 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:8c:1f:67:04:73:77:79:43:58:e0:ed:ea:44:f5:67:f1:17:23:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:21:36 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=6c4e9cb5f65fdf5549746faae775b09d17d6107e6f39df760f59804b24c9dfa6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e8:7f:9a:25:cd:5d:1c:1b:c7:18:ce:ce:ba:
22:d5:06:8e:ac:fe:33:a2:07:56:2e:37:0b:4e:0a:
0e:c5:07:2e:31:9f:cb:ee:0f:cd:2e:84:b1:28:15:
9d:b5:2e:ad:83:90:30:bc:50:ee:c2:52:a3:3c:2e:
6d:e6:59:2c:9a:b8:e9:b1:49:dc:ee:60:42:18:e0:
23:4d:99:7a:74:c6:d0:6b:4f:ec:e9:cd:06:6b:5a:
63:fe:f8:01:b1:49:30:70:0c:05:b9:fd:ac:99:8f:
a7:aa:b4:e6:36:db:35:1f:d3:d0:a6:3c:dc:05:f0:
24:dc:ff:a0:e9:b1:1f:61:7f:4b:e8:9a:42:fb:82:
a4:20:c2:4f:6f:77:aa:37:7f:10:96:77:f6:2c:6f:
14:d4:1c:6b:0c:ae:da:5e:ba:ab:0d:61:3f:53:33:
b7:b5:3e:73:db:7a:8f:41:a9:6a:81:49:cb:2c:03:
60:78:32:bb:e6:65:6c:ec:e8:c6:74:82:53:2a:a6:
91:16:48:ce:de:a9:1c:f2:95:e8:48:f7:2b:f7:b0:
0e:5e:66:dc:0a:1f:ef:d3:55:a5:64:ac:d4:6e:8d:
0b:4a:0f:81:cb:04:b0:c1:6c:86:1d:e5:75:24:87:
5e:17:10:eb:12:76:7f:1e:e4:f6:9b:a3:34:bf:2a:
e7:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:8D:B7:98:EB:B7:17:9E:59:A5:AE:B5:41:C2:93:B8:61:D1:3A:54
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1000::/40
Signature Algorithm: sha256WithRSAEncryption
9c:a7:62:60:ba:53:16:0c:b9:fa:97:77:86:4d:9c:a2:83:87:
61:e0:31:dd:00:ce:66:eb:90:9b:2f:9d:73:9b:f9:78:27:79:
ca:12:53:e0:e5:cf:2a:3f:55:7d:91:33:53:a7:53:8a:6d:26:
cd:f0:5f:b3:e6:be:e1:76:0e:59:dd:b2:27:c3:87:5d:2f:80:
63:89:82:6a:15:b9:8c:10:9f:5d:74:62:25:68:64:76:98:90:
ab:00:83:52:f6:42:4d:47:e7:e7:8d:40:0b:ed:2d:71:42:71:
22:d7:1c:64:61:fb:ae:d8:91:07:3e:66:d8:9b:a4:59:97:da:
be:06:cf:99:67:8f:56:72:ee:10:9e:8f:8e:cc:92:0d:b1:ee:
4d:8d:72:59:4b:59:cf:dd:0f:d2:86:79:f0:b2:67:0a:10:89:
90:ae:9f:56:0a:da:5e:a2:c5:04:f6:47:20:50:9f:28:c6:cc:
e6:56:84:40:74:31:4f:9e:22:73:17:f0:ab:c2:b4:76:ae:40:
42:27:44:d3:14:e2:9e:9e:4f:b3:ec:e4:58:cd:77:f2:3a:ce:
52:d1:a3:49:02:58:a6:6d:b7:6b:e2:ae:68:26:63:46:68:a7:
36:c0:f4:9c:7f:5f:b7:66:fb:6f:86:89:fc:68:f3:db:fd:7e:
b4:a4:f6:6a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGowfZwRzd3lDWODt6kT1Z/EXI4YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIxMzZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjNGU5Y2I1ZjY1ZmRmNTU0OTc0NmZhYWU3NzViMDlkMTdkNjEwN2U2ZjM5
ZGY3NjBmNTk4MDRiMjRjOWRmYTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANnof5olzV0cG8cYzs66ItUGjqz+M6IHVi43C04KDsUHLjGfy+4PzS6EsSgV
nbUurYOQMLxQ7sJSozwubeZZLJq46bFJ3O5gQhjgI02ZenTG0GtP7OnNBmtaY/74
AbFJMHAMBbn9rJmPp6q05jbbNR/T0KY83AXwJNz/oOmxH2F/S+iaQvuCpCDCT293
qjd/EJZ39ixvFNQcawyu2l66qw1hP1Mzt7U+c9t6j0GpaoFJyywDYHgyu+ZlbOzo
xnSCUyqmkRZIzt6pHPKV6Ej3K/ewDl5m3Aof79NVpWSs1G6NC0oPgcsEsMFshh3l
dSSHXhcQ6xJ2fx7k9pujNL8q58UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQDjbeY
67cXnlmlrrVBwpO4YdE6VDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2EzZjRkMTEtZGM2Yi00YTgyLWJlNjEtNjhmMWQ3ODM4ZjkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCcp2JgulMWDLn6l3eGTZyig4dh4DHdAM5m65Cb
L51zm/l4J3nKElPg5c8qP1V9kTNTp1OKbSbN8F+z5r7hdg5Z3bInw4ddL4BjiYJq
FbmMEJ9ddGIlaGR2mJCrAINS9kJNR+fnjUAL7S1xQnEi1xxkYfuu2JEHPmbYm6RZ
l9q+Bs+ZZ49Wcu4Qno+OzJINse5NjXJZS1nP3Q/ShnnwsmcKEImQrp9WCtpeosUE
9kcgUJ8oxszmVoRAdDFPniJzF/CrwrR2rkBCJ0TTFOKenk+z7ORYzXfyOs5S0aNJ
Alimbbdr4q5oJmNGaKc2wPScf1+3Zvtvhon8aPPb/X60pPZq
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:06 2025 by rpki-client