Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
File: cfca2455-b58e-43e0-a15f-276f8a5b527f.roa (raw, json)
Hash identifier: uKY5XRwf7/3DcSxaUCfrHHQjqEZOJ4jciwc2sxmF6D0=
Subject key identifier: A1:CF:06:EC:8C:36:BF:44:E8:62:64:95:5A:3A:45:7A:B2:4A:3F:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FFA2FE8C9F24BCDE549EB068B20398F045D4E96
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
Signing time: Mon 01 Sep 2025 20:01:07 +0000
ROA not before: Mon 01 Sep 2025 20:01:07 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:fa:2f:e8:c9:f2:4b:cd:e5:49:eb:06:8b:20:39:8f:04:5d:4e:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:01:07 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=1c9f91bad5e48032d74071ac479b01ee0375f9c2f4613c126b7422ea81af379c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c3:75:87:86:8b:74:0b:1f:25:07:f4:2f:2e:
a1:ab:05:64:28:c1:d1:87:f7:35:8a:97:22:da:c6:
e5:08:93:7d:2b:d2:35:15:8f:59:55:00:26:c2:76:
fc:ac:4c:90:f7:76:0b:26:b3:af:ea:16:2d:ba:91:
a7:dc:e0:e7:03:89:2f:46:b4:c0:09:38:aa:1f:08:
be:4c:4b:2d:f1:2d:31:a1:2e:83:a7:81:d5:11:e1:
d8:19:47:8e:e6:f9:58:56:d6:fb:d7:ab:da:b9:7a:
43:a9:89:12:84:f2:fd:c4:45:8a:e8:e4:9f:27:ce:
82:f7:5d:1a:1e:26:52:ba:c6:40:0b:a8:77:ec:5f:
1b:1c:51:4f:6d:85:65:d5:47:ac:af:fd:65:42:0d:
a8:72:24:88:f8:80:ac:17:3d:a9:7e:c3:86:cc:e0:
3e:4f:51:b7:93:ed:01:69:b3:f0:3d:49:4a:83:40:
94:67:1c:32:38:52:de:71:60:7c:c0:ed:32:cd:1c:
7e:ab:8e:34:37:86:14:ce:99:ca:e5:27:5a:de:db:
21:f2:9b:a5:03:07:2e:14:cb:33:5e:72:0d:60:f1:
bb:d8:7d:9c:0d:cb:3a:c2:3e:c9:15:f4:34:c5:49:
97:51:2c:2d:37:3c:b2:2a:66:f7:56:bc:ac:98:d3:
6f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:CF:06:EC:8C:36:BF:44:E8:62:64:95:5A:3A:45:7A:B2:4A:3F:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e040::/48
Signature Algorithm: sha256WithRSAEncryption
89:60:e9:c5:47:f4:a8:32:33:c5:bb:3c:ef:07:01:79:8c:77:
34:6d:ee:68:09:1e:74:e3:bb:9b:95:1c:9e:4a:d5:d5:51:bf:
6b:c3:ce:ef:8b:b5:69:0b:8b:36:fd:e4:8c:a1:40:b2:9a:e9:
b7:5d:78:28:aa:3b:6c:1f:c2:00:42:de:9c:a0:b8:ec:f4:c9:
eb:6d:ac:68:88:32:47:85:be:d5:75:7c:d7:4f:d8:46:25:dd:
8f:ca:c1:bb:10:8d:8d:b5:d2:b4:20:8e:01:4f:39:6b:38:02:
64:cd:1f:8f:b3:bc:22:b5:55:dd:9d:d4:1e:9a:e6:7a:9b:64:
67:58:96:9a:e4:e7:cc:3b:c8:83:26:41:46:ad:1c:59:9e:36:
26:35:c4:cf:ab:37:38:85:f1:b8:b0:c4:39:78:2a:5f:aa:f2:
63:86:cb:81:24:00:eb:fe:50:eb:23:cd:45:e2:4b:77:fc:54:
9f:57:7f:86:3a:67:d3:fc:d5:1a:b5:86:05:7c:a4:29:00:80:
8e:d0:84:b1:0c:68:2d:c1:6c:da:be:f3:8f:0a:2d:44:8d:4d:
de:36:98:d8:75:3a:de:5e:b5:6c:4f:00:12:00:09:23:e9:71:
c2:4c:51:15:1a:29:da:ca:2a:e1:fd:40:41:81:f7:cc:fe:f2:
6a:58:98:a2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUf/ov6MnyS83lSesGiyA5jwRdTpYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDAxMDdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjOWY5MWJhZDVlNDgwMzJkNzQwNzFhYzQ3OWIwMWVlMDM3NWY5YzJmNDYx
M2MxMjZiNzQyMmVhODFhZjM3OWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTDdYeGi3QLHyUH9C8uoasFZCjB0Yf3NYqXItrG5QiTfSvSNRWPWVUAJsJ2
/KxMkPd2Cyazr+oWLbqRp9zg5wOJL0a0wAk4qh8IvkxLLfEtMaEug6eB1RHh2BlH
jub5WFbW+9er2rl6Q6mJEoTy/cRFiujknyfOgvddGh4mUrrGQAuod+xfGxxRT22F
ZdVHrK/9ZUINqHIkiPiArBc9qX7DhszgPk9Rt5PtAWmz8D1JSoNAlGccMjhS3nFg
fMDtMs0cfquONDeGFM6ZyuUnWt7bIfKbpQMHLhTLM15yDWDxu9h9nA3LOsI+yRX0
NMVJl1EsLTc8sipm91a8rJjTb4sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBShzwbs
jDa/ROhiZJVaOkV6sko/KDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2ZjYTI0NTUtYjU4ZS00M2UwLWExNWYtMjc2ZjhhNWI1MjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
QDANBgkqhkiG9w0BAQsFAAOCAQEAiWDpxUf0qDIzxbs87wcBeYx3NG3uaAkedOO7
m5UcnkrV1VG/a8PO74u1aQuLNv3kjKFAsprpt114KKo7bB/CAELenKC47PTJ622s
aIgyR4W+1XV810/YRiXdj8rBuxCNjbXStCCOAU85azgCZM0fj7O8IrVV3Z3UHprm
eptkZ1iWmuTnzDvIgyZBRq0cWZ42JjXEz6s3OIXxuLDEOXgqX6ryY4bLgSQA6/5Q
6yPNReJLd/xUn1d/hjpn0/zVGrWGBXykKQCAjtCEsQxoLcFs2r7zjwotRI1N3jaY
2HU63l61bE8AEgAJI+lxwkxRFRop2soq4f1AQYH3zP7yaliYog==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:48 2025 by rpki-client