Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfe315e6-c630-48bd-8de5-23eee0ad40cd.roa
File: cfe315e6-c630-48bd-8de5-23eee0ad40cd.roa (raw, json)
Hash identifier: 3hpN//RKI4/sPpjTJt07lKpK9SgHtiutzWuOhO62gYQ=
Subject key identifier: A4:7A:7B:63:89:FE:1F:DC:3E:42:63:21:A2:10:A1:4E:8E:F2:C7:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4090120DCD4B5FE5E7CF161C25808CCB428AB4BE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfe315e6-c630-48bd-8de5-23eee0ad40cd.roa
Signing time: Mon 01 Sep 2025 19:41:13 +0000
ROA not before: Mon 01 Sep 2025 19:41:13 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:90:12:0d:cd:4b:5f:e5:e7:cf:16:1c:25:80:8c:cb:42:8a:b4:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:41:13 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2f6e5fdf1059a954959dea6844bccb0b0390e50cf122f9b21efbf36415fa4d74, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:07:1f:57:07:42:e2:7d:8d:c3:fc:fa:c9:a5:
85:7c:3f:f7:69:ac:50:de:e7:52:11:5f:27:bd:e9:
71:9e:cb:6b:28:b3:91:01:8c:ff:e4:c0:06:c7:b0:
82:f4:d8:50:04:2a:6d:69:8d:b4:63:53:70:57:ef:
13:e1:b8:52:0f:fd:0f:a6:21:94:67:bc:a3:54:97:
0e:26:3d:0d:32:31:44:65:fd:69:0c:97:4d:af:de:
bd:7d:24:df:c4:f7:4d:99:e3:80:e2:58:d5:07:48:
54:c9:34:60:af:92:fd:58:18:ba:a1:b7:62:dd:7d:
f9:bb:e2:06:a3:d0:29:96:be:e9:fe:10:08:f5:6a:
4e:8d:3a:83:83:b6:29:be:7a:a5:12:90:70:c4:31:
c9:af:16:b5:02:ed:42:1c:62:06:98:02:83:47:67:
da:c8:99:98:6a:02:87:2b:55:a2:b2:58:76:cc:0d:
9f:30:c2:8f:d6:a4:05:05:b2:7f:84:74:bd:5c:e8:
6c:dc:5f:16:86:85:8b:50:81:e6:80:78:2e:7a:24:
c1:85:97:f3:ec:c1:e1:68:56:4f:88:56:e4:20:21:
a9:84:4e:b0:a5:d0:e4:5b:a3:2b:ad:bb:fc:5e:97:
a7:3d:94:05:3d:ec:97:39:33:f7:01:be:31:de:f3:
06:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:7A:7B:63:89:FE:1F:DC:3E:42:63:21:A2:10:A1:4E:8E:F2:C7:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfe315e6-c630-48bd-8de5-23eee0ad40cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8020::/48
Signature Algorithm: sha256WithRSAEncryption
3d:b6:ae:82:97:b1:73:e5:10:11:03:01:ba:25:f3:e4:fd:89:
55:61:a9:0e:b2:00:bb:6b:ec:19:c1:4a:26:fe:5c:10:de:76:
fc:01:0d:57:65:37:f2:8b:d8:a1:38:cc:9d:48:d1:a7:d5:16:
ee:84:56:a4:e0:5f:b2:5a:66:05:24:50:b7:8c:55:71:b7:85:
6c:b3:43:4a:9f:5a:28:a2:52:4a:7f:60:58:10:2d:97:59:f6:
52:ec:50:0f:9a:19:5a:27:e4:45:c9:d8:a7:ac:50:17:e2:63:
f5:be:78:4a:0e:5f:d1:d5:d1:ea:f2:e3:5f:2d:39:e3:7a:72:
aa:22:26:16:0d:8d:7a:71:38:6f:36:e0:8c:7e:ea:08:9c:50:
55:c5:4a:9b:02:b3:0d:73:dc:b9:df:3c:70:66:e4:94:26:b8:
a5:55:59:76:7e:dc:c9:58:77:72:0b:8b:01:09:c7:58:40:30:
7e:43:67:89:9e:15:21:fc:38:8a:53:5d:0c:e4:bd:eb:29:c3:
73:6c:c5:cd:7c:b5:d8:3b:39:b6:ac:a5:a5:01:f9:a5:13:b1:
e2:29:4c:88:33:c8:89:ca:55:58:72:71:ec:47:32:f8:75:7c:
68:ac:c4:88:e5:d4:b8:32:15:cb:fa:3b:ea:3c:2b:0a:f1:30:
d9:44:67:db
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQJASDc1LX+XnzxYcJYCMy0KKtL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTQxMTNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmNmU1ZmRmMTA1OWE5NTQ5NTlkZWE2ODQ0YmNjYjBiMDM5MGU1MGNmMTIy
ZjliMjFlZmJmMzY0MTVmYTRkNzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsHH1cHQuJ9jcP8+smlhXw/92msUN7nUhFfJ73pcZ7LayizkQGM/+TABsew
gvTYUAQqbWmNtGNTcFfvE+G4Ug/9D6YhlGe8o1SXDiY9DTIxRGX9aQyXTa/evX0k
38T3TZnjgOJY1QdIVMk0YK+S/VgYuqG3Yt19+bviBqPQKZa+6f4QCPVqTo06g4O2
Kb56pRKQcMQxya8WtQLtQhxiBpgCg0dn2siZmGoChytVorJYdswNnzDCj9akBQWy
f4R0vVzobNxfFoaFi1CB5oB4LnokwYWX8+zB4WhWT4hW5CAhqYROsKXQ5FujK627
/F6Xpz2UBT3slzkz9wG+Md7zBpECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSkentj
if4f3D5CYyGiEKFOjvLHeDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2ZlMzE1ZTYtYzYzMC00OGJkLThkZTUtMjNlZWUwYWQ0MGNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
IDANBgkqhkiG9w0BAQsFAAOCAQEAPbaugpexc+UQEQMBuiXz5P2JVWGpDrIAu2vs
GcFKJv5cEN52/AENV2U38ovYoTjMnUjRp9UW7oRWpOBfslpmBSRQt4xVcbeFbLND
Sp9aKKJSSn9gWBAtl1n2UuxQD5oZWifkRcnYp6xQF+Jj9b54Sg5f0dXR6vLjXy05
43pyqiImFg2NenE4bzbgjH7qCJxQVcVKmwKzDXPcud88cGbklCa4pVVZdn7cyVh3
cguLAQnHWEAwfkNniZ4VIfw4ilNdDOS96ynDc2zFzXy12Ds5tqylpQH5pROx4ilM
iDPIicpVWHJx7Ecy+HV8aKzEiOXUuDIVy/o76jwrCvEw2URn2w==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:09:22 2025 by rpki-client