Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
File: 3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa (raw, json)
Hash identifier: J0mrBRVAG/sP6NDn7qPR8r+YDRUjlFYBNRn7jPKclc0=
Subject key identifier: 0B:74:E7:F7:D6:5D:1F:D6:AC:73:0A:04:84:0A:19:C4:8B:D9:AF:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 439F579AEB0378C5175674B2A2B8E7FB3C4A6374
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
Signing time: Fri 01 Aug 2025 17:11:11 +0000
ROA not before: Fri 01 Aug 2025 17:11:11 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:9f:57:9a:eb:03:78:c5:17:56:74:b2:a2:b8:e7:fb:3c:4a:63:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:11:11 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=9c4e0a45dbfda9b20b074807df363c64e033df78691a824d34a6da858d0529b4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1f:94:92:83:84:b9:57:56:a4:83:3b:d9:31:
5a:0e:81:a0:2f:f8:02:0c:b3:c9:53:c9:e5:03:de:
08:0b:c4:89:a0:07:0d:6d:cc:54:9c:b3:84:27:99:
01:65:3c:97:d0:34:da:24:ac:b2:12:5c:29:31:ca:
28:a2:46:ba:63:40:0e:f1:40:39:64:43:25:52:f3:
8b:11:1a:03:0c:44:86:40:32:05:0b:53:89:f5:51:
be:e3:e7:7f:52:d7:ad:d2:98:99:1f:60:16:21:9e:
fb:88:d6:27:c7:25:35:c0:1b:10:74:a8:60:d1:10:
b6:a6:ed:52:5d:d0:44:99:db:5d:3d:74:65:cb:88:
66:d8:63:e8:ac:d2:a1:ca:20:6a:b3:b2:e8:c1:de:
92:88:4a:7c:cf:f0:51:99:69:d3:73:18:42:75:bd:
92:a6:33:2a:9b:11:dc:6f:e7:25:cb:ca:a7:2a:c5:
0d:91:9a:c4:1a:44:f4:2b:25:99:1e:00:75:f8:4e:
e8:86:e4:32:e1:4f:89:2b:c8:b7:42:e1:d1:3c:3a:
3e:c0:74:65:47:bb:3d:0a:79:cf:ce:28:82:b0:a2:
94:44:d9:11:7b:c8:0e:2e:62:13:de:11:36:54:20:
a6:0b:98:ce:d1:15:bb:26:32:c9:fa:25:5f:6f:70:
93:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:74:E7:F7:D6:5D:1F:D6:AC:73:0A:04:84:0A:19:C4:8B:D9:AF:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036::/32
Signature Algorithm: sha256WithRSAEncryption
26:62:84:59:4c:5e:98:97:90:68:8c:42:45:bf:00:10:91:f7:
ea:fe:d2:54:95:88:21:1a:f6:9d:2a:f2:2e:4d:ff:51:51:4f:
f9:c5:e8:14:0b:b3:33:47:eb:ed:31:2a:c0:c2:59:49:ab:d1:
aa:a3:35:37:28:06:0a:7e:12:7b:60:83:41:c0:a6:1f:eb:4d:
23:22:b5:64:b4:9d:af:4a:fc:3f:11:d7:7d:8e:c7:18:2b:5e:
cd:d8:c3:bc:11:c3:89:e2:8a:4c:18:84:51:23:bf:d8:65:97:
3b:4c:0a:b7:0b:a9:55:d5:84:42:1a:9d:99:8d:91:18:34:67:
8f:1c:75:73:8d:c0:dd:9d:6b:c5:b5:d1:ee:96:0d:da:37:47:
ab:43:ba:e5:7f:e6:ed:79:46:ac:ce:e2:8a:95:dd:c1:e2:39:
f2:04:85:98:5a:ba:61:b8:a3:48:a5:d3:6e:5f:a8:28:ba:7e:
9a:b6:06:fb:84:50:eb:c4:2d:33:41:29:37:c0:1a:2a:94:6f:
6c:5f:07:10:00:7d:b2:e4:f2:71:85:8c:bd:c4:0f:66:d3:d8:
5e:7e:9b:46:b3:68:7c:6e:74:35:7d:a2:f9:3b:b9:4c:e0:90:
b4:79:54:d5:9d:ea:17:24:49:c2:4f:cc:e1:38:81:7f:3f:61:
ed:e6:a2:58
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUQ59XmusDeMUXVnSyorjn+zxKY3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzExMTFaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDljNGUwYTQ1ZGJmZGE5YjIwYjA3NDgwN2RmMzYzYzY0ZTAzM2RmNzg2OTFh
ODI0ZDM0YTZkYTg1OGQwNTI5YjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ4flJKDhLlXVqSDO9kxWg6BoC/4AgyzyVPJ5QPeCAvEiaAHDW3MVJyzhCeZ
AWU8l9A02iSsshJcKTHKKKJGumNADvFAOWRDJVLzixEaAwxEhkAyBQtTifVRvuPn
f1LXrdKYmR9gFiGe+4jWJ8clNcAbEHSoYNEQtqbtUl3QRJnbXT10ZcuIZthj6KzS
ocogarOy6MHekohKfM/wUZlp03MYQnW9kqYzKpsR3G/nJcvKpyrFDZGaxBpE9Csl
mR4AdfhO6IbkMuFPiSvIt0Lh0Tw6PsB0ZUe7PQp5z84ogrCilETZEXvIDi5iE94R
NlQgpguYztEVuyYyyfolX29wk5cCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQLdOf3
1l0f1qxzCgSEChnEi9mvDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2ExNWFmMzktNjgxOC00ZWViLWJiYWYtMjgzYjdiZmZmYmE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DYw
DQYJKoZIhvcNAQELBQADggEBACZihFlMXpiXkGiMQkW/ABCR9+r+0lSViCEa9p0q
8i5N/1FRT/nF6BQLszNH6+0xKsDCWUmr0aqjNTcoBgp+Entgg0HAph/rTSMitWS0
na9K/D8R132OxxgrXs3Yw7wRw4niikwYhFEjv9hllztMCrcLqVXVhEIanZmNkRg0
Z48cdXONwN2da8W10e6WDdo3R6tDuuV/5u15RqzO4oqV3cHiOfIEhZhaumG4o0il
025fqCi6fpq2BvuEUOvELTNBKTfAGiqUb2xfBxAAfbLk8nGFjL3ED2bT2F5+m0az
aHxudDV9ovk7uUzgkLR5VNWd6hckScJPzOE4gX8/Ye3molg=
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:22:44 2025 by rpki-client