Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdad1cc-641a-4187-9b79-fc696cb535f5.roa
File: 9cdad1cc-641a-4187-9b79-fc696cb535f5.roa (raw, json)
Hash identifier: mQQ1WAvsyOPmSDNoULRdmCAFHNfdUOyeWkup13ESnJ8=
Subject key identifier: F1:85:D3:A5:82:E8:8A:1B:5E:65:08:EA:D9:8D:E1:35:02:7B:78:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3CA974BB07818DF029058323E5BF7DED427C3AFD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdad1cc-641a-4187-9b79-fc696cb535f5.roa
Signing time: Fri 01 Aug 2025 17:10:22 +0000
ROA not before: Fri 01 Aug 2025 17:10:22 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:a9:74:bb:07:81:8d:f0:29:05:83:23:e5:bf:7d:ed:42:7c:3a:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:10:22 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=ab0cd981b7fe4a6ab039999467d71a5384e2d953d5846369b7297794a0f61dc0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:9e:76:5d:15:5d:be:ee:15:61:43:af:0c:73:
fa:78:6f:e1:ac:22:0d:10:70:41:a4:f6:cb:33:3e:
01:66:b6:55:48:3e:c7:d4:84:9f:e8:9f:74:71:88:
e7:11:48:9a:64:33:0a:01:c9:8d:74:d4:e8:70:18:
99:ee:dd:e2:02:5d:50:00:53:45:8b:8a:30:af:3a:
96:28:5a:6e:36:da:28:8f:fb:1c:49:b9:c8:9b:c0:
8e:cc:30:70:49:ff:50:b0:e3:0c:a3:14:07:9f:2c:
6d:2f:80:78:12:ed:82:7e:a1:32:a2:8a:b5:fd:78:
6f:0c:c4:41:2f:34:fd:bc:35:1c:5e:37:c9:86:0c:
7c:b8:30:6c:07:8b:c6:ff:f6:4a:b8:29:51:8f:c0:
1c:86:9d:9b:ac:a5:53:53:ac:02:2c:10:8b:3e:91:
52:98:75:76:ec:81:d0:cc:4c:c5:63:62:3c:40:9d:
92:eb:a8:80:61:49:4d:10:d8:c4:6a:5a:76:09:08:
34:b1:36:89:be:5c:e0:99:78:ef:b6:2c:81:25:9a:
f7:92:1e:63:0f:ce:62:78:ae:2b:9e:0c:bd:18:81:
ba:ef:74:28:bb:dd:40:4f:bc:8e:24:44:ac:43:b7:
00:46:7a:dc:9b:a5:25:1f:08:74:97:c9:dc:82:36:
f4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:85:D3:A5:82:E8:8A:1B:5E:65:08:EA:D9:8D:E1:35:02:7B:78:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdad1cc-641a-4187-9b79-fc696cb535f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:800::/40
Signature Algorithm: sha256WithRSAEncryption
35:ef:bc:47:75:54:a6:64:da:fd:d5:45:92:cf:9e:9a:00:d5:
e7:06:2d:82:fb:b8:38:b9:53:76:ab:c6:6d:8f:68:d2:c3:29:
0b:8b:18:ca:09:77:b9:1e:5d:86:be:6a:71:0c:76:51:3f:d1:
a8:18:1c:da:ce:73:f4:5e:3a:d9:43:6f:15:38:9b:b9:02:7e:
a0:64:b9:23:c5:fe:4f:d9:33:77:0b:84:b0:a2:5c:dc:4f:01:
43:4a:6f:36:5a:d1:34:b6:f8:e2:2f:cb:ab:2b:f6:12:40:d2:
94:15:0b:cb:c0:82:1b:ad:11:33:0c:e8:5e:12:8a:3a:7b:77:
5b:2a:02:39:84:23:34:36:7d:f8:3a:10:39:a1:17:9a:96:4c:
b7:ab:1d:1f:fb:9d:d2:87:f6:1c:80:a5:57:b3:d7:80:03:45:
ed:9f:57:5f:00:8d:5f:6d:66:74:1b:41:69:27:b2:8e:1f:00:
bc:47:be:5a:2f:3f:c6:ec:7f:71:d0:71:fb:c5:5b:01:31:b4:
0c:f6:94:4c:a0:ae:84:56:08:8d:d8:70:04:93:1f:65:66:44:
9c:14:45:23:e1:a9:9f:2d:dd:4d:3f:64:ed:3f:f0:fb:43:f3:
cc:4b:d4:b8:15:c4:1d:10:6e:a1:f9:c5:89:90:17:f3:3b:aa:
8f:3d:b6:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPKl0uweBjfApBYMj5b997UJ8Ov0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzEwMjJaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiMGNkOTgxYjdmZTRhNmFiMDM5OTk5NDY3ZDcxYTUzODRlMmQ5NTNkNTg0
NjM2OWI3Mjk3Nzk0YTBmNjFkYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANKedl0VXb7uFWFDrwxz+nhv4awiDRBwQaT2yzM+AWa2VUg+x9SEn+ifdHGI
5xFImmQzCgHJjXTU6HAYme7d4gJdUABTRYuKMK86lihabjbaKI/7HEm5yJvAjsww
cEn/ULDjDKMUB58sbS+AeBLtgn6hMqKKtf14bwzEQS80/bw1HF43yYYMfLgwbAeL
xv/2SrgpUY/AHIadm6ylU1OsAiwQiz6RUph1duyB0MxMxWNiPECdkuuogGFJTRDY
xGpadgkINLE2ib5c4Jl477YsgSWa95IeYw/OYniuK54MvRiBuu90KLvdQE+8jiRE
rEO3AEZ63JulJR8IdJfJ3II29A0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTxhdOl
guiKG15lCOrZjeE1Ant4HDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWNkYWQxY2MtNjQxYS00MTg3LTliNzktZmM2OTZjYjUzNWY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8I
MA0GCSqGSIb3DQEBCwUAA4IBAQA177xHdVSmZNr91UWSz56aANXnBi2C+7g4uVN2
q8Ztj2jSwykLixjKCXe5Hl2GvmpxDHZRP9GoGBzaznP0XjrZQ28VOJu5An6gZLkj
xf5P2TN3C4SwolzcTwFDSm82WtE0tvjiL8urK/YSQNKUFQvLwIIbrREzDOheEoo6
e3dbKgI5hCM0Nn34OhA5oRealky3qx0f+53Sh/YcgKVXs9eAA0Xtn1dfAI1fbWZ0
G0FpJ7KOHwC8R75aLz/G7H9x0HH7xVsBMbQM9pRMoK6EVgiN2HAEkx9lZkScFEUj
4amfLd1NP2TtP/D7Q/PMS9S4FcQdEG6h+cWJkBfzO6qPPbaD
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:57:59 2025 by rpki-client