Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
File: 278dd4fa-de02-446c-a4ac-184c5f35a577.roa (raw, json)
Hash identifier: ILgp/H6W+rpVugW4ibZioQFXnR62Ch5W0dE1v3Uq1Gc=
Subject key identifier: 3C:FB:07:61:6F:88:B1:C0:F2:C7:FE:11:6B:98:2B:5F:C5:F8:87:05
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 405D55ECC4C4CBC585E0E03642868DD90EF00B64
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
Signing time: Tue 05 Aug 2025 19:21:07 +0000
ROA not before: Tue 05 Aug 2025 19:21:07 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:5d:55:ec:c4:c4:cb:c5:85:e0:e0:36:42:86:8d:d9:0e:f0:0b:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:21:07 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=2435c7a3edaf98d9fd36276ece28f4619d7417a2ad2d7dc8d5f79cf0f2386972, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:00:bc:a6:8c:5a:6b:b0:fd:20:58:08:17:86:
e7:96:a6:08:2b:db:b9:b8:6e:e6:86:46:70:c9:f2:
9d:5c:b9:f2:17:46:85:c1:44:ee:d6:c9:a9:d9:3c:
61:a6:d0:94:13:83:f5:d9:fb:08:d1:14:c8:af:2b:
37:81:c0:1c:d7:6f:c8:52:56:ae:5e:b3:ce:30:b8:
61:74:e3:cf:12:c5:e5:e9:f8:7d:ba:56:46:d9:a8:
ab:d1:42:31:70:60:ec:e7:07:27:09:88:49:16:14:
f7:b0:7b:03:69:35:c2:68:f0:b0:2f:e4:b7:25:85:
10:df:26:ae:e5:93:cc:3b:3a:e9:6f:5a:9c:35:a9:
58:6f:97:7b:2b:14:21:40:66:90:ea:90:27:39:7a:
44:0c:7a:dc:05:c2:59:b3:38:97:0a:8c:74:cb:1d:
5c:40:c1:42:29:d1:62:e4:ce:eb:f6:44:71:bf:00:
a2:0e:a1:cf:1e:7a:16:0f:99:8c:c2:d5:e2:82:46:
73:8f:f8:25:d8:f8:19:ca:e5:f5:4c:03:be:2f:8e:
a8:c3:7e:7f:71:83:d5:23:cb:ea:ae:fa:33:27:25:
72:d2:a4:6a:89:be:cd:9f:66:57:0a:01:fa:93:44:
68:64:5c:10:81:33:a5:f5:4e:9f:23:eb:79:52:91:
66:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:FB:07:61:6F:88:B1:C0:F2:C7:FE:11:6B:98:2B:5F:C5:F8:87:05
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a000::/40
Signature Algorithm: sha256WithRSAEncryption
45:f1:c0:25:cd:9d:34:31:05:48:43:ad:2f:b3:5c:35:07:fc:
33:c7:5e:a3:94:ae:c5:67:fd:76:38:85:56:b2:51:25:fb:52:
54:6c:e3:a1:95:24:63:1d:db:6a:5c:46:26:54:30:85:58:9d:
64:2e:6b:d6:74:d2:c6:a1:26:56:10:c8:97:f6:44:5f:4a:04:
cb:27:21:25:9a:b2:cf:95:14:21:dd:a1:59:74:20:35:5b:80:
46:37:03:17:8f:5a:a8:25:69:64:01:43:13:aa:0e:4a:e8:d2:
84:e6:b2:b8:3d:ec:6c:9e:96:ad:ec:a7:e6:12:5c:3f:db:a6:
46:e7:5e:e2:84:b0:08:0b:35:c3:1c:3c:62:18:76:9d:26:d2:
b4:50:e5:11:2c:de:70:87:e6:83:1b:7d:17:1d:aa:a2:11:af:
4a:5b:2c:6d:a1:df:3b:10:19:fd:7c:e2:3f:e0:76:cb:db:b2:
eb:72:54:c0:f6:66:2b:65:fb:d6:29:b3:bd:84:ce:18:b7:69:
9c:d3:f1:85:67:01:f3:47:5d:6b:06:4a:a1:1f:1d:a7:07:f4:
72:5a:a3:ee:c0:3e:70:c8:56:00:66:b8:00:aa:e4:70:7c:aa:
13:bc:da:0d:37:0b:3a:b1:3f:9a:dc:54:5b:2f:5c:c2:62:90:
5a:e8:89:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQF1V7MTEy8WF4OA2QoaN2Q7wC2QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIxMDdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0MzVjN2EzZWRhZjk4ZDlmZDM2Mjc2ZWNlMjhmNDYxOWQ3NDE3YTJhZDJk
N2RjOGQ1Zjc5Y2YwZjIzODY5NzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsAvKaMWmuw/SBYCBeG55amCCvbubhu5oZGcMnynVy58hdGhcFE7tbJqdk8
YabQlBOD9dn7CNEUyK8rN4HAHNdvyFJWrl6zzjC4YXTjzxLF5en4fbpWRtmoq9FC
MXBg7OcHJwmISRYU97B7A2k1wmjwsC/ktyWFEN8mruWTzDs66W9anDWpWG+XeysU
IUBmkOqQJzl6RAx63AXCWbM4lwqMdMsdXEDBQinRYuTO6/ZEcb8Aog6hzx56Fg+Z
jMLV4oJGc4/4Jdj4Gcrl9UwDvi+OqMN+f3GD1SPL6q76MyclctKkaom+zZ9mVwoB
+pNEaGRcEIEzpfVOnyPreVKRZvcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8+wdh
b4ixwPLH/hFrmCtfxfiHBTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc4ZGQ0ZmEtZGUwMi00NDZjLWE0YWMtMTg0YzVmMzVhNTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+g
MA0GCSqGSIb3DQEBCwUAA4IBAQBF8cAlzZ00MQVIQ60vs1w1B/wzx16jlK7FZ/12
OIVWslEl+1JUbOOhlSRjHdtqXEYmVDCFWJ1kLmvWdNLGoSZWEMiX9kRfSgTLJyEl
mrLPlRQh3aFZdCA1W4BGNwMXj1qoJWlkAUMTqg5K6NKE5rK4Pexsnpat7KfmElw/
26ZG517ihLAICzXDHDxiGHadJtK0UOURLN5wh+aDG30XHaqiEa9KWyxtod87EBn9
fOI/4HbL27LrclTA9mYrZfvWKbO9hM4Yt2mc0/GFZwHzR11rBkqhHx2nB/RyWqPu
wD5wyFYAZrgAquRwfKoTvNoNNws6sT+a3FRbL1zCYpBa6ImR
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:44:44 2025 by rpki-client