Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
File: 6f78d89d-1d32-4176-8f3e-9966f674843e.roa (raw, json)
Hash identifier: Oc1WINbBYRWLoMilVhzDQ/UJ+kohvE2O9Aae60KFedM=
Subject key identifier: B3:CC:08:8D:8D:01:DF:4A:71:9B:59:F1:96:82:AE:E3:87:A4:4D:F9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A41783009D3E4D8FF01E7B9385A2811D742F14E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
Signing time: Tue 05 Aug 2025 20:01:22 +0000
ROA not before: Tue 05 Aug 2025 20:01:22 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:41:78:30:09:d3:e4:d8:ff:01:e7:b9:38:5a:28:11:d7:42:f1:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:22 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=d2ad1ca2adfb3ca5a1b018a1d40aa81924bb0fa49d6b774f396467ec5dc0097d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2e:3b:eb:78:dc:ce:05:3f:ba:d8:f2:b7:d2:
03:bd:a5:6b:ad:f3:2b:36:f3:cc:38:c3:e8:70:1d:
6c:ce:fd:2b:d3:10:bb:9b:df:cf:29:d1:03:3b:91:
a2:3e:c7:88:c1:78:39:2b:d6:37:6b:f0:0c:b7:33:
a5:fd:50:d0:0f:d8:a6:b4:95:b5:a7:a9:f9:16:80:
23:a1:f1:4f:71:8c:87:88:dc:30:87:ff:d7:90:06:
c4:6c:82:36:eb:cc:a4:20:ff:59:77:c3:25:e2:c3:
fe:b2:f3:8c:d5:77:3e:d7:00:19:3b:92:ac:a9:15:
58:d3:33:c1:40:20:5e:cc:eb:ec:db:9e:d9:09:23:
04:98:e4:e0:1b:18:96:05:ef:3f:99:86:c4:2f:ce:
9f:e7:04:2f:fb:1e:76:6b:91:71:91:07:f8:1a:64:
cd:dc:d5:0d:4e:82:d1:48:1c:6f:1b:a8:7f:ad:94:
20:a4:14:f7:34:47:f2:0f:26:af:6e:54:10:31:70:
68:f7:b7:e4:81:64:86:d7:45:e7:e3:00:4a:3f:c8:
76:e9:2e:95:e4:d0:3b:c0:e5:f8:24:cb:38:8d:2b:
f3:a9:04:43:3a:c0:36:c0:15:e0:92:02:f2:10:02:
f7:66:ac:f0:93:3d:7c:52:44:83:6b:2b:a4:57:93:
f6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:CC:08:8D:8D:01:DF:4A:71:9B:59:F1:96:82:AE:E3:87:A4:4D:F9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071::/32
Signature Algorithm: sha256WithRSAEncryption
4b:38:1f:0d:5b:a5:d2:83:cc:cc:7b:c3:ea:6d:26:7c:fd:cf:
d5:8a:5c:f3:16:bb:96:42:96:df:25:c0:87:f3:76:f2:a0:a3:
13:b3:44:7b:56:1b:60:32:eb:87:31:a5:48:cc:81:59:0f:6e:
5e:38:c1:cb:34:08:b3:41:42:24:de:33:98:21:62:d2:21:04:
d9:2f:f8:8d:89:93:f8:7f:29:bb:3d:7c:9d:0b:65:c9:39:ce:
8a:e8:3c:ab:79:27:9d:53:95:96:7b:27:28:80:d5:8a:9c:21:
ca:02:ce:33:96:8f:02:bd:19:ce:14:78:26:f8:38:88:5f:29:
2c:24:67:d6:c6:86:32:ac:99:cb:54:b3:58:99:c4:ff:aa:d3:
cc:64:09:2c:5b:a5:2d:4e:6b:15:55:6a:c9:46:6d:b9:63:2e:
41:5e:9a:4b:1c:65:fc:eb:e4:b7:43:38:dd:2a:23:f2:27:9a:
0f:d9:cf:e1:30:aa:ca:90:ab:c9:69:09:13:c6:fd:0b:de:ae:
f9:ff:a7:65:a6:12:41:d4:1d:96:9c:83:66:1d:45:5e:8c:8c:
30:8f:f2:db:5f:a3:76:c6:da:a4:76:8c:af:03:a7:4f:fa:d4:
71:5d:f9:25:93:16:e2:91:b3:8a:60:70:49:33:dd:9f:2e:e3:
c9:2d:3d:2f
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUGkF4MAnT5Nj/Aee5OFooEddC8U4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxMjJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyYWQxY2EyYWRmYjNjYTVhMWIwMThhMWQ0MGFhODE5MjRiYjBmYTQ5ZDZi
Nzc0ZjM5NjQ2N2VjNWRjMDA5N2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQuO+t43M4FP7rY8rfSA72la63zKzbzzDjD6HAdbM79K9MQu5vfzynRAzuR
oj7HiMF4OSvWN2vwDLczpf1Q0A/YprSVtaep+RaAI6HxT3GMh4jcMIf/15AGxGyC
NuvMpCD/WXfDJeLD/rLzjNV3PtcAGTuSrKkVWNMzwUAgXszr7Nue2QkjBJjk4BsY
lgXvP5mGxC/On+cEL/sedmuRcZEH+BpkzdzVDU6C0Ugcbxuof62UIKQU9zRH8g8m
r25UEDFwaPe35IFkhtdF5+MASj/IdukuleTQO8Dl+CTLOI0r86kEQzrANsAV4JIC
8hAC92as8JM9fFJEg2srpFeT9ikCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSzzAiN
jQHfSnGbWfGWgq7jh6RN+TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmY3OGQ4OWQtMWQzMi00MTc2LThmM2UtOTk2NmY2NzQ4NDNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HEw
DQYJKoZIhvcNAQELBQADggEBAEs4Hw1bpdKDzMx7w+ptJnz9z9WKXPMWu5ZClt8l
wIfzdvKgoxOzRHtWG2Ay64cxpUjMgVkPbl44wcs0CLNBQiTeM5ghYtIhBNkv+I2J
k/h/Kbs9fJ0LZck5zoroPKt5J51TlZZ7JyiA1YqcIcoCzjOWjwK9Gc4UeCb4OIhf
KSwkZ9bGhjKsmctUs1iZxP+q08xkCSxbpS1OaxVVaslGbbljLkFemkscZfzr5LdD
ON0qI/Inmg/Zz+EwqsqQq8lpCRPG/Qvervn/p2WmEkHUHZacg2YdRV6MjDCP8ttf
o3bG2qR2jK8Dp0/61HFd+SWTFuKRs4pgcEkz3Z8u48ktPS8=
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:54:08 2025 by rpki-client