Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
File: 78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa (raw, json)
Hash identifier: yCSgKoCd2TDf5Wj2kqlAIGxYiETCv8JLMZD9VSgWXL4=
Subject key identifier: E8:1C:6E:0C:D7:43:99:57:AA:6D:60:FB:8D:EB:54:1A:DD:2F:6A:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 317180B0E21BDBFE5A6E588BBAB6EAF58E9A362A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
Signing time: Fri 22 Aug 2025 15:10:08 +0000
ROA not before: Fri 22 Aug 2025 15:10:08 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:71:80:b0:e2:1b:db:fe:5a:6e:58:8b:ba:b6:ea:f5:8e:9a:36:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:08 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=34e6eaed752e013f9fd6eee4f539043d81dde0e7e5483abfc05a97c3359c167d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:60:63:89:a7:83:fa:35:d6:7a:d3:aa:e3:62:
62:42:2e:ab:97:01:a4:9a:c6:c2:6e:ec:b3:50:ba:
ce:0b:a2:04:1d:7c:c6:a4:58:ac:3a:d5:08:f1:eb:
f5:50:fe:f5:7f:23:b3:c3:99:3d:78:28:7f:c4:d4:
46:98:a8:36:65:af:30:52:27:1f:96:d9:2e:d1:c9:
e9:43:f5:aa:da:16:ac:cc:7b:61:3c:5a:3c:cd:49:
93:a3:c2:aa:e1:5d:3b:48:e5:70:b3:a1:79:1a:52:
97:87:69:92:e5:6e:fb:32:28:2f:a2:34:3d:1a:62:
3b:0f:33:6d:64:ae:39:20:4e:65:e3:56:94:62:82:
0d:44:3c:30:0a:63:6c:cf:b5:58:69:9d:76:6b:79:
d0:1d:71:ae:fe:d8:3c:11:d7:6b:a8:41:aa:01:09:
82:b7:03:15:31:81:73:12:fd:73:8a:b2:3e:18:69:
df:ca:36:98:39:80:fa:9a:02:20:39:d8:3a:47:51:
5a:68:b4:0d:a7:53:4d:75:8a:08:ba:d7:eb:89:d2:
f9:d1:cc:dd:98:16:c2:eb:2c:04:55:99:99:b2:f5:
09:ee:12:5f:dc:85:ae:f0:f2:7a:fb:89:d0:87:cf:
95:f2:02:21:09:6e:8c:f6:4b:21:61:8f:f0:02:e2:
9b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:1C:6E:0C:D7:43:99:57:AA:6D:60:FB:8D:EB:54:1A:DD:2F:6A:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:c000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:fb:5d:ee:fa:41:13:6f:c1:4b:1e:da:c9:aa:0f:a2:07:1d:
bf:86:c6:71:f6:9c:72:01:33:da:cc:14:15:88:ed:33:18:af:
77:a7:e7:e5:52:ae:a5:f7:ce:ff:ab:54:b4:8c:06:45:c2:f3:
dc:b5:ec:c4:19:e3:5a:44:63:af:0c:fd:5c:44:e8:5a:ee:06:
31:3b:d8:88:03:e6:cd:0a:2b:d5:62:5a:bd:8b:2f:7e:99:b9:
b4:f6:9d:45:18:4b:b2:38:40:a7:ba:61:cb:82:6b:77:c4:ea:
03:b3:57:44:6d:72:3f:e5:b2:02:54:b8:6d:c0:8c:f8:6e:28:
53:fa:ad:88:01:86:ed:44:84:ca:2d:ca:fb:ef:6b:f1:88:37:
8a:93:12:d6:f7:39:8a:af:1b:27:91:51:cf:47:42:c6:d0:7a:
b8:50:78:9b:25:45:8e:e8:b1:ea:af:93:e8:6e:0e:1d:cb:9d:
aa:40:cd:d0:f4:46:bd:2d:68:ff:ff:a3:d8:d2:28:22:f6:ff:
ed:d3:17:b2:36:a1:d3:3d:26:ed:d0:bf:b8:80:33:9c:d4:57:
50:56:8d:59:1c:5f:0b:ad:16:8f:d7:ff:0d:c0:ee:49:0f:41:
fe:49:47:69:52:f8:c8:c8:43:0c:f3:11:f4:d2:00:96:22:42:
67:97:45:36
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMXGAsOIb2/5abliLurbq9Y6aNiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwMDhaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0ZTZlYWVkNzUyZTAxM2Y5ZmQ2ZWVlNGY1MzkwNDNkODFkZGUwZTdlNTQ4
M2FiZmMwNWE5N2MzMzU5YzE2N2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOFgY4mng/o11nrTquNiYkIuq5cBpJrGwm7ss1C6zguiBB18xqRYrDrVCPHr
9VD+9X8js8OZPXgof8TURpioNmWvMFInH5bZLtHJ6UP1qtoWrMx7YTxaPM1Jk6PC
quFdO0jlcLOheRpSl4dpkuVu+zIoL6I0PRpiOw8zbWSuOSBOZeNWlGKCDUQ8MApj
bM+1WGmddmt50B1xrv7YPBHXa6hBqgEJgrcDFTGBcxL9c4qyPhhp38o2mDmA+poC
IDnYOkdRWmi0DadTTXWKCLrX64nS+dHM3ZgWwussBFWZmbL1Ce4SX9yFrvDyevuJ
0IfPlfICIQlujPZLIWGP8ALim5MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBToHG4M
10OZV6ptYPuN61Qa3S9qizAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzgwODVkMGEtZjFhYy00M2I3LWFjNmItYThhZmNmOTc4MmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDA
MA0GCSqGSIb3DQEBCwUAA4IBAQCg+13u+kETb8FLHtrJqg+iBx2/hsZx9pxyATPa
zBQViO0zGK93p+flUq6l987/q1S0jAZFwvPctezEGeNaRGOvDP1cROha7gYxO9iI
A+bNCivVYlq9iy9+mbm09p1FGEuyOECnumHLgmt3xOoDs1dEbXI/5bICVLhtwIz4
bihT+q2IAYbtRITKLcr772vxiDeKkxLW9zmKrxsnkVHPR0LG0Hq4UHibJUWO6LHq
r5Pobg4dy52qQM3Q9Ea9LWj//6PY0igi9v/t0xeyNqHTPSbt0L+4gDOc1FdQVo1Z
HF8LrRaP1/8NwO5JD0H+SUdpUvjIyEMM8xH00gCWIkJnl0U2
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:19 2025 by rpki-client