Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
File: 2678e5d7-5995-4791-9318-f087e83654a9.roa (raw, json)
Hash identifier: AJ6BWqkhZSKLFOadApt0XeB26Gxmyot3kDt+B8MMUME=
Subject key identifier: A3:21:E4:64:5D:30:F3:CE:B2:CD:77:84:4C:36:0D:47:49:F0:75:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A61308D5057AEBBC9C813EA6DF40E19F8867A4C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
Signing time: Tue 29 Jul 2025 18:30:16 +0000
ROA not before: Tue 29 Jul 2025 18:30:16 +0000
ROA not after: Tue 02 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:e000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:61:30:8d:50:57:ae:bb:c9:c8:13:ea:6d:f4:0e:19:f8:86:7a:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 29 18:30:16 2025 GMT
Not After : Sep 2 23:59:59 2025 GMT
Subject: serialNumber=1aaf75140afc805b59815670c20322fa24afcacb0915dcfb9441cca3acf0bf90, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5d:1d:a1:c1:37:15:15:7e:da:5b:cc:0f:50:
97:5d:26:09:20:7e:74:1b:22:f9:91:4a:4b:ad:f2:
e7:90:a6:a1:f1:99:47:2f:81:7e:8c:0d:ba:0e:20:
47:ce:66:6f:5d:41:36:a8:eb:8e:e8:84:d1:c9:7d:
f1:40:e7:e2:f3:5a:f0:13:d5:ba:5a:0f:25:0e:9a:
39:85:65:73:3d:16:15:31:8c:d3:d5:df:60:42:a8:
cc:f7:21:e5:69:2d:cd:41:73:46:fb:3a:8c:a2:f8:
6a:ae:56:87:b6:b1:cc:11:0d:54:ef:fc:8a:23:ae:
7d:4b:9d:04:84:1f:67:c3:62:45:9d:95:d9:b4:6f:
6f:26:e0:03:d2:e1:fe:60:d8:d4:f5:e0:40:aa:a2:
0f:63:ab:99:5a:ae:c3:f5:c3:a9:eb:97:ba:93:da:
a0:65:12:52:dd:ce:f0:98:4a:31:01:f7:19:e0:1e:
00:9e:a6:d0:38:32:b0:78:94:97:6d:53:59:5c:6b:
3b:a1:98:20:8e:ac:bc:02:1a:e6:d7:1f:d1:c7:a6:
ae:51:d0:bf:0d:ea:5e:e8:d8:86:fb:83:0e:fe:90:
a5:e5:00:90:0f:9a:26:07:70:b4:67:ff:71:fa:48:
72:c7:7e:38:d8:d7:54:19:f6:dd:ec:f2:1b:3e:ad:
50:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:21:E4:64:5D:30:F3:CE:B2:CD:77:84:4C:36:0D:47:49:F0:75:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:e000::/48
Signature Algorithm: sha256WithRSAEncryption
4c:c2:71:f8:68:6c:43:a7:33:45:99:cf:cb:3a:b7:18:c9:67:
9a:a4:de:f0:cf:a7:9c:da:2e:cf:9d:cb:a0:ea:40:fb:86:f0:
09:ec:20:f4:b8:9e:11:88:25:49:6a:a4:d0:61:51:c7:3f:e3:
8a:9f:69:20:05:51:ad:6d:b4:d2:18:ee:4f:9c:89:b6:86:4d:
0e:b4:66:d5:c1:32:68:a6:ba:17:d2:86:b2:bd:ef:c7:e2:fd:
e0:26:9d:54:e8:e8:75:68:52:b7:eb:21:d6:07:d5:80:c7:fb:
0d:8f:f8:ea:7d:3a:6e:7f:1c:15:19:da:71:a4:07:bc:cb:49:
b7:a4:8c:02:7c:ba:c5:25:a5:18:40:36:01:22:d9:23:0a:7d:
49:79:a5:c4:a7:36:04:c5:fa:be:16:d5:cf:b8:50:6f:02:7f:
ce:74:63:71:90:19:bb:7d:b9:c8:d1:af:76:12:98:98:2c:be:
f6:d0:34:a8:05:9a:33:ab:00:23:db:cd:3f:a4:41:fc:42:b3:
0b:d8:e5:be:e1:b0:0f:dd:50:0d:0c:ea:bf:34:af:f8:00:f7:
16:d3:ef:63:7c:55:4b:66:13:ff:29:e2:d6:b2:87:02:2c:70:
cb:b3:36:5c:08:4e:f3:28:1e:76:5f:21:24:38:26:9a:ec:5f:
fc:d9:cb:2b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUemEwjVBXrrvJyBPqbfQOGfiGekwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjkxODMwMTZaFw0yNTA5MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhYWY3NTE0MGFmYzgwNWI1OTgxNTY3MGMyMDMyMmZhMjRhZmNhY2IwOTE1
ZGNmYjk0NDFjY2EzYWNmMGJmOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALldHaHBNxUVftpbzA9Ql10mCSB+dBsi+ZFKS63y55CmofGZRy+BfowNug4g
R85mb11BNqjrjuiE0cl98UDn4vNa8BPVuloPJQ6aOYVlcz0WFTGM09XfYEKozPch
5WktzUFzRvs6jKL4aq5Wh7axzBENVO/8iiOufUudBIQfZ8NiRZ2V2bRvbybgA9Lh
/mDY1PXgQKqiD2OrmVquw/XDqeuXupPaoGUSUt3O8JhKMQH3GeAeAJ6m0DgysHiU
l21TWVxrO6GYII6svAIa5tcf0cemrlHQvw3qXujYhvuDDv6QpeUAkA+aJgdwtGf/
cfpIcsd+ONjXVBn23ezyGz6tUB0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSjIeRk
XTDzzrLNd4RMNg1HSfB19TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjY3OGU1ZDctNTk5NS00NzkxLTkzMTgtZjA4N2U4MzY1NGE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Hbg
ADANBgkqhkiG9w0BAQsFAAOCAQEATMJx+GhsQ6czRZnPyzq3GMlnmqTe8M+nnNou
z53LoOpA+4bwCewg9LieEYglSWqk0GFRxz/jip9pIAVRrW200hjuT5yJtoZNDrRm
1cEyaKa6F9KGsr3vx+L94CadVOjodWhSt+sh1gfVgMf7DY/46n06bn8cFRnacaQH
vMtJt6SMAny6xSWlGEA2ASLZIwp9SXmlxKc2BMX6vhbVz7hQbwJ/znRjcZAZu325
yNGvdhKYmCy+9tA0qAWaM6sAI9vNP6RB/EKzC9jlvuGwD91QDQzqvzSv+AD3FtPv
Y3xVS2YT/yni1rKHAixwy7M2XAhO8ygedl8hJDgmmuxf/NnLKw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:21:45 2025 by rpki-client