Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
File: 78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa (raw, json)
Hash identifier: sGsv4LM2nlByvPkOxpg/yMaaxwbdkWUpMegYMjinzF0=
Subject key identifier: C9:D5:90:BC:67:5F:8F:08:37:3B:3F:4C:CF:9D:F5:72:2F:E7:0A:B2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11D0B422BB2FF64B2B29AEBF7A94770D46E60654
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
Signing time: Mon 28 Jul 2025 16:10:09 +0000
ROA not before: Mon 28 Jul 2025 16:10:09 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:d0:b4:22:bb:2f:f6:4b:2b:29:ae:bf:7a:94:77:0d:46:e6:06:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:09 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=002aa7bb5898b78ec88ce9c4ce4030994d369ff56ae10c89d8e1cf79578c74a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9e:99:e8:05:1d:68:5b:5d:c3:18:7a:98:a4:
66:30:e3:66:94:02:b0:02:b8:02:38:d5:4e:02:df:
b5:b7:b7:2a:e1:e4:44:43:d5:cc:36:07:7c:10:5a:
4a:33:64:5a:84:c5:14:b7:16:bb:5c:de:40:3a:14:
c6:bd:e4:79:8f:fb:33:f4:9c:a2:2d:e6:34:c5:07:
5c:65:39:9e:07:40:86:0a:5f:ef:01:36:07:ee:25:
ff:29:ef:2f:38:7f:fe:c4:74:6d:19:2a:39:2b:ea:
15:7d:1c:94:06:94:f9:4d:f3:7f:a8:7b:17:9b:a7:
83:95:ef:7f:d4:b0:55:aa:43:fb:6c:15:f6:56:4a:
af:38:cd:8e:b0:52:4b:b5:48:c2:b4:10:07:19:67:
c0:56:d3:c7:cf:54:f3:b2:f5:ac:27:66:80:c4:22:
d5:a6:98:2e:55:ad:aa:97:cd:1f:07:2f:2c:8a:d3:
91:19:fd:21:d2:89:48:37:62:65:cd:2d:a0:1a:da:
1b:12:86:fe:e0:31:a7:ed:e4:d9:e0:a7:73:a1:bb:
4d:8d:bc:1b:ed:1a:3c:a5:ac:14:42:00:90:73:d3:
da:39:33:1a:81:58:7c:07:38:ed:cb:41:2e:41:e8:
b0:f9:f3:f7:8e:0a:0f:b7:18:08:e7:0b:a0:00:d8:
fc:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D5:90:BC:67:5F:8F:08:37:3B:3F:4C:CF:9D:F5:72:2F:E7:0A:B2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:c000::/40
Signature Algorithm: sha256WithRSAEncryption
68:ed:eb:cc:47:47:7f:b6:25:07:4e:c8:a2:74:ea:23:9c:ec:
47:bb:4c:ba:04:f3:64:9a:53:12:33:89:80:3d:e8:cd:45:45:
42:fb:92:8e:dd:32:ea:5f:16:a0:44:18:41:ff:80:07:ff:c9:
d8:e8:76:d1:70:e7:25:96:e7:bd:96:37:1c:bd:6c:6d:56:1e:
b1:16:99:e3:4c:87:83:e6:9b:9f:1d:c8:a4:cb:b0:76:ad:1f:
2c:5b:df:7c:bb:6d:47:74:48:d8:22:d8:cb:da:ed:3a:24:12:
41:ed:56:28:fc:05:41:1f:65:52:df:34:77:bb:a3:cd:b4:60:
3a:8f:99:bd:1f:53:30:40:19:02:70:d4:47:65:30:a3:78:00:
b6:46:2a:a4:de:88:23:32:f7:11:e1:48:c5:07:9e:38:b5:27:
e3:cf:9b:c5:55:bf:79:86:d2:9a:c0:4e:b9:1b:ab:d1:d1:0a:
01:f3:fc:f7:47:ad:a2:16:9f:61:5e:4a:2b:e7:95:51:bb:8b:
85:8d:3d:ec:3a:31:bd:7d:c7:96:19:15:0a:60:e8:26:a5:18:
a9:46:9e:3b:82:c9:8a:63:7d:b1:9f:36:e0:56:7a:db:2c:ca:
cb:e7:d7:ce:bc:54:18:7c:9f:61:9c:44:35:bb:11:0f:d2:84:
65:c5:7b:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEdC0Irsv9ksrKa6/epR3DUbmBlQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMDlaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwMmFhN2JiNTg5OGI3OGVjODhjZTljNGNlNDAzMDk5NGQzNjlmZjU2YWUx
MGM4OWQ4ZTFjZjc5NTc4Yzc0YTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCemegFHWhbXcMYepikZjDjZpQCsAK4AjjVTgLftbe3KuHkREPVzDYHfBBa
SjNkWoTFFLcWu1zeQDoUxr3keY/7M/Scoi3mNMUHXGU5ngdAhgpf7wE2B+4l/ynv
Lzh//sR0bRkqOSvqFX0clAaU+U3zf6h7F5ung5Xvf9SwVapD+2wV9lZKrzjNjrBS
S7VIwrQQBxlnwFbTx89U87L1rCdmgMQi1aaYLlWtqpfNHwcvLIrTkRn9IdKJSDdi
Zc0toBraGxKG/uAxp+3k2eCnc6G7TY28G+0aPKWsFEIAkHPT2jkzGoFYfAc47ctB
LkHosPnz944KD7cYCOcLoADY/F0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJ1ZC8
Z1+PCDc7P0zPnfVyL+cKsjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzgwODVkMGEtZjFhYy00M2I3LWFjNmItYThhZmNmOTc4MmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDA
MA0GCSqGSIb3DQEBCwUAA4IBAQBo7evMR0d/tiUHTsiidOojnOxHu0y6BPNkmlMS
M4mAPejNRUVC+5KO3TLqXxagRBhB/4AH/8nY6HbRcOcllue9ljccvWxtVh6xFpnj
TIeD5pufHciky7B2rR8sW998u21HdEjYItjL2u06JBJB7VYo/AVBH2VS3zR3u6PN
tGA6j5m9H1MwQBkCcNRHZTCjeAC2Riqk3ogjMvcR4UjFB544tSfjz5vFVb95htKa
wE65G6vR0QoB8/z3R62iFp9hXkor55VRu4uFjT3sOjG9fceWGRUKYOgmpRipRp47
gsmKY32xnzbgVnrbLMrL59fOvFQYfJ9hnEQ1uxEP0oRlxXuD
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:52 2025 by rpki-client