Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
File: a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa (raw, json)
Hash identifier: 9FLHR0l2moqCHvJX+4ayTuwPb8ROJV3f5V2VPaotNgQ=
Subject key identifier: 58:34:10:90:4B:84:BB:38:F5:8F:26:FD:95:67:4E:48:21:BC:0A:12
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6807D88B3883B60843744CD59B0B54D0A66C1C9E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
Signing time: Fri 25 Jul 2025 16:50:38 +0000
ROA not before: Fri 25 Jul 2025 16:50:38 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:07:d8:8b:38:83:b6:08:43:74:4c:d5:9b:0b:54:d0:a6:6c:1c:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:50:38 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=365fc88c3ac3a7ba630fc949d35d38eca3eb522c8988a9be14f711fa3903455b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:80:6b:82:20:08:ae:93:28:5f:c1:42:ae:6e:
0f:6e:fe:24:50:d6:8a:12:bb:14:94:98:cd:0d:98:
c8:51:7a:1f:86:08:1f:c6:50:53:02:78:c6:e2:4c:
78:70:ca:e7:c5:61:65:5f:b9:ff:c5:c3:2a:ee:18:
d1:07:a9:06:cc:a9:19:92:9b:96:8b:74:ce:8d:3c:
0e:3d:65:39:ab:37:9c:0d:97:55:3c:7c:dc:3a:22:
ee:21:b7:db:ca:0b:22:bc:87:08:ad:1e:66:ff:ca:
24:fa:38:0a:7c:be:f7:f2:3b:b7:01:17:a0:4d:67:
cb:19:0b:67:0b:4d:43:43:ba:da:b6:e3:cf:9d:0a:
22:10:0b:a2:cf:a2:00:f9:98:23:ec:a2:8a:d4:fb:
82:3f:b4:0a:43:03:12:2a:07:51:7d:e7:f5:fb:1d:
31:24:1f:3b:be:a0:54:19:28:44:51:7c:05:c3:65:
27:02:cf:61:94:23:0c:35:db:20:09:2f:78:67:9d:
1f:8f:ba:6d:3a:3a:7f:2e:dd:65:2a:6b:1f:1e:26:
32:97:19:6e:89:13:c3:e2:40:e7:e1:e1:35:92:72:
85:70:49:50:5d:2d:eb:77:d3:4c:94:c4:50:cb:d3:
53:e7:56:ae:26:cc:67:15:6b:70:44:8f:4e:2d:cd:
a4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:34:10:90:4B:84:BB:38:F5:8F:26:FD:95:67:4E:48:21:BC:0A:12
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:b000::/40
Signature Algorithm: sha256WithRSAEncryption
5f:5f:c4:cc:8c:9b:b0:25:0b:4e:e3:ae:28:97:ab:31:b5:2a:
19:48:cf:46:fe:25:cb:4e:9e:76:8c:70:c2:89:a6:4a:10:72:
e7:d7:17:ff:80:3a:e6:53:9e:48:90:45:be:78:ca:d7:59:b5:
56:90:26:4e:d0:fb:de:2a:dc:1b:7a:72:10:96:bb:a3:31:f1:
1a:29:57:22:0c:fb:f5:05:cc:2e:0b:c0:46:c8:5e:fa:a1:2d:
7f:ae:fd:40:6d:91:12:bd:ae:cc:7d:57:6a:a3:62:a9:79:0f:
5c:d6:3f:b5:d0:bc:8c:20:b1:7f:62:d5:62:18:4e:38:ae:0f:
38:4d:c7:c8:b0:1e:35:bf:45:e6:aa:08:80:48:6b:c6:21:3a:
e8:04:62:d1:b2:1b:83:81:05:db:b6:ca:59:0d:26:e8:10:ff:
c1:d5:5e:d2:b3:26:8e:45:b4:15:c7:8a:e3:55:d7:ae:f0:a4:
00:dc:cb:b8:9b:20:e0:96:83:e0:ce:93:e6:e5:fa:a8:67:4c:
f8:0e:bd:9c:37:88:07:82:1c:2b:a6:1d:2d:b3:9e:6d:36:13:
5e:ad:21:d7:ce:df:77:e6:62:52:2d:52:eb:7b:ea:9c:d6:1e:
55:1a:1e:96:5a:97:d9:ee:bc:55:39:eb:ab:0b:82:e3:43:0c:
b6:91:ad:da
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaAfYiziDtghDdEzVmwtU0KZsHJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUwMzhaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2NWZjODhjM2FjM2E3YmE2MzBmYzk0OWQzNWQzOGVjYTNlYjUyMmM4OTg4
YTliZTE0ZjcxMWZhMzkwMzQ1NWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPWAa4IgCK6TKF/BQq5uD27+JFDWihK7FJSYzQ2YyFF6H4YIH8ZQUwJ4xuJM
eHDK58VhZV+5/8XDKu4Y0QepBsypGZKblot0zo08Dj1lOas3nA2XVTx83Doi7iG3
28oLIryHCK0eZv/KJPo4Cny+9/I7twEXoE1nyxkLZwtNQ0O62rbjz50KIhALos+i
APmYI+yiitT7gj+0CkMDEioHUX3n9fsdMSQfO76gVBkoRFF8BcNlJwLPYZQjDDXb
IAkveGedH4+6bTo6fy7dZSprHx4mMpcZbokTw+JA5+HhNZJyhXBJUF0t63fTTJTE
UMvTU+dWribMZxVrcESPTi3NpIsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRYNBCQ
S4S7OPWPJv2VZ05IIbwKEjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc4YWVmYjQtZDFlYi00YTExLTk4OTktYmY2NzI5ZTE4Y2NkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSw
MA0GCSqGSIb3DQEBCwUAA4IBAQBfX8TMjJuwJQtO464ol6sxtSoZSM9G/iXLTp52
jHDCiaZKEHLn1xf/gDrmU55IkEW+eMrXWbVWkCZO0PveKtwbenIQlrujMfEaKVci
DPv1BcwuC8BGyF76oS1/rv1AbZESva7MfVdqo2KpeQ9c1j+10LyMILF/YtViGE44
rg84TcfIsB41v0XmqgiASGvGITroBGLRshuDgQXbtspZDSboEP/B1V7SsyaORbQV
x4rjVdeu8KQA3Mu4myDgloPgzpPm5fqoZ0z4Dr2cN4gHghwrph0ts55tNhNerSHX
zt935mJSLVLre+qc1h5VGh6WWpfZ7rxVOeurC4LjQwy2ka3a
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:08 2025 by rpki-client