Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b11a093-87c1-4dc3-b6a7-b701618ae3ce.roa
File: 1b11a093-87c1-4dc3-b6a7-b701618ae3ce.roa (raw, json)
Hash identifier: Qb2cSZy+K8ZrnJ5gctVlK6aDHkbP6/V7tejkSqmSufc=
Subject key identifier: 30:85:22:2A:84:18:17:33:1A:55:15:44:37:6B:21:83:96:3F:63:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78C6D9614E706B964DD0BD43C9FA3CB171259909
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b11a093-87c1-4dc3-b6a7-b701618ae3ce.roa
Signing time: Thu 04 Sep 2025 19:52:01 +0000
ROA not before: Thu 04 Sep 2025 19:52:01 +0000
ROA not after: Thu 09 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d034:60c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:c6:d9:61:4e:70:6b:96:4d:d0:bd:43:c9:fa:3c:b1:71:25:99:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 4 19:52:01 2025 GMT
Not After : Oct 9 23:59:59 2025 GMT
Subject: serialNumber=e2e5aa93f06ab1832e1307e6541cd4f5ecf7dba442b09e69e3ead054f6adac8e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ae:d4:58:aa:14:14:f8:99:d7:43:3f:71:61:
3a:64:b5:70:6c:dc:01:d4:e3:36:d8:5d:f5:01:64:
7a:fb:60:f4:ea:66:df:67:ef:31:dc:47:1a:61:13:
09:bd:2e:1c:05:9d:96:15:cf:04:e4:9c:e7:a7:c0:
c3:3b:e5:fe:56:ce:20:a9:de:be:37:42:32:79:36:
78:90:cf:79:93:4c:7e:9e:a4:9e:82:7c:71:14:9c:
a3:45:18:ae:8b:22:89:bd:bf:89:9a:5e:78:1f:18:
0f:e9:f6:76:d5:58:52:da:ca:00:54:71:25:dd:18:
7f:9a:0a:5c:6e:ed:69:29:20:46:58:1c:eb:97:85:
e1:e5:73:52:34:7b:ef:ff:46:a7:62:58:e6:c5:3a:
58:79:d3:cf:7a:6a:a8:ff:26:44:79:73:81:6c:e2:
3d:d1:7e:f5:d4:fc:c2:10:46:85:a3:c0:c9:30:ab:
af:74:c3:bf:92:43:d4:1d:ae:8a:5c:93:17:21:8b:
aa:74:4f:31:f5:35:e9:ca:6a:9d:ba:8b:e0:4e:79:
11:5b:6d:cf:d5:e2:a8:66:cb:69:30:2c:50:a5:d8:
f3:88:f2:3e:42:db:f6:c2:35:28:75:94:98:6f:54:
20:c1:cf:31:44:4c:11:0e:a8:26:56:b6:24:4d:b4:
42:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:85:22:2A:84:18:17:33:1A:55:15:44:37:6B:21:83:96:3F:63:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b11a093-87c1-4dc3-b6a7-b701618ae3ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
94:66:12:1f:52:2e:1f:b8:bf:eb:52:5b:24:6d:2c:40:37:f7:
e2:3b:82:d0:e1:33:42:c4:83:49:d3:9c:98:6e:e9:b6:cf:87:
4b:ee:1d:06:29:87:14:87:06:5b:a8:e9:c3:1b:df:87:5b:a9:
f3:c8:3a:d7:7d:5c:d8:b1:4b:bf:84:96:11:39:5c:21:95:5a:
05:f1:e8:5e:b8:4b:ce:26:2b:48:3a:6e:5a:7f:14:e3:0e:1b:
a8:ce:44:26:43:3e:6d:f0:d0:66:7a:df:e9:e8:07:4d:ae:70:
fb:cf:79:b3:c8:ed:7d:7e:ed:b1:77:28:8d:ac:b3:58:9d:d8:
7b:ad:d3:ab:34:07:fa:9e:68:08:14:8e:a4:f2:31:6c:06:9b:
91:0c:57:21:5d:68:c0:86:60:ff:20:96:f7:d2:9e:0b:f6:32:
92:e2:42:0c:96:1d:13:92:01:22:ac:2f:87:a1:fc:81:6d:26:
fc:45:eb:1e:f7:78:39:22:49:5f:13:41:ca:df:7e:41:b5:45:
9f:f7:2e:48:69:9f:9d:47:47:d2:ca:43:a8:54:c4:87:df:a9:
b8:9b:5a:39:ba:8a:fd:b2:b9:16:1f:c1:47:29:71:f6:38:e6:
7c:ff:13:7c:34:a6:ac:e4:1b:2a:9c:ed:71:05:0d:ef:81:60:
ae:30:bd:b8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeMbZYU5wa5ZN0L1Dyfo8sXElmQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDQxOTUyMDFaFw0yNTEwMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyZTVhYTkzZjA2YWIxODMyZTEzMDdlNjU0MWNkNGY1ZWNmN2RiYTQ0MmIw
OWU2OWUzZWFkMDU0ZjZhZGFjOGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6u1FiqFBT4mddDP3FhOmS1cGzcAdTjNthd9QFkevtg9Opm32fvMdxHGmET
Cb0uHAWdlhXPBOSc56fAwzvl/lbOIKnevjdCMnk2eJDPeZNMfp6knoJ8cRSco0UY
rosiib2/iZpeeB8YD+n2dtVYUtrKAFRxJd0Yf5oKXG7taSkgRlgc65eF4eVzUjR7
7/9Gp2JY5sU6WHnTz3pqqP8mRHlzgWziPdF+9dT8whBGhaPAyTCrr3TDv5JD1B2u
ilyTFyGLqnRPMfU16cpqnbqL4E55EVttz9XiqGbLaTAsUKXY84jyPkLb9sI1KHWU
mG9UIMHPMURMEQ6oJla2JE20Qv0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQwhSIq
hBgXMxpVFUQ3ayGDlj9j2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWIxMWEwOTMtODdjMS00ZGMzLWI2YTctYjcwMTYxOGFlM2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
wDANBgkqhkiG9w0BAQsFAAOCAQEAlGYSH1IuH7i/61JbJG0sQDf34juC0OEzQsSD
SdOcmG7pts+HS+4dBimHFIcGW6jpwxvfh1up88g6131c2LFLv4SWETlcIZVaBfHo
XrhLziYrSDpuWn8U4w4bqM5EJkM+bfDQZnrf6egHTa5w+895s8jtfX7tsXcojayz
WJ3Ye63TqzQH+p5oCBSOpPIxbAabkQxXIV1owIZg/yCW99KeC/YykuJCDJYdE5IB
Iqwvh6H8gW0m/EXrHvd4OSJJXxNByt9+QbVFn/cuSGmfnUdH0spDqFTEh9+puJta
ObqK/bK5Fh/BRylx9jjmfP8TfDSmrOQbKpztcQUN74FgrjC9uA==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:08 2025 by rpki-client