Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
File: 278dd4fa-de02-446c-a4ac-184c5f35a577.roa (raw, json)
Hash identifier: 2kLdJ2HGUVS1movaJdEcpcMbd8y9ou6Ul5Al3dzyqsg=
Subject key identifier: 94:10:3A:53:84:43:0F:F7:64:12:08:90:B4:37:F1:3A:8A:E2:B2:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 476B10CBBA8BB0AB00335146D5EE9C10B2101F39
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
Signing time: Mon 01 Sep 2025 20:21:04 +0000
ROA not before: Mon 01 Sep 2025 20:21:04 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:6b:10:cb:ba:8b:b0:ab:00:33:51:46:d5:ee:9c:10:b2:10:1f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:21:04 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=65b35e90570ec05b842af3f3ab70f1759446c8921a02a3716bbf16a41259dbbc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f9:45:22:9f:e0:3a:ce:91:d1:04:ae:3d:d9:
aa:3b:28:5c:c9:8b:d4:38:ed:8a:03:b8:4a:16:2d:
77:eb:70:57:16:9a:b3:14:e4:eb:a3:fc:eb:09:79:
ca:c9:61:87:19:71:57:74:84:0c:ea:b8:aa:f8:24:
4f:3e:7a:c9:f5:f4:38:6c:60:61:9f:b7:a5:0d:0e:
9d:cd:78:c6:09:fd:60:53:b0:89:42:82:7d:f1:bc:
86:da:66:8c:ad:56:a4:8a:d5:55:1f:2b:ec:1a:83:
57:09:39:7b:6c:84:63:18:47:85:64:90:9d:90:de:
e1:78:ae:80:0c:c9:b2:52:c5:7f:c4:b0:8d:0d:3c:
73:17:d0:e1:14:cd:d8:1a:c1:61:c7:43:60:96:48:
62:f8:7b:f8:b3:9d:be:e3:2e:bc:d1:bf:1a:91:ab:
17:7d:f1:a5:80:64:ad:5e:0f:7c:40:e5:ca:f7:51:
76:2e:e3:39:63:5a:8b:84:c0:be:09:fc:e2:32:9b:
01:ea:11:fc:fc:eb:01:16:19:c4:67:27:28:6d:f1:
ae:b4:d7:cd:1e:1f:a7:4b:3a:ef:a6:82:be:05:0f:
21:81:a8:86:35:49:81:7d:98:98:3b:1e:c8:5f:68:
98:ea:9f:73:10:a8:d3:0b:1e:ea:13:fe:0e:f9:89:
14:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:10:3A:53:84:43:0F:F7:64:12:08:90:B4:37:F1:3A:8A:E2:B2:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a000::/40
Signature Algorithm: sha256WithRSAEncryption
03:3a:55:b5:cc:0e:5b:d4:20:95:cd:9d:4b:19:ea:c8:c6:d2:
a3:65:ed:45:74:0b:4b:03:d3:b5:64:bc:f6:01:e1:a6:33:8f:
c8:53:a9:7c:42:ec:67:59:35:18:6c:ab:de:54:1f:c4:a5:d1:
ee:c4:4c:20:f0:1a:6e:d3:ad:bf:90:1b:1f:4e:4f:72:49:03:
fb:b9:fd:77:08:45:43:f8:d5:fe:ec:f8:23:34:9f:51:71:ae:
ee:44:51:7f:4d:fb:b1:d2:96:96:7d:41:62:3f:e1:19:76:ca:
a8:65:5d:7c:fe:f7:4d:95:35:42:a4:75:f8:10:a7:95:75:af:
ea:e2:11:0b:5d:58:3f:19:bc:14:33:ee:4c:b1:be:1b:64:f0:
56:8c:a0:06:6e:ab:01:bb:38:4e:63:3f:c3:98:88:4b:c1:fc:
3b:59:63:6b:37:36:3d:a4:bb:7e:15:de:8e:c6:99:a7:ed:fe:
a8:13:75:db:c9:5e:30:a1:49:60:45:0d:80:2d:27:8d:cc:6f:
69:32:b4:43:5c:98:b4:8c:d8:24:35:3b:31:e8:6e:9e:6e:4a:
e1:de:48:24:de:08:cf:fb:c2:c9:85:0a:ef:c4:f8:08:e7:51:
f7:1b:f0:08:95:db:98:20:60:fc:2f:b3:a9:60:0e:49:91:f5:
88:63:29:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR2sQy7qLsKsAM1FG1e6cELIQHzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIxMDRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1YjM1ZTkwNTcwZWMwNWI4NDJhZjNmM2FiNzBmMTc1OTQ0NmM4OTIxYTAy
YTM3MTZiYmYxNmE0MTI1OWRiYmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK75RSKf4DrOkdEErj3ZqjsoXMmL1DjtigO4ShYtd+twVxaasxTk66P86wl5
yslhhxlxV3SEDOq4qvgkTz56yfX0OGxgYZ+3pQ0Onc14xgn9YFOwiUKCffG8htpm
jK1WpIrVVR8r7BqDVwk5e2yEYxhHhWSQnZDe4XiugAzJslLFf8SwjQ08cxfQ4RTN
2BrBYcdDYJZIYvh7+LOdvuMuvNG/GpGrF33xpYBkrV4PfEDlyvdRdi7jOWNai4TA
vgn84jKbAeoR/PzrARYZxGcnKG3xrrTXzR4fp0s676aCvgUPIYGohjVJgX2YmDse
yF9omOqfcxCo0wse6hP+DvmJFE8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSUEDpT
hEMP92QSCJC0N/E6iuKyhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc4ZGQ0ZmEtZGUwMi00NDZjLWE0YWMtMTg0YzVmMzVhNTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+g
MA0GCSqGSIb3DQEBCwUAA4IBAQADOlW1zA5b1CCVzZ1LGerIxtKjZe1FdAtLA9O1
ZLz2AeGmM4/IU6l8QuxnWTUYbKveVB/EpdHuxEwg8Bpu062/kBsfTk9ySQP7uf13
CEVD+NX+7PgjNJ9Rca7uRFF/Tfux0paWfUFiP+EZdsqoZV18/vdNlTVCpHX4EKeV
da/q4hELXVg/GbwUM+5Msb4bZPBWjKAGbqsBuzhOYz/DmIhLwfw7WWNrNzY9pLt+
Fd6Oxpmn7f6oE3XbyV4woUlgRQ2ALSeNzG9pMrRDXJi0jNgkNTsx6G6ebkrh3kgk
3gjP+8LJhQrvxPgI51H3G/AIlduYIGD8L7OpYA5JkfWIYykE
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:11 2025 by rpki-client