Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
File: 6f78d89d-1d32-4176-8f3e-9966f674843e.roa (raw, json)
Hash identifier: Xjdrp1sAhZy3V2Pbbnfn37Td0IEdYjBj0G1+Irkukcs=
Subject key identifier: 33:2C:53:68:73:49:84:29:5D:70:EB:37:FD:E4:D6:F4:EE:BB:29:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C44754611D168F86CA0EF1904BA3BBA595A874A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
Signing time: Mon 01 Sep 2025 20:51:34 +0000
ROA not before: Mon 01 Sep 2025 20:51:34 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:44:75:46:11:d1:68:f8:6c:a0:ef:19:04:ba:3b:ba:59:5a:87:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:51:34 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=105005c32a568429606342fbaa9834eea071b37b88d75812e42c03daf0b3e95d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a9:e3:ff:f3:32:6d:55:40:3a:78:3d:66:fe:
e3:c1:5e:be:07:b6:d5:ee:d3:54:5c:e2:e5:fb:a9:
66:cb:c8:00:39:28:db:a6:51:bb:75:ce:e2:b4:26:
7b:98:a3:0a:ea:1d:28:38:50:9d:df:c9:04:a6:1a:
34:79:b9:13:2e:25:52:f9:38:32:d6:f8:4a:68:ee:
3d:1b:2d:c2:cf:1b:26:dc:6d:40:fb:29:08:0a:26:
76:14:23:24:9f:3f:7e:e6:72:9b:67:e7:00:87:42:
93:a9:7e:32:00:0e:0b:21:1f:d1:eb:83:02:d7:bf:
f3:c5:86:c6:b7:df:e5:60:17:f3:e7:d8:0d:20:99:
b9:5e:3d:0a:9b:c4:b3:2c:78:eb:cd:a1:45:6f:2d:
ca:26:f3:65:67:03:ec:5c:16:73:dd:05:fe:af:56:
a4:cb:a4:3b:5d:cc:46:a1:c9:ce:91:55:c6:49:c6:
7e:7b:89:15:8e:b1:8f:54:0e:6a:35:de:2b:c0:88:
19:2a:c4:13:da:4a:32:e7:f4:77:72:12:7e:5c:bd:
85:0c:27:d8:d5:1b:38:e3:75:9c:ea:f2:41:ed:08:
0c:d4:87:00:a8:4f:f8:9c:c3:d5:4b:da:55:c3:1f:
92:33:79:49:3b:64:d8:fe:bf:39:c7:18:66:51:d0:
6f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:2C:53:68:73:49:84:29:5D:70:EB:37:FD:E4:D6:F4:EE:BB:29:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071::/32
Signature Algorithm: sha256WithRSAEncryption
09:bd:80:6f:5d:bf:f4:ad:91:4c:ce:62:e9:1e:47:c7:bc:91:
c6:f5:cc:e1:7d:01:1a:9e:fc:f5:f6:a8:80:2d:96:78:af:c0:
94:c7:a4:92:0f:2d:42:28:bd:a4:8d:d8:db:9c:ae:a6:d8:b4:
e2:e8:f0:64:0b:ed:b2:05:77:b4:b3:03:55:8a:f2:5a:f6:dd:
d6:4a:a7:f0:76:e6:ac:3a:9d:77:cc:b8:ed:fe:47:36:66:f8:
4d:ea:db:1e:96:bb:29:77:cb:30:19:ac:a6:92:8d:e2:5f:d9:
2d:75:2b:0d:13:f4:24:18:40:12:87:35:82:99:9b:18:ad:7f:
91:c8:b8:c3:76:70:93:0f:f3:bf:79:0b:a6:b2:9f:a9:fc:06:
32:bb:28:91:ad:6e:5d:55:ab:12:f3:f5:bd:3f:ed:d8:d9:fa:
b5:83:cd:95:95:a3:6c:cc:4c:1e:e2:bf:48:a7:58:1a:a4:3f:
b4:db:fe:e5:c4:d7:e6:e7:70:0e:6c:92:01:a9:10:89:52:eb:
c5:7d:4e:19:f4:99:ca:aa:2a:65:80:c5:df:b5:2c:03:3f:39:
00:5d:de:73:41:f4:8b:ce:5b:d1:e3:3a:0e:a1:5f:d5:a7:81:
c2:a5:05:0a:ea:61:b7:e6:f0:12:c3:db:b3:25:9f:e7:9f:4f:
72:7c:75:07
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUXER1RhHRaPhsoO8ZBLo7ullah0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUxMzRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwNTAwNWMzMmE1Njg0Mjk2MDYzNDJmYmFhOTgzNGVlYTA3MWIzN2I4OGQ3
NTgxMmU0MmMwM2RhZjBiM2U5NWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKap4//zMm1VQDp4PWb+48Fevge21e7TVFzi5fupZsvIADko26ZRu3XO4rQm
e5ijCuodKDhQnd/JBKYaNHm5Ey4lUvk4Mtb4SmjuPRstws8bJtxtQPspCAomdhQj
JJ8/fuZym2fnAIdCk6l+MgAOCyEf0euDAte/88WGxrff5WAX8+fYDSCZuV49CpvE
syx4682hRW8tyibzZWcD7FwWc90F/q9WpMukO13MRqHJzpFVxknGfnuJFY6xj1QO
ajXeK8CIGSrEE9pKMuf0d3ISfly9hQwn2NUbOON1nOryQe0IDNSHAKhP+JzD1Uva
VcMfkjN5STtk2P6/OccYZlHQb2sCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQzLFNo
c0mEKV1w6zf95Nb07rspOjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmY3OGQ4OWQtMWQzMi00MTc2LThmM2UtOTk2NmY2NzQ4NDNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HEw
DQYJKoZIhvcNAQELBQADggEBAAm9gG9dv/StkUzOYukeR8e8kcb1zOF9ARqe/PX2
qIAtlnivwJTHpJIPLUIovaSN2NucrqbYtOLo8GQL7bIFd7SzA1WK8lr23dZKp/B2
5qw6nXfMuO3+RzZm+E3q2x6Wuyl3yzAZrKaSjeJf2S11Kw0T9CQYQBKHNYKZmxit
f5HIuMN2cJMP8795C6ayn6n8BjK7KJGtbl1VqxLz9b0/7djZ+rWDzZWVo2zMTB7i
v0inWBqkP7Tb/uXE1+bncA5skgGpEIlS68V9Thn0mcqqKmWAxd+1LAM/OQBd3nNB
9IvOW9HjOg6hX9WngcKlBQrqYbfm8BLD27Mln+efT3J8dQc=
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:03 2025 by rpki-client