Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/71d12ef8-96b3-4cc1-9b5b-b9b598cd18a1.roa
File: 71d12ef8-96b3-4cc1-9b5b-b9b598cd18a1.roa (raw, json)
Hash identifier: gUnYcZwMW7khvTAhqbfDGww0lDC8+a2ePI7Kmc13tR8=
Subject key identifier: 69:30:C4:4E:9D:51:EE:19:B2:8E:98:FC:B3:A1:41:63:FB:22:E7:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6CCE1554FCDFF80A229D463E81BA2DD1FC5310F8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/71d12ef8-96b3-4cc1-9b5b-b9b598cd18a1.roa
Signing time: Thu 04 Sep 2025 19:52:11 +0000
ROA not before: Thu 04 Sep 2025 19:52:11 +0000
ROA not after: Thu 09 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:ce:15:54:fc:df:f8:0a:22:9d:46:3e:81:ba:2d:d1:fc:53:10:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 4 19:52:11 2025 GMT
Not After : Oct 9 23:59:59 2025 GMT
Subject: serialNumber=9f3a17659f687ff7ca66775f9aa0e6a75aa545a7784dd586d3383e03148fbf30, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:6a:88:30:10:de:06:15:39:dd:4b:bf:e3:37:
f7:fa:4b:c7:bd:6e:c5:42:d7:59:95:89:c0:d8:98:
04:ae:e5:2a:de:03:5f:26:ef:59:fa:15:2f:50:71:
78:a1:66:27:49:5f:92:2d:b4:37:66:c8:9c:4e:f1:
2a:81:f8:62:23:e3:bc:0a:a7:ca:a6:7b:e9:7e:5a:
d4:73:d5:6b:b2:9a:53:2f:43:31:62:6e:3d:4c:a1:
a0:b3:95:bb:d7:e5:c4:6f:6c:63:b3:7f:84:45:f1:
1c:8c:03:ed:0e:79:32:11:55:58:78:91:37:11:0c:
5c:7d:40:95:d6:61:04:0b:2b:e0:d9:fa:15:36:b1:
44:f6:46:39:f6:6c:d2:c6:a6:73:39:d3:53:8c:f4:
ea:55:b6:e4:41:6d:88:38:8e:62:c3:f0:6f:73:f0:
07:54:ad:46:cd:6d:8b:a3:34:c0:d2:a2:54:43:9c:
c5:4e:bc:43:94:5e:5e:70:ca:af:49:a1:e1:3f:f9:
02:8a:67:03:4b:44:8c:6d:34:e4:f1:86:7d:7c:eb:
db:55:21:16:06:97:8a:c9:ef:86:03:c9:57:df:5f:
3f:85:7e:94:f4:c9:d5:58:c4:3b:82:08:9b:76:c5:
e6:39:39:50:d6:03:ba:c2:3a:80:a0:e2:ee:ff:2e:
56:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:30:C4:4E:9D:51:EE:19:B2:8E:98:FC:B3:A1:41:63:FB:22:E7:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/71d12ef8-96b3-4cc1-9b5b-b9b598cd18a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6080::/48
Signature Algorithm: sha256WithRSAEncryption
60:1c:a1:63:81:c5:06:d8:33:f4:cb:b5:c9:db:33:e4:cb:c4:
5f:63:82:34:b3:47:b3:da:3f:16:78:d8:6e:62:d3:5c:c4:b2:
46:3a:8e:60:09:0f:f8:6e:2c:45:57:78:f4:7b:84:9e:d1:67:
90:93:06:3b:e5:75:ee:32:9a:a1:5b:ad:ad:6c:43:0a:a0:1f:
a6:e7:ba:24:bb:1f:a3:4a:35:e4:bd:a3:38:1a:0d:bf:e8:46:
11:2e:d8:34:3d:e7:fe:80:6d:e4:40:fd:d0:b5:ee:23:32:b8:
96:31:83:23:3a:b4:04:1c:72:fe:68:68:94:59:da:e4:8c:14:
ef:d9:bb:32:e4:d8:2a:a4:a4:fb:bd:c8:8b:f9:8d:b8:fc:40:
21:64:d9:3d:d5:ec:18:6f:ef:13:59:4c:49:cd:f5:e5:a8:78:
b0:97:be:12:e4:04:bf:5d:92:9c:22:f1:a7:32:4e:c3:3c:fc:
5b:38:0c:36:99:16:0b:f4:39:58:ea:08:3c:b7:38:80:5a:a5:
7d:86:47:b3:35:46:c8:27:da:f7:40:20:55:2b:4e:63:30:9f:
90:e7:78:1c:55:ec:1a:e8:c6:68:8e:3f:8c:20:e8:39:bc:e5:
ca:98:6e:94:fc:97:17:9a:5b:57:cd:a5:ca:0c:f5:2c:e9:e1:
c4:92:2b:5a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbM4VVPzf+AoinUY+gbot0fxTEPgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDQxOTUyMTFaFw0yNTEwMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmM2ExNzY1OWY2ODdmZjdjYTY2Nzc1ZjlhYTBlNmE3NWFhNTQ1YTc3ODRk
ZDU4NmQzMzgzZTAzMTQ4ZmJmMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOBqiDAQ3gYVOd1Lv+M39/pLx71uxULXWZWJwNiYBK7lKt4DXybvWfoVL1Bx
eKFmJ0lfki20N2bInE7xKoH4YiPjvAqnyqZ76X5a1HPVa7KaUy9DMWJuPUyhoLOV
u9flxG9sY7N/hEXxHIwD7Q55MhFVWHiRNxEMXH1AldZhBAsr4Nn6FTaxRPZGOfZs
0samcznTU4z06lW25EFtiDiOYsPwb3PwB1StRs1ti6M0wNKiVEOcxU68Q5ReXnDK
r0mh4T/5AopnA0tEjG005PGGfXzr21UhFgaXisnvhgPJV99fP4V+lPTJ1VjEO4II
m3bF5jk5UNYDusI6gKDi7v8uVs8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRpMMRO
nVHuGbKOmPyzoUFj+yLnpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzFkMTJlZjgtOTZiMy00Y2MxLTliNWItYjliNTk4Y2QxOGExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g
gDANBgkqhkiG9w0BAQsFAAOCAQEAYByhY4HFBtgz9Mu1ydsz5MvEX2OCNLNHs9o/
FnjYbmLTXMSyRjqOYAkP+G4sRVd49HuEntFnkJMGO+V17jKaoVutrWxDCqAfpue6
JLsfo0o15L2jOBoNv+hGES7YND3n/oBt5ED90LXuIzK4ljGDIzq0BBxy/mholFna
5IwU79m7MuTYKqSk+73Ii/mNuPxAIWTZPdXsGG/vE1lMSc315ah4sJe+EuQEv12S
nCLxpzJOwzz8WzgMNpkWC/Q5WOoIPLc4gFqlfYZHszVGyCfa90AgVStOYzCfkOd4
HFXsGujGaI4/jCDoObzlyphulPyXF5pbV82lygz1LOnhxJIrWg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:42 2025 by rpki-client