Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
File: 77bc679b-5199-43c2-8199-be5c04a6c0d9.roa (raw, json)
Hash identifier: 1aCgyu+3/Q6yrHoS449oyIlgtH4NavamOe0cDd3MBG0=
Subject key identifier: E4:FB:98:60:0E:91:A8:A5:A9:5E:17:3A:76:27:7B:38:30:5B:D6:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78CB65C866D83DE6403CC5609FDA6061ECDB3EEB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
Signing time: Mon 01 Sep 2025 20:21:29 +0000
ROA not before: Mon 01 Sep 2025 20:21:29 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:cb:65:c8:66:d8:3d:e6:40:3c:c5:60:9f:da:60:61:ec:db:3e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:21:29 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2780475c88bd4d1c0b1c9b83f51c4b6f9d60ebbd1d206e45a07acc4c99460cf8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:38:b0:49:69:8b:97:e1:9f:c8:98:f9:bc:9d:
0c:3e:a8:d3:4b:4c:52:7d:b3:de:d9:d4:e6:7d:bd:
c5:94:a0:fd:db:90:f8:f3:69:1a:50:56:0d:00:d6:
80:b0:b2:e6:42:2c:28:a0:90:b2:50:ac:dd:b8:97:
52:4e:44:c5:5e:fc:b3:f6:4d:33:63:49:b8:0b:6e:
7e:3b:95:73:b4:43:64:95:d1:3f:c0:4f:af:aa:a0:
32:52:a3:fa:24:22:2e:5a:18:85:06:3f:c6:e7:eb:
e6:21:e3:40:e7:30:c4:47:51:0d:e6:52:cf:f0:b0:
96:03:40:37:74:c9:e3:34:c3:1a:f9:b9:e1:40:65:
62:90:b2:ff:5b:32:96:e3:8a:2f:a8:59:95:36:c8:
23:b3:75:cc:f2:24:03:34:03:37:4f:e3:25:61:80:
44:c1:0b:d9:cf:12:7a:05:f4:21:1c:4e:56:df:ab:
e7:93:02:c9:24:3d:f4:fd:8d:6c:55:54:f6:bf:00:
da:cd:3e:f5:8b:e8:a5:d8:89:93:6a:40:84:7e:a2:
15:6b:f6:3e:cf:39:08:0d:31:56:f0:20:a1:9e:a7:
be:5b:c8:e0:2d:87:4f:47:91:86:7a:01:95:9a:35:
e3:29:c7:5a:3f:79:3d:36:47:38:8d:04:cd:bc:e7:
ea:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:FB:98:60:0E:91:A8:A5:A9:5E:17:3A:76:27:7B:38:30:5B:D6:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c040::/48
Signature Algorithm: sha256WithRSAEncryption
65:7f:12:b1:e5:26:6d:92:17:76:e8:f0:8d:1f:d1:88:11:75:
04:af:d2:56:78:a2:50:39:a0:7c:b6:57:bc:c1:bb:12:9a:33:
de:be:72:06:c6:be:d6:16:6e:5a:73:f7:16:ac:30:63:2b:b4:
de:98:5a:f3:58:f2:a0:b5:bb:9a:7a:03:07:6a:39:c4:1a:b3:
5e:d6:3b:dc:de:6d:33:9b:5c:29:1b:6b:e3:93:eb:f8:f2:e5:
4b:fc:e5:12:59:d1:d2:7d:c0:91:c4:4f:cf:e3:9f:cf:25:75:
2a:0e:27:56:c7:79:da:1a:15:eb:34:6c:68:7d:85:e5:a7:e5:
b8:3d:14:3a:61:9b:34:07:99:6b:d1:f4:cf:f3:79:50:e6:e8:
4f:19:ba:fc:3c:fa:12:1d:0c:fd:fc:34:8b:57:c6:c7:38:98:
f9:97:65:ac:e0:66:79:b5:53:2a:84:6b:2d:20:d6:e6:80:4b:
91:14:86:5c:1a:13:fb:61:a9:34:a3:5f:11:83:f5:a8:24:fb:
c1:64:c9:ea:46:db:78:3f:ee:ce:b9:71:5a:c7:81:a0:bd:8c:
f6:21:b7:eb:14:03:b6:b9:8b:f6:ee:97:8f:62:2f:36:b1:46:
66:85:21:6a:c5:05:b4:04:b6:ac:21:63:36:25:2b:53:97:a0:
6e:b2:7f:ab
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeMtlyGbYPeZAPMVgn9pgYezbPuswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIxMjlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3ODA0NzVjODhiZDRkMWMwYjFjOWI4M2Y1MWM0YjZmOWQ2MGViYmQxZDIw
NmU0NWEwN2FjYzRjOTk0NjBjZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO44sElpi5fhn8iY+bydDD6o00tMUn2z3tnU5n29xZSg/duQ+PNpGlBWDQDW
gLCy5kIsKKCQslCs3biXUk5ExV78s/ZNM2NJuAtufjuVc7RDZJXRP8BPr6qgMlKj
+iQiLloYhQY/xufr5iHjQOcwxEdRDeZSz/CwlgNAN3TJ4zTDGvm54UBlYpCy/1sy
luOKL6hZlTbII7N1zPIkAzQDN0/jJWGARMEL2c8SegX0IRxOVt+r55MCySQ99P2N
bFVU9r8A2s0+9YvopdiJk2pAhH6iFWv2Ps85CA0xVvAgoZ6nvlvI4C2HT0eRhnoB
lZo14ynHWj95PTZHOI0Ezbzn6gkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTk+5hg
DpGopaleFzp2J3s4MFvWHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzdiYzY3OWItNTE5OS00M2MyLTgxOTktYmU1YzA0YTZjMGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/A
QDANBgkqhkiG9w0BAQsFAAOCAQEAZX8SseUmbZIXdujwjR/RiBF1BK/SVniiUDmg
fLZXvMG7Epoz3r5yBsa+1hZuWnP3FqwwYyu03pha81jyoLW7mnoDB2o5xBqzXtY7
3N5tM5tcKRtr45Pr+PLlS/zlElnR0n3AkcRPz+OfzyV1Kg4nVsd52hoV6zRsaH2F
5afluD0UOmGbNAeZa9H0z/N5UOboTxm6/Dz6Eh0M/fw0i1fGxziY+ZdlrOBmebVT
KoRrLSDW5oBLkRSGXBoT+2GpNKNfEYP1qCT7wWTJ6kbbeD/uzrlxWseBoL2M9iG3
6xQDtrmL9u6Xj2IvNrFGZoUhasUFtAS2rCFjNiUrU5egbrJ/qw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:35 2025 by rpki-client