Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
File: 6a2f7401-8559-4633-8579-cca77d6fa971.roa (raw, json)
Hash identifier: LIjmkDw3YT7UUpXkTjkHU1kmut7mgUrrO7Q63z9a09k=
Subject key identifier: 7A:15:80:60:81:F1:C6:41:25:62:78:60:68:C6:82:97:FF:34:05:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 106A310BDBADD4908D78CCA786055EB1927813BA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
Signing time: Tue 05 Aug 2025 20:10:17 +0000
ROA not before: Tue 05 Aug 2025 20:10:17 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:6a:31:0b:db:ad:d4:90:8d:78:cc:a7:86:05:5e:b1:92:78:13:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:10:17 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=6d6a7b789229c7fd19f103ded96b236b24b628b7d5b620731aeaedaae1a31444, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a3:3d:d3:66:db:69:9b:83:c6:74:b2:d5:b0:
7e:9a:87:41:cd:63:26:de:8c:57:17:d7:ae:8f:f8:
4c:39:4b:8d:df:6f:06:42:c8:bf:2b:f2:07:26:59:
40:1d:9f:7b:fb:e9:0e:9b:b7:d2:06:d1:65:4d:06:
6d:4b:2a:94:bc:11:28:4b:57:65:41:31:de:8f:88:
ed:86:f9:12:7f:9e:1b:c2:fe:9f:8e:54:79:27:6e:
f6:a0:f7:55:9e:00:2d:d2:b0:70:15:0c:0b:7c:fb:
d2:99:eb:88:4c:06:a7:24:15:27:f4:9a:0f:3f:2b:
f8:0b:20:c9:40:4b:18:05:00:ef:8c:16:16:3a:72:
2e:b1:cb:73:cc:f6:85:10:c2:51:6b:2f:e5:93:5d:
b1:b5:87:bc:b0:d9:19:eb:65:ea:de:13:67:dd:10:
ff:90:c9:9f:2f:37:b2:c7:e1:69:f4:be:57:30:42:
73:31:a3:8b:65:e7:65:dc:db:8c:76:38:47:e3:d6:
29:9b:66:ff:a4:a6:3d:5c:92:65:7c:71:c6:d3:b3:
fa:44:24:f3:ff:e8:5a:2e:7b:30:2d:e2:cb:2b:ba:
91:e8:c0:14:f4:e7:56:09:44:f8:a8:46:00:1f:e4:
db:1c:7a:b2:15:b0:4b:98:f8:d9:d6:f6:83:6c:cc:
f7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:15:80:60:81:F1:C6:41:25:62:78:60:68:C6:82:97:FF:34:05:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a::/36
Signature Algorithm: sha256WithRSAEncryption
62:b1:29:f0:d8:2b:9d:f6:4b:a1:b7:95:7a:1e:4e:ec:05:30:
70:fa:52:95:bb:cf:4e:47:6e:04:9e:93:90:21:9e:ab:33:5a:
da:9c:7d:e1:98:c1:c9:45:4d:38:82:31:d4:23:7b:0a:56:a7:
62:19:f7:37:3f:a0:19:54:99:ac:72:03:9b:56:44:fc:bc:8a:
6c:1f:94:d2:9e:38:7b:59:f6:18:1e:4a:e2:3b:dc:7a:65:2b:
fe:84:2f:17:98:b6:ce:45:0f:4d:81:21:41:88:85:34:9d:c7:
c0:25:dc:7d:35:ce:24:a6:0d:a7:78:4d:7c:ff:8f:2a:9d:7c:
3e:de:0a:88:92:ca:45:3b:8b:a9:da:12:d2:c9:04:8c:89:43:
1c:4d:42:72:e5:2f:90:82:52:56:30:cc:fe:f0:28:40:46:f9:
9e:ee:e2:05:63:3a:36:46:9c:a3:34:e2:89:a2:d9:79:2d:d6:
cc:ff:3d:a5:8f:1d:56:69:b5:a7:b5:44:04:78:a6:b6:28:8d:
c9:e3:d5:8b:29:9b:94:98:f1:3a:1a:cd:c4:83:36:ca:94:86:
01:42:3b:08:ee:f9:61:61:fb:bf:f0:5e:b5:c8:da:58:21:7b:
08:ab:de:34:e8:56:81:65:38:d3:ad:a9:f8:ef:6b:33:0a:c0:
32:15:87:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEGoxC9ut1JCNeMynhgVesZJ4E7owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDEwMTdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkNmE3Yjc4OTIyOWM3ZmQxOWYxMDNkZWQ5NmIyMzZiMjRiNjI4YjdkNWI2
MjA3MzFhZWFlZGFhZTFhMzE0NDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2jPdNm22mbg8Z0stWwfpqHQc1jJt6MVxfXro/4TDlLjd9vBkLIvyvyByZZ
QB2fe/vpDpu30gbRZU0GbUsqlLwRKEtXZUEx3o+I7Yb5En+eG8L+n45UeSdu9qD3
VZ4ALdKwcBUMC3z70pnriEwGpyQVJ/SaDz8r+AsgyUBLGAUA74wWFjpyLrHLc8z2
hRDCUWsv5ZNdsbWHvLDZGetl6t4TZ90Q/5DJny83ssfhafS+VzBCczGji2XnZdzb
jHY4R+PWKZtm/6SmPVySZXxxxtOz+kQk8//oWi57MC3iyyu6kejAFPTnVglE+KhG
AB/k2xx6shWwS5j42db2g2zM92UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR6FYBg
gfHGQSVieGBoxoKX/zQFLDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmEyZjc0MDEtODU1OS00NjMzLTg1NzktY2NhNzdkNmZhOTcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BoA
MA0GCSqGSIb3DQEBCwUAA4IBAQBisSnw2Cud9kuht5V6Hk7sBTBw+lKVu89OR24E
npOQIZ6rM1ranH3hmMHJRU04gjHUI3sKVqdiGfc3P6AZVJmscgObVkT8vIpsH5TS
njh7WfYYHkriO9x6ZSv+hC8XmLbORQ9NgSFBiIU0ncfAJdx9Nc4kpg2neE18/48q
nXw+3gqIkspFO4up2hLSyQSMiUMcTUJy5S+QglJWMMz+8ChARvme7uIFYzo2Rpyj
NOKJotl5LdbM/z2ljx1WabWntUQEeKa2KI3J49WLKZuUmPE6Gs3EgzbKlIYBQjsI
7vlhYfu/8F61yNpYIXsIq9406FaBZTjTran472szCsAyFYds
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:06:54 2025 by rpki-client