Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
File: 6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa (raw, json)
Hash identifier: BogDqj0LqETSmQxJDnCwVeaSNFXp+EBxkvYLlgCEFzA=
Subject key identifier: E6:4C:E6:1E:B6:AA:51:AE:D3:9E:90:4B:B1:86:39:CC:1E:8B:70:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1870BF42F065D372AF663AFAF0EA0EFC75B8CFFC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
Signing time: Tue 05 Aug 2025 19:01:37 +0000
ROA not before: Tue 05 Aug 2025 19:01:37 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:70:bf:42:f0:65:d3:72:af:66:3a:fa:f0:ea:0e:fc:75:b8:cf:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:01:37 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=52c9c79029fdd6d2ec905bd67dfe03ed305ab32f39632284fc0af073d20a7b82, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:28:0e:7c:16:c7:bb:c0:9d:47:b7:61:8a:69:
e6:3a:3a:44:79:f8:7d:67:9b:d9:94:1b:0a:50:3a:
87:ff:ac:33:db:64:de:d6:98:ff:d4:52:9e:f2:1c:
b2:26:57:fe:94:0a:d9:9c:0b:8b:88:67:f5:00:c2:
e8:fd:ee:1c:6b:bb:08:dc:27:01:01:6c:54:85:d5:
41:c8:2c:1b:30:d0:a2:c4:96:bc:18:ea:0a:f4:05:
62:3a:13:67:1e:79:b5:a9:21:dd:02:b8:a1:af:2f:
ee:27:32:f3:44:08:7d:bc:88:0b:5d:73:93:ad:4c:
d5:91:45:d9:10:cf:44:5c:70:7e:a1:6d:0f:fe:5f:
ba:6d:e1:19:0b:00:26:4b:d1:fa:96:06:d5:76:ec:
e5:3b:54:f1:77:1b:f1:c5:e0:81:d1:5c:d0:62:a3:
19:c1:da:2b:4c:90:b4:3b:2a:ba:c2:ec:89:27:1d:
d3:65:01:07:74:fe:1f:39:fb:e4:fe:20:98:e9:ce:
91:4e:bd:96:c9:b0:1d:fb:4f:97:86:b3:4f:11:70:
90:84:2f:82:25:2f:3e:91:f4:ad:17:fb:f1:46:e2:
f0:d8:cf:f4:56:05:68:9c:c6:18:5a:96:4d:b2:7c:
1c:5e:ad:0e:86:d9:f4:6b:b4:a8:79:fc:35:83:31:
6f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:4C:E6:1E:B6:AA:51:AE:D3:9E:90:4B:B1:86:39:CC:1E:8B:70:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2080::/48
Signature Algorithm: sha256WithRSAEncryption
a8:44:e6:4d:cb:7a:69:49:af:76:b3:8e:18:ab:e0:1d:7d:59:
9b:54:3e:1a:78:b8:7b:06:49:5f:10:20:66:f4:94:35:c7:d7:
a1:02:5a:e0:5d:4a:db:ec:78:66:6d:fa:1b:99:7a:07:33:1b:
b2:ca:8e:a3:bd:e0:34:57:12:e0:3e:62:ba:36:0f:c0:55:21:
c0:41:f0:ae:98:05:a0:76:b2:58:b3:8e:30:05:ee:bf:df:82:
3b:9f:df:00:55:9c:0f:df:5c:dd:e9:6f:3f:63:93:15:94:23:
39:e6:46:a0:3c:0d:58:9b:2b:a3:36:dd:21:26:40:80:6f:28:
ce:67:3e:7d:ad:2c:c4:01:fd:94:46:e6:be:0e:fc:63:86:cc:
6b:9a:8e:04:9d:6f:a7:15:e1:e0:70:9f:5d:e5:89:ac:35:d2:
8a:78:66:55:96:7c:1e:cc:51:8c:30:0b:c6:fc:ae:47:34:b9:
23:2c:7d:08:20:8e:44:9f:1a:be:7f:59:f5:b8:ec:20:80:33:
8a:41:f8:e6:b7:1a:5b:5b:7b:e5:04:99:51:fd:6a:6f:2e:8e:
23:c5:42:53:c2:93:bc:64:9f:45:67:71:2e:90:21:6c:51:91:
58:4b:57:d3:0c:3a:a3:9b:0b:26:35:97:ee:25:dd:bf:d3:97:
cd:54:32:93
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGHC/QvBl03KvZjr68OoO/HW4z/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAxMzdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyYzljNzkwMjlmZGQ2ZDJlYzkwNWJkNjdkZmUwM2VkMzA1YWIzMmYzOTYz
MjI4NGZjMGFmMDczZDIwYTdiODIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOwoDnwWx7vAnUe3YYpp5jo6RHn4fWeb2ZQbClA6h/+sM9tk3taY/9RSnvIc
siZX/pQK2ZwLi4hn9QDC6P3uHGu7CNwnAQFsVIXVQcgsGzDQosSWvBjqCvQFYjoT
Zx55takh3QK4oa8v7icy80QIfbyIC11zk61M1ZFF2RDPRFxwfqFtD/5fum3hGQsA
JkvR+pYG1Xbs5TtU8Xcb8cXggdFc0GKjGcHaK0yQtDsqusLsiScd02UBB3T+Hzn7
5P4gmOnOkU69lsmwHftPl4azTxFwkIQvgiUvPpH0rRf78Ubi8NjP9FYFaJzGGFqW
TbJ8HF6tDobZ9Gu0qHn8NYMxbxUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTmTOYe
tqpRrtOekEuxhjnMHotwjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmI0ZjViMDYtZWJkOS00NjczLThkYjEtOGU3MmRmOTljOTk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
gDANBgkqhkiG9w0BAQsFAAOCAQEAqETmTct6aUmvdrOOGKvgHX1Zm1Q+Gni4ewZJ
XxAgZvSUNcfXoQJa4F1K2+x4Zm36G5l6BzMbssqOo73gNFcS4D5iujYPwFUhwEHw
rpgFoHayWLOOMAXuv9+CO5/fAFWcD99c3elvP2OTFZQjOeZGoDwNWJsrozbdISZA
gG8ozmc+fa0sxAH9lEbmvg78Y4bMa5qOBJ1vpxXh4HCfXeWJrDXSinhmVZZ8HsxR
jDALxvyuRzS5Iyx9CCCORJ8avn9Z9bjsIIAzikH45rcaW1t75QSZUf1qby6OI8VC
U8KTvGSfRWdxLpAhbFGRWEtX0ww6o5sLJjWX7iXdv9OXzVQykw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:07:49 2025 by rpki-client