Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
File: 6bd3f603-c189-489c-bdf5-631b47b2cd39.roa (raw, json)
Hash identifier: tRqh4RPOj+e+ceeVuCWO7TBhirvPNKBi37IkBb3z5bg=
Subject key identifier: D6:D2:A4:AD:15:B8:D7:84:6B:BC:F6:64:96:5C:0B:91:5D:54:D8:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6DDF33DE38F91CFE359B84E987341F3B9789A04D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
Signing time: Tue 05 Aug 2025 18:40:10 +0000
ROA not before: Tue 05 Aug 2025 18:40:10 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:df:33:de:38:f9:1c:fe:35:9b:84:e9:87:34:1f:3b:97:89:a0:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:40:10 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=22a60cf23053c30a7a69782d36e8cc2078f489aba9b6b9cd9c99d462f2d72364, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ec:8a:70:b5:bc:b6:66:08:59:74:6f:0d:c3:
b5:74:87:af:0f:fd:88:c4:db:30:71:8a:5b:41:a0:
19:e9:80:93:50:68:d5:ed:a0:c5:43:63:62:d4:1a:
ac:62:3f:68:40:bb:75:81:d0:08:3c:26:e4:11:ca:
42:57:5c:ec:70:d8:bc:9f:fd:c0:bd:c6:ff:d8:c1:
72:d1:22:7b:d5:c4:d5:3d:5a:c6:42:ac:55:52:75:
68:8d:32:89:1a:d9:e4:8c:f4:3d:65:25:c0:8c:a5:
b7:0e:17:a2:bd:ab:ab:e8:0c:ef:89:1f:fd:60:18:
62:0c:60:16:f3:1a:5f:f7:bb:91:64:53:81:c4:2c:
7f:05:62:db:dc:cc:95:e1:a1:c7:72:db:7b:d5:c3:
05:b4:40:a1:2d:38:3d:4c:a9:e5:66:d4:36:3b:46:
0b:3d:d5:52:c4:7b:21:bc:5e:47:f4:76:bd:ce:a3:
d1:f4:f0:f9:ab:e6:86:3b:59:b7:72:5d:16:23:5d:
85:35:10:d5:6b:f9:43:ad:a7:1a:e2:de:48:9c:7a:
9f:bd:fd:90:79:90:fc:22:4d:36:31:d8:ed:02:1e:
51:e0:25:f6:bc:35:33:89:b1:66:45:c9:4c:60:76:
c8:a0:4a:1c:ea:89:e4:04:05:25:cc:21:da:f8:91:
ba:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D2:A4:AD:15:B8:D7:84:6B:BC:F6:64:96:5C:0B:91:5D:54:D8:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
00:a8:3e:1c:be:96:45:90:bc:25:a3:00:24:48:db:62:46:81:
26:db:33:95:ac:d5:06:2c:83:d9:84:26:92:2b:20:78:ee:69:
09:73:bc:75:3e:11:71:89:04:bf:31:6b:4d:f7:14:6e:b0:8f:
0a:b0:16:78:eb:69:0b:70:c4:e8:8c:76:81:20:bd:16:ea:a9:
e2:40:4d:21:42:80:d6:1c:a6:7a:78:1d:9d:91:da:bd:07:ed:
89:7b:21:ce:c9:22:e9:08:97:b2:79:e7:4f:4a:8a:f7:47:df:
08:9f:41:e8:87:00:f1:77:79:83:e1:4b:db:21:94:2a:6e:dc:
43:94:85:43:41:2e:fa:72:36:10:ae:26:4e:ba:26:5a:1d:60:
69:c0:5d:c3:39:1e:c2:77:02:0b:4e:2d:4a:07:13:99:57:64:
26:69:0a:e3:a3:4c:c8:0d:85:17:a7:37:a1:78:35:aa:3c:3b:
3c:18:6c:9a:d2:10:59:96:21:31:34:c3:e1:4e:c6:ee:28:e0:
c5:5a:55:36:97:3f:c3:e3:27:5f:aa:79:77:b6:60:bd:37:5c:
3a:15:72:10:bd:ca:87:00:7f:43:0a:c7:e9:19:be:3b:e5:89:
9a:3b:c3:83:b7:cb:75:9e:b1:9e:e7:a2:c4:50:8d:a9:0a:d6:
c9:90:22:32
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbd8z3jj5HP41m4TphzQfO5eJoE0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQwMTBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyYTYwY2YyMzA1M2MzMGE3YTY5NzgyZDM2ZThjYzIwNzhmNDg5YWJhOWI2
YjljZDljOTlkNDYyZjJkNzIzNjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDsinC1vLZmCFl0bw3DtXSHrw/9iMTbMHGKW0GgGemAk1Bo1e2gxUNjYtQa
rGI/aEC7dYHQCDwm5BHKQldc7HDYvJ/9wL3G/9jBctEie9XE1T1axkKsVVJ1aI0y
iRrZ5Iz0PWUlwIyltw4Xor2rq+gM74kf/WAYYgxgFvMaX/e7kWRTgcQsfwVi29zM
leGhx3Lbe9XDBbRAoS04PUyp5WbUNjtGCz3VUsR7IbxeR/R2vc6j0fTw+avmhjtZ
t3JdFiNdhTUQ1Wv5Q62nGuLeSJx6n739kHmQ/CJNNjHY7QIeUeAl9rw1M4mxZkXJ
TGB2yKBKHOqJ5AQFJcwh2viRuicCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTW0qSt
FbjXhGu89mSWXAuRXVTYazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmJkM2Y2MDMtYzE4OS00ODljLWJkZjUtNjMxYjQ3YjJjZDM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
wDANBgkqhkiG9w0BAQsFAAOCAQEAAKg+HL6WRZC8JaMAJEjbYkaBJtszlazVBiyD
2YQmkisgeO5pCXO8dT4RcYkEvzFrTfcUbrCPCrAWeOtpC3DE6Ix2gSC9Fuqp4kBN
IUKA1hymengdnZHavQftiXshzski6QiXsnnnT0qK90ffCJ9B6IcA8Xd5g+FL2yGU
Km7cQ5SFQ0Eu+nI2EK4mTromWh1gacBdwzkewncCC04tSgcTmVdkJmkK46NMyA2F
F6c3oXg1qjw7PBhsmtIQWZYhMTTD4U7G7ijgxVpVNpc/w+MnX6p5d7ZgvTdcOhVy
EL3KhwB/QwrH6Rm+O+WJmjvDg7fLdZ6xnueixFCNqQrWyZAiMg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:55:22 2025 by rpki-client