Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
File: 6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa (raw, json)
Hash identifier: dp7XcnXuQ8UoRkT9bFjx0XmFhG0bPH5iWjKLMxKYQGY=
Subject key identifier: 6A:92:A3:91:5C:A7:5C:13:38:D2:78:45:31:AF:F4:90:6E:9E:D9:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45D8D477C9C83B9D2C56B017F2EF1EBBD16507D1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
Signing time: Tue 05 Aug 2025 19:00:57 +0000
ROA not before: Tue 05 Aug 2025 19:00:57 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:d8:d4:77:c9:c8:3b:9d:2c:56:b0:17:f2:ef:1e:bb:d1:65:07:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:00:57 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=67b14a44851d05f26ba1d307f1290ef0c724fa5999de963456dad3de7a53ee39, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cc:d8:a8:fc:a1:09:54:bc:fd:41:cc:b1:97:
9c:dc:dd:7a:ca:a7:0c:28:4a:38:8e:7f:50:b6:4f:
5f:ff:b7:4f:2f:03:de:b1:67:d9:d3:32:b8:9e:28:
3b:62:49:25:3b:05:ab:8c:f8:48:9a:3a:76:16:c1:
43:9f:f5:fc:2c:4a:e0:48:ef:ed:aa:9d:de:02:ed:
34:a6:61:dd:92:de:ea:af:86:70:27:8b:20:08:a7:
1c:dc:3b:e6:3c:95:39:7c:bc:df:95:68:e7:ed:c2:
85:48:87:08:69:1b:be:0a:6a:2e:f1:ec:78:a7:84:
eb:16:85:9c:6f:6b:88:8a:af:07:a9:b2:b7:a6:53:
74:93:81:ff:9d:32:42:df:fd:a9:b4:e6:2c:76:87:
36:4d:6c:2b:c0:cc:a6:72:f1:a1:3d:fb:55:02:af:
3c:cb:c7:eb:e5:e6:04:04:d7:de:52:b6:32:fa:d1:
00:26:18:e5:f0:2e:c5:34:f8:17:fa:b7:04:c5:70:
7a:36:a1:a9:b0:d0:67:33:13:68:32:dd:0f:ad:52:
7a:6c:a3:02:13:7e:da:cc:87:98:1d:9d:34:ff:c9:
9d:f2:43:03:77:d1:86:d5:89:72:ea:db:bf:27:03:
b0:78:eb:bb:12:9d:58:7f:4e:88:6c:9d:9d:48:4f:
cf:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:92:A3:91:5C:A7:5C:13:38:D2:78:45:31:AF:F4:90:6E:9E:D9:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4040::/48
Signature Algorithm: sha256WithRSAEncryption
8c:23:69:7d:2a:3a:f4:83:27:cd:72:21:06:a0:7a:4d:ed:ac:
89:e1:b5:99:a2:86:74:d0:8f:6d:b6:e1:96:fc:8a:ed:94:53:
c2:db:45:91:56:be:c7:6f:a7:a2:d4:a8:0b:29:0b:9f:45:d0:
43:da:02:1f:9c:f8:c1:fa:d0:a3:c4:7e:a2:cc:00:38:b5:f8:
66:54:6b:b6:a5:ff:5e:b7:ef:68:29:36:ed:b1:90:68:01:f0:
4d:ae:10:5d:f5:30:df:c8:b8:4b:d1:1d:b1:ca:9d:23:82:ff:
7c:7f:ff:19:90:a9:26:3b:49:7a:79:71:d7:d9:59:63:ef:8b:
59:ad:01:40:5c:9f:45:d8:a5:49:7a:80:bd:a4:9e:00:b3:1b:
90:ef:3f:2c:44:7d:77:34:ff:64:c4:bb:88:7f:e1:c3:f7:43:
c2:6c:49:45:83:01:1c:a9:e2:0c:a9:9c:c2:1e:82:90:87:fc:
14:96:c0:38:75:df:7b:74:7f:d0:c0:87:a9:10:ec:95:22:2e:
11:91:6c:26:e2:0c:01:50:0f:61:f6:c5:d1:c3:f7:33:1d:22:
e5:7c:2d:16:e0:7b:85:ba:03:f9:00:6c:02:f8:4f:94:48:49:
86:ec:30:ab:2e:2c:c4:20:ed:b2:00:18:c9:57:ca:b9:9d:ee:
fb:2d:0a:2c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURdjUd8nIO50sVrAX8u8eu9FlB9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAwNTdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3YjE0YTQ0ODUxZDA1ZjI2YmExZDMwN2YxMjkwZWYwYzcyNGZhNTk5OWRl
OTYzNDU2ZGFkM2RlN2E1M2VlMzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXM2Kj8oQlUvP1BzLGXnNzdesqnDChKOI5/ULZPX/+3Ty8D3rFn2dMyuJ4o
O2JJJTsFq4z4SJo6dhbBQ5/1/CxK4Ejv7aqd3gLtNKZh3ZLe6q+GcCeLIAinHNw7
5jyVOXy835Vo5+3ChUiHCGkbvgpqLvHseKeE6xaFnG9riIqvB6myt6ZTdJOB/50y
Qt/9qbTmLHaHNk1sK8DMpnLxoT37VQKvPMvH6+XmBATX3lK2MvrRACYY5fAuxTT4
F/q3BMVwejahqbDQZzMTaDLdD61SemyjAhN+2syHmB2dNP/JnfJDA3fRhtWJcurb
vycDsHjruxKdWH9OiGydnUhPzyECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRqkqOR
XKdcEzjSeEUxr/SQbp7ZZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU0ZDk4OTAtYjRmNC00YjllLWE3MzQtYjYzZjUxNTM2MGUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
QDANBgkqhkiG9w0BAQsFAAOCAQEAjCNpfSo69IMnzXIhBqB6Te2sieG1maKGdNCP
bbbhlvyK7ZRTwttFkVa+x2+notSoCykLn0XQQ9oCH5z4wfrQo8R+oswAOLX4ZlRr
tqX/XrfvaCk27bGQaAHwTa4QXfUw38i4S9EdscqdI4L/fH//GZCpJjtJenlx19lZ
Y++LWa0BQFyfRdilSXqAvaSeALMbkO8/LER9dzT/ZMS7iH/hw/dDwmxJRYMBHKni
DKmcwh6CkIf8FJbAOHXfe3R/0MCHqRDslSIuEZFsJuIMAVAPYfbF0cP3Mx0i5Xwt
FuB7hboD+QBsAvhPlEhJhuwwqy4sxCDtsgAYyVfKuZ3u+y0KLA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:56 2025 by rpki-client