Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
File: 6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa (raw, json)
Hash identifier: 9uDYA21LE7eVHwdkyrWtcHoBadHa8VKowZNImBemQcQ=
Subject key identifier: A4:3E:C0:B4:FD:A5:35:8E:A7:41:8A:6E:78:E5:A9:59:CE:B5:A2:38
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76196C8CB0DCF4C408924B7C1C4CC740FA4D5C51
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
Signing time: Mon 16 Jun 2025 19:50:13 +0000
ROA not before: Mon 16 Jun 2025 19:50:13 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:19:6c:8c:b0:dc:f4:c4:08:92:4b:7c:1c:4c:c7:40:fa:4d:5c:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:50:13 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=404c437b7735ccdeb1320aaa5afe1bf7f0423d0c0e900bcd81b1a53e9d9d42c8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:31:fa:51:04:20:10:ff:2c:65:01:fb:63:31:
f5:ea:80:90:34:23:58:87:c5:f9:7f:7d:1b:2f:fa:
ec:4c:ce:a0:ff:f5:af:e9:9a:77:78:dc:05:2d:95:
ca:e2:32:cf:20:ae:05:05:66:4f:69:4c:9a:8a:58:
bf:94:27:e0:52:e7:2c:cc:50:b4:4d:4a:37:56:f2:
d5:1b:d5:2a:20:76:9d:51:5c:c4:76:a6:d2:44:e1:
86:ef:d4:d9:d0:1e:d9:f0:0a:e0:e3:b9:56:dd:fc:
c1:09:a5:e7:75:c6:b3:9d:53:34:2d:85:5b:de:16:
19:77:00:86:f3:ed:f5:33:00:a4:0f:c0:57:d5:91:
17:d1:94:2a:18:a7:c6:b0:4b:1f:77:74:d0:a3:7d:
53:36:dc:6a:5d:be:7b:f9:3b:03:55:7b:83:b7:fb:
3c:48:0b:14:f9:b3:df:42:e0:d4:b0:d2:14:67:4e:
80:3c:51:1c:fe:b8:22:c5:0c:71:c9:54:08:55:0a:
1d:9b:78:cf:76:2e:4e:98:3e:91:2e:fa:07:06:5a:
7b:c1:f2:e3:38:31:58:25:6c:81:e1:e5:00:5c:ed:
d6:df:c9:ff:e4:36:09:6c:59:f3:d6:3a:73:d1:2f:
8c:2d:5f:8e:f0:6a:31:fe:74:cd:17:39:59:80:c2:
c3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:3E:C0:B4:FD:A5:35:8E:A7:41:8A:6E:78:E5:A9:59:CE:B5:A2:38
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4040::/48
Signature Algorithm: sha256WithRSAEncryption
91:e2:40:1d:ac:eb:52:df:3e:20:4d:f7:98:f2:7a:19:95:20:
0d:a5:a9:05:b9:ca:1b:0e:80:5d:e4:db:22:b6:a3:45:69:da:
fe:07:6a:1b:04:cc:f0:1c:95:24:df:61:81:45:19:e9:eb:14:
78:64:59:58:85:eb:12:2c:14:a2:9e:63:32:ff:72:2e:d4:25:
2b:4e:b0:a4:9c:0b:b6:f9:d9:8a:db:1f:95:15:0f:db:f1:c9:
c4:68:60:18:00:05:49:a7:a4:56:c9:b7:b9:25:a6:7c:9e:3f:
fe:03:1b:34:79:a4:8f:c8:42:06:59:05:f7:30:7e:89:d1:3c:
23:57:32:13:cf:ec:bb:45:f3:49:ac:b3:57:45:d2:f8:92:c4:
1a:ab:13:a9:7e:84:82:ab:45:c3:a0:f0:de:f6:12:89:53:e1:
dd:e7:4f:8e:9f:99:29:99:29:d9:bf:d2:60:42:6e:fb:8f:dc:
94:4f:e8:21:f4:db:ed:2c:9f:72:e3:b6:7d:9e:5c:dc:10:34:
56:46:ce:64:5f:bc:e3:dd:f6:10:80:ab:5a:ab:f3:d6:5b:1e:
c3:4d:b9:6f:36:8a:f1:9e:52:35:06:b9:83:22:b8:b9:0f:4c:
6f:80:8e:e7:b0:98:21:cf:c2:5f:5e:1f:ee:99:29:c9:fb:f5:
2e:1b:06:38
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdhlsjLDc9MQIkkt8HEzHQPpNXFEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUwMTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwNGM0MzdiNzczNWNjZGViMTMyMGFhYTVhZmUxYmY3ZjA0MjNkMGMwZTkw
MGJjZDgxYjFhNTNlOWQ5ZDQyYzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkx+lEEIBD/LGUB+2Mx9eqAkDQjWIfF+X99Gy/67EzOoP/1r+mad3jcBS2V
yuIyzyCuBQVmT2lMmopYv5Qn4FLnLMxQtE1KN1by1RvVKiB2nVFcxHam0kThhu/U
2dAe2fAK4OO5Vt38wQml53XGs51TNC2FW94WGXcAhvPt9TMApA/AV9WRF9GUKhin
xrBLH3d00KN9Uzbcal2+e/k7A1V7g7f7PEgLFPmz30Lg1LDSFGdOgDxRHP64IsUM
cclUCFUKHZt4z3YuTpg+kS76BwZae8Hy4zgxWCVsgeHlAFzt1t/J/+Q2CWxZ89Y6
c9EvjC1fjvBqMf50zRc5WYDCw/sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSkPsC0
/aU1jqdBim545alZzrWiODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU0ZDk4OTAtYjRmNC00YjllLWE3MzQtYjYzZjUxNTM2MGUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
QDANBgkqhkiG9w0BAQsFAAOCAQEAkeJAHazrUt8+IE33mPJ6GZUgDaWpBbnKGw6A
XeTbIrajRWna/gdqGwTM8ByVJN9hgUUZ6esUeGRZWIXrEiwUop5jMv9yLtQlK06w
pJwLtvnZitsflRUP2/HJxGhgGAAFSaekVsm3uSWmfJ4//gMbNHmkj8hCBlkF9zB+
idE8I1cyE8/su0XzSayzV0XS+JLEGqsTqX6EgqtFw6Dw3vYSiVPh3edPjp+ZKZkp
2b/SYEJu+4/clE/oIfTb7SyfcuO2fZ5c3BA0VkbOZF+84932EICrWqvz1lsew025
bzaK8Z5SNQa5gyK4uQ9Mb4CO57CYIc/CX14f7pkpyfv1LhsGOA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:58 2025 by rpki-client