Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
File: 6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa (raw, json)
Hash identifier: qTLPY07TAgFGMMXmL4U2FNK1qlSL23Qvfcd/f3/2KT4=
Subject key identifier: 3C:55:99:23:F2:0B:DF:0F:18:8F:63:38:B5:D1:D2:39:64:6D:9D:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55F2EC6FD47279CAB15EBC6AD9B3939DF4BF9D1F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
Signing time: Tue 05 Aug 2025 20:10:11 +0000
ROA not before: Tue 05 Aug 2025 20:10:11 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:f2:ec:6f:d4:72:79:ca:b1:5e:bc:6a:d9:b3:93:9d:f4:bf:9d:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:10:11 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=06c21b599078e5924b1df1a5f0511045efc9eeb0197edafa759c130756c95b53, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c5:2f:c6:0d:dd:71:24:f4:29:f5:ec:31:e4:
79:f1:75:c2:c4:d4:ff:46:83:ae:05:5b:b9:7e:a5:
03:4e:dd:c6:0e:bc:46:59:18:2d:27:c6:4d:22:f4:
fa:bb:8d:90:cc:a6:7b:64:ac:43:6f:a4:b7:31:8b:
ff:2e:09:27:39:c3:69:80:f3:0e:9d:53:73:e6:24:
01:50:d3:0f:3b:c2:26:89:00:0c:0c:9a:7b:2c:62:
7d:f6:d5:78:2f:9d:42:d3:0e:d1:ce:2c:51:d0:8b:
1f:72:2d:f0:b3:47:d9:18:20:6a:11:82:64:29:9c:
d1:c4:9e:a2:b9:59:42:95:d5:d6:af:5b:1e:ac:77:
06:1d:f7:a0:2f:21:68:64:89:ee:1b:79:50:56:e4:
2e:64:75:3c:6a:c4:fe:14:1c:6f:1d:27:fa:bb:b4:
aa:e4:80:fc:c8:45:48:5a:63:c3:53:c8:02:f6:6c:
db:25:ef:11:e3:15:9b:49:ff:92:c5:3f:87:f9:5e:
ac:7a:80:11:f1:29:02:97:04:7b:c5:6d:af:72:7f:
6d:85:c4:06:c0:0f:7c:ed:97:ff:7a:f0:7f:71:5f:
40:73:ef:6d:c6:e6:f4:cb:79:c4:5c:94:68:3f:c8:
8f:9d:c2:c5:30:56:22:6f:ae:3e:e1:76:42:1a:d4:
96:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:55:99:23:F2:0B:DF:0F:18:8F:63:38:B5:D1:D2:39:64:6D:9D:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/36
Signature Algorithm: sha256WithRSAEncryption
2d:cd:0e:8c:63:36:b9:87:ee:f0:bb:1a:61:fd:4d:99:fd:1f:
42:e0:e4:44:76:2a:06:c1:bf:4d:79:82:32:98:34:8b:5f:a8:
35:8e:55:aa:54:08:21:c3:fe:b0:a9:f9:ad:2f:07:3c:ee:84:
59:02:99:6e:8c:a0:71:8e:32:71:2d:25:cc:80:58:e1:e5:a9:
34:ce:8d:6a:65:3b:f0:a2:52:a6:8e:22:a4:48:68:2f:0c:b4:
e0:0e:d4:7b:f7:df:fa:db:99:2d:c8:48:dc:74:20:42:9d:a7:
22:ab:6f:84:93:c2:b8:cc:62:91:76:88:70:5d:92:c9:ac:96:
c9:93:16:00:67:0a:bc:bf:5a:98:0f:e9:fe:ef:23:84:b0:56:
c5:f0:ec:8d:72:95:cc:31:0c:cd:94:62:d9:44:4a:ed:e6:c4:
01:97:65:b0:d9:6c:b4:26:10:19:0d:ec:ac:a3:13:10:26:11:
03:84:70:7f:3e:39:5d:f4:14:e2:a8:39:da:14:ad:03:ca:e8:
c7:b2:d9:b3:3f:82:1e:37:bf:cd:7e:cc:ab:fa:8f:fa:5e:0f:
4f:0d:d3:e5:fd:d7:c5:c3:f3:d4:a5:2c:75:6a:ad:8b:e5:26:
fd:f3:2a:b9:61:1e:5e:d6:26:80:6b:07:85:dc:0a:af:52:be:
3b:4a:81:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVfLsb9RyecqxXrxq2bOTnfS/nR8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDEwMTFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2YzIxYjU5OTA3OGU1OTI0YjFkZjFhNWYwNTExMDQ1ZWZjOWVlYjAxOTdl
ZGFmYTc1OWMxMzA3NTZjOTViNTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbFL8YN3XEk9Cn17DHkefF1wsTU/0aDrgVbuX6lA07dxg68RlkYLSfGTSL0
+ruNkMyme2SsQ2+ktzGL/y4JJznDaYDzDp1Tc+YkAVDTDzvCJokADAyaeyxiffbV
eC+dQtMO0c4sUdCLH3It8LNH2RggahGCZCmc0cSeorlZQpXV1q9bHqx3Bh33oC8h
aGSJ7ht5UFbkLmR1PGrE/hQcbx0n+ru0quSA/MhFSFpjw1PIAvZs2yXvEeMVm0n/
ksU/h/lerHqAEfEpApcEe8Vtr3J/bYXEBsAPfO2X/3rwf3FfQHPvbcbm9Mt5xFyU
aD/Ij53CxTBWIm+uPuF2QhrUlhECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8VZkj
8gvfDxiPYzi10dI5ZG2d+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU1OGZhMTctMGNmYy00YTA2LThkNDgtNDdkOTZjMGQ0OWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQAtzQ6MYza5h+7wuxph/U2Z/R9C4OREdioGwb9N
eYIymDSLX6g1jlWqVAghw/6wqfmtLwc87oRZAplujKBxjjJxLSXMgFjh5ak0zo1q
ZTvwolKmjiKkSGgvDLTgDtR799/625ktyEjcdCBCnaciq2+Ek8K4zGKRdohwXZLJ
rJbJkxYAZwq8v1qYD+n+7yOEsFbF8OyNcpXMMQzNlGLZRErt5sQBl2Ww2Wy0JhAZ
DeysoxMQJhEDhHB/Pjld9BTiqDnaFK0DyujHstmzP4IeN7/Nfsyr+o/6Xg9PDdPl
/dfFw/PUpSx1aq2L5Sb98yq5YR5e1iaAaweF3AqvUr47SoHQ
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:17 2025 by rpki-client