Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa
File: 6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa (raw, json)
Hash identifier: OOm1AQGPGqJOT+3TH9SU/szlV8XqrywIpt+dlMad7Wc=
Subject key identifier: F6:28:29:9A:F8:45:77:00:35:FC:8C:A2:41:66:75:62:AA:11:E7:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52383EF284DA1E5FB74EFFFF674104F2AE253C7C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa
Signing time: Tue 05 Aug 2025 19:31:01 +0000
ROA not before: Tue 05 Aug 2025 19:31:01 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:38:3e:f2:84:da:1e:5f:b7:4e:ff:ff:67:41:04:f2:ae:25:3c:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:01 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5961c3592cd1a612acc326766feae39c1113a1bf4a2e4f7e10256934d1fa53fc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:47:d0:9b:34:6c:79:16:69:4d:c5:2d:27:f8:
a6:c8:a6:2d:e7:12:80:a9:42:07:26:df:90:f1:c9:
fd:4c:8d:bf:61:6b:05:ae:9b:a7:23:8a:37:78:45:
2d:cc:6c:5b:7e:01:e6:ec:f7:e1:bb:9e:b6:68:f8:
a4:e6:a9:b5:ec:49:77:fb:49:e2:11:01:ee:50:84:
d6:e6:d5:e5:c9:dc:71:7c:c5:c4:cf:b2:e3:5b:34:
b5:45:5e:08:0e:b7:33:51:24:59:a7:ed:9c:9b:e6:
77:10:f5:d9:2f:8a:0b:a3:15:c9:71:06:77:07:c5:
53:91:f6:12:29:4d:8e:13:f4:4e:42:c4:27:16:31:
73:82:66:cf:bf:bb:66:55:5b:0b:b2:da:6c:9c:9e:
5a:ee:80:2b:bc:b3:76:70:69:1a:49:97:ca:7c:a6:
73:61:ee:d6:70:43:11:74:cd:bf:94:dc:3d:05:37:
21:94:29:a8:61:87:c4:74:8d:cb:49:bc:09:1f:3f:
be:c5:dd:3f:37:5b:99:9c:d5:bd:72:6a:29:80:6c:
3f:33:c6:e3:c4:a1:4b:89:0d:05:d9:5a:08:f6:96:
89:80:dc:f0:6f:c8:0e:8a:31:1d:83:04:b4:8d:0b:
47:dc:8a:c7:e5:29:14:44:be:7b:28:1e:96:65:f5:
29:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:28:29:9A:F8:45:77:00:35:FC:8C:A2:41:66:75:62:AA:11:E7:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:c000::/40
Signature Algorithm: sha256WithRSAEncryption
33:f0:93:ae:c0:b4:02:ff:b1:63:7c:ed:98:80:b8:a4:2c:70:
8f:b8:31:13:85:4c:83:31:eb:01:16:24:ad:d6:a9:b8:bd:02:
3e:dc:5f:d4:33:2c:d9:24:d2:50:e3:a9:1b:ca:1f:3f:69:a8:
50:48:33:62:17:dc:b5:64:e0:8d:e4:61:1d:e2:c3:23:c2:a2:
15:60:ba:cc:b5:57:9b:d4:c9:02:19:18:77:07:3c:e9:91:cb:
e6:d6:7e:3a:a7:c8:85:b9:1c:7a:62:c7:a7:23:b8:35:79:74:
58:83:68:e8:e6:ee:5d:2c:d5:0c:e8:20:6c:5f:19:ba:fe:e8:
cc:bb:f4:87:7d:2a:df:0f:aa:f4:c5:1a:58:d2:73:f0:02:d5:
fb:d4:dd:d9:ac:a1:7d:36:72:81:45:f6:d6:2a:b4:65:38:fb:
1b:73:7b:76:91:16:06:50:96:96:66:52:86:04:41:de:2c:f6:
9d:97:cb:10:26:4f:d1:2c:f8:79:1f:fd:3c:db:6f:d9:fc:10:
71:81:0d:95:62:5e:50:71:f1:77:4f:a1:15:a5:77:cc:93:3c:
76:1b:85:4b:0e:05:1e:84:75:e4:b4:ea:d5:d3:db:c9:0a:8d:
ba:1e:8f:7a:08:19:74:00:a0:a3:1e:0f:0a:01:b7:2b:06:54:
fd:d6:67:08
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUjg+8oTaHl+3Tv//Z0EE8q4lPHwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxMDFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5NjFjMzU5MmNkMWE2MTJhY2MzMjY3NjZmZWFlMzljMTExM2ExYmY0YTJl
NGY3ZTEwMjU2OTM0ZDFmYTUzZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1H0Js0bHkWaU3FLSf4psimLecSgKlCBybfkPHJ/UyNv2FrBa6bpyOKN3hF
LcxsW34B5uz34buetmj4pOaptexJd/tJ4hEB7lCE1ubV5cnccXzFxM+y41s0tUVe
CA63M1EkWaftnJvmdxD12S+KC6MVyXEGdwfFU5H2EilNjhP0TkLEJxYxc4Jmz7+7
ZlVbC7LabJyeWu6AK7yzdnBpGkmXynymc2Hu1nBDEXTNv5TcPQU3IZQpqGGHxHSN
y0m8CR8/vsXdPzdbmZzVvXJqKYBsPzPG48ShS4kNBdlaCPaWiYDc8G/IDooxHYME
tI0LR9yKx+UpFES+eygelmX1KTMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT2KCma
+EV3ADX8jKJBZnViqhHnljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmVlNDI0ZDYtYTA2Ny00ZmI5LWE4MmUtMDU4OTBjZjhhODhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FjA
MA0GCSqGSIb3DQEBCwUAA4IBAQAz8JOuwLQC/7FjfO2YgLikLHCPuDEThUyDMesB
FiSt1qm4vQI+3F/UMyzZJNJQ46kbyh8/aahQSDNiF9y1ZOCN5GEd4sMjwqIVYLrM
tVeb1MkCGRh3Bzzpkcvm1n46p8iFuRx6YsenI7g1eXRYg2jo5u5dLNUM6CBsXxm6
/ujMu/SHfSrfD6r0xRpY0nPwAtX71N3ZrKF9NnKBRfbWKrRlOPsbc3t2kRYGUJaW
ZlKGBEHeLPadl8sQJk/RLPh5H/0822/Z/BBxgQ2VYl5QcfF3T6EVpXfMkzx2G4VL
DgUehHXktOrV09vJCo26Ho96CBl0AKCjHg8KAbcrBlT91mcI
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:12 2025 by rpki-client