Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
File: 7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa (raw, json)
Hash identifier: hSW/m5Z/dm58GASpy6NvlSJses7t7yStNCYqLKKw0WY=
Subject key identifier: 6C:C1:72:35:B0:C5:78:86:5C:08:EA:2A:FF:EC:95:37:09:CF:BE:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36B84CB258FE10B9AEBB481C8784534B769B288E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
Signing time: Tue 05 Aug 2025 18:41:01 +0000
ROA not before: Tue 05 Aug 2025 18:41:01 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:b8:4c:b2:58:fe:10:b9:ae:bb:48:1c:87:84:53:4b:76:9b:28:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:41:01 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=e82874fa461ce569269b20d3129e59ca667259aecdb18585ca2c1a11e66cc2d1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:9f:71:2c:90:b1:0d:ab:ed:d6:5c:fc:85:36:
55:c7:fc:00:89:64:e2:cf:ba:a1:0d:3b:01:08:2f:
8e:38:d6:62:5b:59:3e:a4:42:4c:19:14:b5:a0:f2:
34:40:59:55:3f:3e:fd:39:af:90:34:89:07:23:87:
8f:af:3e:26:ec:61:5d:f8:2d:8f:55:17:4d:c9:75:
5e:ab:87:bc:7f:2f:4f:27:22:59:8a:fb:e6:b5:83:
41:2c:17:92:23:90:13:7d:56:3c:c7:14:0b:9c:3f:
03:bf:04:72:80:5a:be:d5:93:87:60:6e:86:b3:b2:
05:41:15:2f:8c:e3:64:30:cf:6e:a1:ca:0f:12:ed:
40:ac:51:dc:8f:32:c9:2b:28:1c:aa:5c:9c:07:30:
fb:78:24:6e:5f:a2:b6:70:f8:89:30:52:4b:03:b9:
d2:a6:8d:ba:45:22:2f:72:29:5d:62:c5:6f:fe:c4:
cd:e1:07:7e:cc:9d:ae:7d:92:d1:ee:e8:3d:ca:72:
f3:56:8c:69:37:02:0a:38:20:30:ed:9d:4d:26:f3:
d5:22:52:50:10:1c:19:bd:a4:b5:1f:35:a2:08:5d:
d4:b2:17:15:4a:65:50:8f:17:6c:d9:50:c3:e3:1f:
be:a5:76:33:8e:ce:38:e9:d1:e1:64:b7:d5:c4:4f:
5f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C1:72:35:B0:C5:78:86:5C:08:EA:2A:FF:EC:95:37:09:CF:BE:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
37:26:70:d6:a0:da:45:27:97:70:20:59:a3:5f:46:ee:4d:a4:
d3:b5:e1:6e:b5:f1:23:80:cf:d8:b0:28:4b:b8:5f:56:3a:de:
82:72:41:42:e5:1e:01:ac:d2:2b:b1:67:fe:2b:d6:2d:d1:82:
a1:27:60:47:c5:ff:34:72:69:d1:5e:ab:10:fd:18:b0:dc:cb:
47:61:00:a9:f7:66:41:0e:ea:aa:c8:6e:68:53:eb:ce:75:78:
73:92:38:6c:9a:d8:eb:0e:35:16:18:08:17:6a:c7:30:64:a6:
d8:49:b9:2a:16:36:47:5c:fb:07:27:40:60:98:da:79:8b:c0:
36:1b:0d:6a:09:41:a6:53:ca:72:bf:4b:3f:ae:5e:c2:d8:76:
bf:b0:a6:ad:64:99:e9:67:b3:dd:6a:f3:12:2e:6f:48:75:72:
f7:60:2f:7a:af:c3:fd:41:e5:20:76:ed:37:69:4d:53:7d:42:
21:78:65:15:7c:6f:79:89:1b:44:e4:55:28:37:87:e2:5b:e5:
41:c9:fe:55:17:93:d4:83:87:1b:83:ed:fc:5c:22:02:d9:ca:
8e:b9:d0:82:e6:66:23:23:5b:a5:34:99:fe:43:51:0e:be:12:
9e:a9:cf:c4:3e:42:b5:30:c2:d8:4a:bd:4f:9f:1f:fc:9a:93:
46:f5:3f:bd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNrhMslj+ELmuu0gch4RTS3abKI4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQxMDFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4Mjg3NGZhNDYxY2U1NjkyNjliMjBkMzEyOWU1OWNhNjY3MjU5YWVjZGIx
ODU4NWNhMmMxYTExZTY2Y2MyZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI6fcSyQsQ2r7dZc/IU2Vcf8AIlk4s+6oQ07AQgvjjjWYltZPqRCTBkUtaDy
NEBZVT8+/TmvkDSJByOHj68+JuxhXfgtj1UXTcl1XquHvH8vTyciWYr75rWDQSwX
kiOQE31WPMcUC5w/A78EcoBavtWTh2BuhrOyBUEVL4zjZDDPbqHKDxLtQKxR3I8y
ySsoHKpcnAcw+3gkbl+itnD4iTBSSwO50qaNukUiL3IpXWLFb/7EzeEHfsydrn2S
0e7oPcpy81aMaTcCCjggMO2dTSbz1SJSUBAcGb2ktR81oghd1LIXFUplUI8XbNlQ
w+MfvqV2M47OOOnR4WS31cRPX+MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRswXI1
sMV4hlwI6ir/7JU3Cc++YjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2E2ZDVjNGQtNDBkZC00NTc3LTk1MjAtYTJhYzI4NmM4MTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/A
wDANBgkqhkiG9w0BAQsFAAOCAQEANyZw1qDaRSeXcCBZo19G7k2k07XhbrXxI4DP
2LAoS7hfVjregnJBQuUeAazSK7Fn/ivWLdGCoSdgR8X/NHJp0V6rEP0YsNzLR2EA
qfdmQQ7qqshuaFPrznV4c5I4bJrY6w41FhgIF2rHMGSm2Em5KhY2R1z7BydAYJja
eYvANhsNaglBplPKcr9LP65ewth2v7CmrWSZ6Wez3WrzEi5vSHVy92Aveq/D/UHl
IHbtN2lNU31CIXhlFXxveYkbRORVKDeH4lvlQcn+VReT1IOHG4Pt/FwiAtnKjrnQ
guZmIyNbpTSZ/kNRDr4SnqnPxD5CtTDC2Eq9T58f/JqTRvU/vQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:08 2025 by rpki-client