Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
File: c6b4bacc-5824-4f9c-a10d-49f145db8549.roa (raw, json)
Hash identifier: kqpWwAofoK+OHxwsBPCMfgAZIVK4UveJDLk03QwQhbY=
Subject key identifier: 8D:D9:54:FA:A3:E6:F1:BB:DA:B6:C9:C9:AC:04:4B:37:89:EB:BC:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4BF79D355D0838CCF7F062616F0F77826DA4773C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
Signing time: Sat 09 Aug 2025 00:20:04 +0000
ROA not before: Sat 09 Aug 2025 00:20:04 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02f::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:f7:9d:35:5d:08:38:cc:f7:f0:62:61:6f:0f:77:82:6d:a4:77:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 9 00:20:04 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=ccdb5ccad85cd37501ec3efc07dbce67888446b75415ca2eccef810e13f23d67, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c5:24:9a:55:9c:c9:59:23:57:46:e6:f1:2e:
0e:d1:e8:51:77:a9:7e:69:15:21:6d:8e:9d:02:77:
47:94:c6:b8:ff:c2:13:8f:21:5c:ae:69:bb:ff:c0:
16:0c:5c:f7:5c:b1:cb:fa:32:4f:73:82:5e:7b:00:
ff:33:40:c7:7b:a7:bd:36:06:97:f6:32:8a:c5:fa:
c7:db:b3:00:01:70:bd:1f:8f:df:af:23:d0:68:58:
90:d0:0c:5d:d1:a2:bf:10:45:41:8a:52:74:59:a1:
f0:b3:9f:80:d3:01:c1:b0:14:aa:32:f7:c0:6f:24:
92:5b:1a:3a:c4:4a:b5:72:be:2c:0b:df:ff:5c:34:
dc:9f:b0:f7:3a:b1:0f:6f:7c:44:51:28:dc:11:0c:
38:d6:88:74:38:20:39:69:ce:5a:c4:5a:5d:47:e6:
b7:00:34:50:a1:1f:87:7a:3c:e4:5b:58:51:47:e2:
66:b4:c2:33:4a:82:70:5f:75:6e:9e:48:6a:8d:6d:
aa:5e:ab:1e:c4:d4:32:82:be:4a:54:c7:3e:f3:9c:
24:65:1c:a4:ec:07:17:df:83:72:f2:34:78:3c:3c:
05:71:2a:4d:63:22:f5:52:1d:43:6f:8b:62:e8:f3:
ac:24:22:45:b1:4f:1a:1f:3a:4c:7a:64:cc:fd:9a:
f0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D9:54:FA:A3:E6:F1:BB:DA:B6:C9:C9:AC:04:4B:37:89:EB:BC:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02f::/36
Signature Algorithm: sha256WithRSAEncryption
35:a8:ac:00:05:31:be:a4:83:06:1f:94:c7:2a:8a:ba:13:fa:
f8:b9:55:66:80:94:23:35:32:38:e4:00:f0:2c:5b:e4:ab:28:
ec:c5:42:95:d1:bd:be:59:d6:b7:37:28:bd:65:d1:c4:fa:e9:
19:8f:83:5b:42:47:ed:1f:1d:7b:f8:ee:0e:90:70:87:20:77:
a6:98:57:fd:ce:9c:41:ac:5f:d7:6f:12:cc:68:42:55:68:aa:
91:3e:68:e8:44:c1:e1:5c:8b:f9:5d:7f:ae:85:b7:74:46:97:
09:c9:ee:0e:39:7d:1a:8c:42:b3:94:b4:38:98:2e:ec:0d:a2:
8f:c8:50:33:0d:e0:ed:32:c0:90:f1:68:05:e3:bc:e3:59:a0:
87:84:2a:f7:67:42:57:65:49:9d:4a:be:22:8a:b3:4a:ee:26:
cd:af:77:cc:6c:c3:2a:e8:9c:ae:a7:dd:1f:fa:92:bf:9e:c9:
c9:14:2f:4d:aa:d2:84:0d:9d:f6:52:f0:0b:c2:03:98:07:a9:
8e:35:82:8b:0a:11:5b:6c:bc:92:23:89:18:f8:d5:d7:8e:ca:
d0:2c:de:cf:83:fe:b2:af:07:87:d2:af:14:69:96:e6:e7:a7:
e9:7b:b5:98:c9:28:6b:fa:f1:02:14:66:fc:17:fe:c5:8b:d6:
bc:26:ba:21
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUS/edNV0IOMz38GJhbw93gm2kdzwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDkwMDIwMDRaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjZGI1Y2NhZDg1Y2QzNzUwMWVjM2VmYzA3ZGJjZTY3ODg4NDQ2Yjc1NDE1
Y2EyZWNjZWY4MTBlMTNmMjNkNjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3FJJpVnMlZI1dG5vEuDtHoUXepfmkVIW2OnQJ3R5TGuP/CE48hXK5pu//A
Fgxc91yxy/oyT3OCXnsA/zNAx3unvTYGl/YyisX6x9uzAAFwvR+P368j0GhYkNAM
XdGivxBFQYpSdFmh8LOfgNMBwbAUqjL3wG8kklsaOsRKtXK+LAvf/1w03J+w9zqx
D298RFEo3BEMONaIdDggOWnOWsRaXUfmtwA0UKEfh3o85FtYUUfiZrTCM0qCcF91
bp5Iao1tql6rHsTUMoK+SlTHPvOcJGUcpOwHF9+DcvI0eDw8BXEqTWMi9VIdQ2+L
YujzrCQiRbFPGh86THpkzP2a8AMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSN2VT6
o+bxu9q2ycmsBEs3ieu8gDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzZiNGJhY2MtNTgyNC00ZjljLWExMGQtNDlmMTQ1ZGI4NTQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C8A
MA0GCSqGSIb3DQEBCwUAA4IBAQA1qKwABTG+pIMGH5THKoq6E/r4uVVmgJQjNTI4
5ADwLFvkqyjsxUKV0b2+Wda3Nyi9ZdHE+ukZj4NbQkftHx17+O4OkHCHIHemmFf9
zpxBrF/XbxLMaEJVaKqRPmjoRMHhXIv5XX+uhbd0RpcJye4OOX0ajEKzlLQ4mC7s
DaKPyFAzDeDtMsCQ8WgF47zjWaCHhCr3Z0JXZUmdSr4iirNK7ibNr3fMbMMq6Jyu
p90f+pK/nsnJFC9NqtKEDZ32UvALwgOYB6mONYKLChFbbLySI4kY+NXXjsrQLN7P
g/6yrweH0q8UaZbm56fpe7WYyShr+vECFGb8F/7Fi9a8Jroh
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:55:22 2025 by rpki-client