Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6ce96a4-eb6b-4bed-b15b-b1e3cdcac418.roa
File: c6ce96a4-eb6b-4bed-b15b-b1e3cdcac418.roa (raw, json)
Hash identifier: lPy6Acaval5RmuzTGCRgJqMRLOn+fkoYqYGdCpN1CxY=
Subject key identifier: D6:44:B1:E5:9A:A9:7F:69:A2:4B:99:97:23:7A:AD:D0:25:EA:DC:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21C2AB5AB65A8686020132F5AB0BA71B88BA6587
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6ce96a4-eb6b-4bed-b15b-b1e3cdcac418.roa
Signing time: Tue 05 Aug 2025 20:11:18 +0000
ROA not before: Tue 05 Aug 2025 20:11:18 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:c2:ab:5a:b6:5a:86:86:02:01:32:f5:ab:0b:a7:1b:88:ba:65:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:11:18 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=7f4f097dc1cc099e8f4678d5d7e97d427008084b145d366da121909d65ca0be0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1a:0b:4a:5e:05:c9:2a:3d:5d:44:77:95:73:
e8:4c:ba:af:8e:17:98:cf:14:4f:5d:a4:63:a1:35:
5c:9d:58:3a:0e:51:0b:10:51:02:cd:eb:9b:b8:55:
70:81:23:f6:fb:e5:bf:b8:c9:8c:30:69:58:20:3a:
46:ec:01:de:5b:8d:db:5c:34:5f:d7:2f:db:00:35:
d1:3d:80:7a:78:fe:cd:69:7b:be:a6:31:c5:cf:40:
a7:e7:3c:59:0f:22:13:ae:6b:b0:c6:fa:6b:dc:d8:
88:55:ec:54:8e:5d:2f:8e:00:c8:56:f5:06:f0:41:
be:9f:e3:51:28:07:b0:7e:fd:b2:f8:05:57:7b:98:
3a:06:f6:6b:9e:d2:13:f2:58:b9:f7:c5:f4:8d:36:
58:d1:ed:39:3a:9c:b8:84:50:e3:7a:73:a6:8e:6a:
83:04:6e:f5:49:dc:d8:3a:8e:12:d7:29:de:9c:84:
ea:90:a4:b1:ea:f6:1d:c0:41:49:61:c4:0a:32:8d:
9b:6f:8e:91:1b:16:ee:73:8e:b0:37:61:ef:d4:8f:
b7:dc:d2:13:b9:42:aa:5e:09:cc:50:10:38:2e:2a:
3a:c5:30:47:38:ca:7d:7e:94:69:2d:be:ba:9d:8d:
c0:d4:70:9c:01:ec:84:8b:ca:5b:80:45:2e:f4:6f:
4a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:44:B1:E5:9A:A9:7F:69:A2:4B:99:97:23:7A:AD:D0:25:EA:DC:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6ce96a4-eb6b-4bed-b15b-b1e3cdcac418.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018::/38
Signature Algorithm: sha256WithRSAEncryption
3d:bf:aa:4c:8e:52:03:fa:22:1e:98:a5:22:8c:54:e5:ff:a1:
dc:b6:42:cf:af:80:e5:38:4b:35:a9:46:76:fe:e6:8c:3f:09:
bd:09:75:fd:d0:bd:90:d5:fd:da:8b:2b:56:94:98:4e:33:6c:
c5:70:d5:44:69:a3:1b:b6:46:0c:3c:a1:bb:9b:8e:60:4e:d0:
61:3d:6d:a7:33:d9:5d:ca:b2:7c:8b:f5:17:b0:90:71:e5:c5:
9e:30:49:53:c8:8e:9b:c6:05:c8:69:c3:e1:4d:a2:7e:d0:87:
fb:99:8e:68:4a:ed:31:a2:a8:ca:b3:99:d6:e3:e1:71:62:f0:
23:ed:44:3b:76:6a:25:e1:59:8b:b8:28:72:2a:13:3c:2b:3c:
02:8f:f6:ca:b4:73:f5:0e:8c:fd:e5:b1:ac:9d:d4:df:dc:ae:
08:f5:39:6d:7e:3e:65:c9:e4:fb:71:62:da:a8:f0:9e:55:e5:
de:8e:40:3b:d7:0f:1c:f9:f9:98:16:b7:28:2d:a1:93:7c:f9:
64:79:6f:b2:f0:b7:d1:47:c7:b3:1c:67:cf:99:0c:f6:79:7d:
1b:c0:bd:18:60:ce:d8:05:f7:4f:e1:39:78:dc:46:a3:19:a7:
c0:70:dd:c5:9e:22:bb:e1:23:25:5f:5f:22:e0:6f:55:60:ad:
f7:d8:2e:a0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIcKrWrZahoYCATL1qwunG4i6ZYcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDExMThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmNGYwOTdkYzFjYzA5OWU4ZjQ2NzhkNWQ3ZTk3ZDQyNzAwODA4NGIxNDVk
MzY2ZGExMjE5MDlkNjVjYTBiZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMgaC0peBckqPV1Ed5Vz6Ey6r44XmM8UT12kY6E1XJ1YOg5RCxBRAs3rm7hV
cIEj9vvlv7jJjDBpWCA6RuwB3luN21w0X9cv2wA10T2Aenj+zWl7vqYxxc9Ap+c8
WQ8iE65rsMb6a9zYiFXsVI5dL44AyFb1BvBBvp/jUSgHsH79svgFV3uYOgb2a57S
E/JYuffF9I02WNHtOTqcuIRQ43pzpo5qgwRu9Unc2DqOEtcp3pyE6pCkser2HcBB
SWHECjKNm2+OkRsW7nOOsDdh79SPt9zSE7lCql4JzFAQOC4qOsUwRzjKfX6UaS2+
up2NwNRwnAHshIvKW4BFLvRvStUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTWRLHl
mql/aaJLmZcjeq3QJerckjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzZjZTk2YTQtZWI2Yi00YmVkLWIxNWItYjFlM2NkY2FjNDE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgA
MA0GCSqGSIb3DQEBCwUAA4IBAQA9v6pMjlID+iIemKUijFTl/6HctkLPr4DlOEs1
qUZ2/uaMPwm9CXX90L2Q1f3aiytWlJhOM2zFcNVEaaMbtkYMPKG7m45gTtBhPW2n
M9ldyrJ8i/UXsJBx5cWeMElTyI6bxgXIacPhTaJ+0If7mY5oSu0xoqjKs5nW4+Fx
YvAj7UQ7dmol4VmLuChyKhM8KzwCj/bKtHP1Doz95bGsndTf3K4I9Tltfj5lyeT7
cWLaqPCeVeXejkA71w8c+fmYFrcoLaGTfPlkeW+y8LfRR8ezHGfPmQz2eX0bwL0Y
YM7YBfdP4Tl43EajGafAcN3FniK74SMlX18i4G9VYK332C6g
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:58 2025 by rpki-client