Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
File: f6aec084-593c-47be-8e46-9024b5572011.roa (raw, json)
Hash identifier: 3LcYGEIX8aLQAasOTcs1Z3mjy5Nu61ZHR4yA7lCCx3g=
Subject key identifier: 79:73:A6:99:0E:37:57:66:C3:CB:CF:A7:9B:4E:4A:22:CE:9E:64:70
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E2165CF87666EE57333DAF3A274783CCB60D3BC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
Signing time: Fri 22 Aug 2025 15:10:15 +0000
ROA not before: Fri 22 Aug 2025 15:10:15 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:21:65:cf:87:66:6e:e5:73:33:da:f3:a2:74:78:3c:cb:60:d3:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:15 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=c8ba8cc6fa1ec4ae7ef1d78ebcf81bab4614367a3d71b054861004d3d1681bae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:68:bb:d0:1c:a3:03:96:15:dd:31:ed:3f:96:
cb:f9:d4:cd:cf:99:ff:89:8f:39:96:49:fb:fe:71:
19:e7:fb:61:0c:40:72:f9:21:97:de:e0:7d:b4:61:
ea:3c:05:e5:b6:e9:31:22:43:1a:38:e7:cf:be:0f:
be:a1:d7:d9:c5:29:0d:59:fd:f4:e9:b7:26:5a:44:
93:bc:4e:c4:1c:90:08:3b:7d:54:e3:69:dd:40:5a:
cc:1e:c9:70:fe:1c:f7:a9:d1:2f:70:ee:18:03:a8:
ef:94:b2:90:42:4d:02:30:42:f1:5b:ae:fa:0a:71:
69:fb:2e:35:ea:cc:3e:ad:ba:40:ce:a1:32:f0:6e:
e8:b8:1d:6c:b6:49:f1:1b:91:4d:3f:6c:2d:7c:5d:
11:5c:5a:3e:e7:40:4f:73:67:c5:77:f3:77:bf:54:
73:93:fe:e8:86:c5:07:dc:4d:c3:d4:df:7a:2c:9b:
09:32:ae:26:e4:b5:5e:0f:53:cb:fb:de:8d:7a:bc:
c9:63:f6:a3:ec:70:55:25:b7:11:34:8e:b1:ac:92:
18:97:61:aa:c9:43:57:d5:ba:29:46:f8:d5:76:93:
5e:a0:f3:be:2a:6b:87:8d:91:0a:98:56:96:67:dc:
e8:f0:b7:96:84:43:27:94:a2:bd:e6:86:a3:8e:f1:
58:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:73:A6:99:0E:37:57:66:C3:CB:CF:A7:9B:4E:4A:22:CE:9E:64:70
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:e000::/40
Signature Algorithm: sha256WithRSAEncryption
05:c4:3e:33:5e:a9:5f:9c:bc:92:d9:90:1e:cb:f7:14:eb:01:
da:82:87:a5:25:96:ec:57:e6:52:e4:bc:55:7e:8b:31:71:fe:
49:2f:b7:36:4b:7c:f3:30:67:b2:2d:77:dd:e7:f3:55:86:81:
4b:16:59:d8:cb:6b:d0:de:7f:3d:a4:9c:c2:93:e0:22:97:f5:
3d:cc:7b:2c:f0:62:49:3e:48:61:80:f2:b0:d2:ec:22:8b:a0:
64:61:b2:b2:4a:8f:fa:cb:6d:6d:bb:23:05:50:d5:b5:bf:8a:
c7:49:47:c2:f8:c5:09:28:e9:dd:c4:32:66:e9:7e:09:d9:b0:
d7:b8:fc:35:dc:94:64:5f:48:bf:a7:53:bd:22:53:b2:8d:d5:
e5:08:05:3c:da:e2:54:82:9a:40:29:5d:65:e5:f4:63:63:67:
01:f2:49:e7:c9:2f:c3:5e:59:28:ca:19:a2:00:b6:3e:5b:40:
97:1b:c3:0f:5f:0b:8c:be:82:77:84:ee:1f:03:47:08:5a:25:
99:47:d9:ad:aa:6b:6d:b3:3d:45:cd:86:99:9c:e5:a0:3a:a4:
8a:d6:ef:14:13:49:8b:53:db:50:e1:b4:ce:72:c7:f5:60:4f:
dc:b7:8f:36:44:d5:99:32:58:9c:0e:d4:d8:83:cc:a8:7e:47:
05:94:ae:eb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfiFlz4dmbuVzM9rzonR4PMtg07wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwMTVaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4YmE4Y2M2ZmExZWM0YWU3ZWYxZDc4ZWJjZjgxYmFiNDYxNDM2N2EzZDcx
YjA1NDg2MTAwNGQzZDE2ODFiYWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRou9AcowOWFd0x7T+Wy/nUzc+Z/4mPOZZJ+/5xGef7YQxAcvkhl97gfbRh
6jwF5bbpMSJDGjjnz74PvqHX2cUpDVn99Om3JlpEk7xOxByQCDt9VONp3UBazB7J
cP4c96nRL3DuGAOo75SykEJNAjBC8Vuu+gpxafsuNerMPq26QM6hMvBu6LgdbLZJ
8RuRTT9sLXxdEVxaPudAT3NnxXfzd79Uc5P+6IbFB9xNw9TfeiybCTKuJuS1Xg9T
y/vejXq8yWP2o+xwVSW3ETSOsaySGJdhqslDV9W6KUb41XaTXqDzviprh42RCphW
lmfc6PC3loRDJ5SiveaGo47xWM0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR5c6aZ
DjdXZsPLz6ebTkoizp5kcDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjZhZWMwODQtNTkzYy00N2JlLThlNDYtOTAyNGI1NTcyMDExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDg
MA0GCSqGSIb3DQEBCwUAA4IBAQAFxD4zXqlfnLyS2ZAey/cU6wHagoelJZbsV+ZS
5LxVfosxcf5JL7c2S3zzMGeyLXfd5/NVhoFLFlnYy2vQ3n89pJzCk+Ail/U9zHss
8GJJPkhhgPKw0uwii6BkYbKySo/6y21tuyMFUNW1v4rHSUfC+MUJKOndxDJm6X4J
2bDXuPw13JRkX0i/p1O9IlOyjdXlCAU82uJUgppAKV1l5fRjY2cB8knnyS/DXlko
yhmiALY+W0CXG8MPXwuMvoJ3hO4fA0cIWiWZR9mtqmttsz1FzYaZnOWgOqSK1u8U
E0mLU9tQ4bTOcsf1YE/ct482RNWZMlicDtTYg8yofkcFlK7r
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:35:13 2025 by rpki-client