Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06cf9d14-d513-496c-9a8e-a1898978658a.roa
File: 06cf9d14-d513-496c-9a8e-a1898978658a.roa (raw, json)
Hash identifier: BIOOK/9+xF3cHKR/nnW9FGCqiDmXfWOWsxl/lB536cQ=
Subject key identifier: 8E:63:18:A5:93:B1:2A:66:3C:3F:55:16:F3:3B:93:2D:8C:35:53:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 02AD3A8951A1E5F9FD61EF7B6624B61513DA3118
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06cf9d14-d513-496c-9a8e-a1898978658a.roa
Signing time: Fri 11 Jul 2025 20:00:18 +0000
ROA not before: Fri 11 Jul 2025 20:00:18 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:8040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:ad:3a:89:51:a1:e5:f9:fd:61:ef:7b:66:24:b6:15:13:da:31:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:00:18 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=6ba78adffbe101e0ea922d556dd9bf847575020753f1230598beec3ba6cbc006, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f4:73:41:cb:97:07:f2:f8:c4:a4:8f:d6:cb:
01:15:4f:5b:2a:cc:0d:dd:1a:58:b3:e5:0d:76:aa:
d5:d4:83:64:4d:81:cb:81:55:a1:da:b7:4b:ce:7f:
38:a2:0b:16:2e:c4:6e:9e:03:a3:f7:de:c0:8a:90:
33:c8:1e:4d:3a:88:34:21:16:87:16:93:e2:9a:96:
58:ea:96:a6:7d:5d:98:04:ee:d5:7f:09:2a:0d:49:
57:a1:e4:c3:81:08:64:fc:53:98:8f:3c:23:0e:2b:
5e:a4:ea:9e:e3:b7:7f:35:f6:1e:db:df:ac:7a:2d:
45:ef:66:8d:08:3c:64:a4:c7:42:d3:68:62:da:ed:
dd:d2:77:78:bb:40:1a:95:1a:7c:76:0f:ac:70:ff:
03:87:e5:76:94:fe:b3:96:1e:6c:88:40:a2:dd:27:
ad:d6:f6:b2:13:1b:e8:45:47:5a:0e:f5:fd:7f:9f:
6e:57:18:83:0f:e4:70:db:3f:0c:74:70:61:fc:51:
61:d0:b2:eb:bd:4d:39:e0:d9:be:cc:3f:9e:aa:46:
5e:bd:7c:1b:33:3b:57:1d:2d:ec:50:66:6e:95:75:
d6:56:ac:2b:37:a5:88:3f:04:e8:2f:07:4b:bb:7d:
00:e9:0e:11:02:bd:40:e1:c3:72:c5:83:c8:9a:41:
15:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:63:18:A5:93:B1:2A:66:3C:3F:55:16:F3:3B:93:2D:8C:35:53:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06cf9d14-d513-496c-9a8e-a1898978658a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:8040::/46
Signature Algorithm: sha256WithRSAEncryption
28:fe:0c:b3:63:d0:46:99:41:eb:98:38:ef:07:a7:3e:f5:7a:
d5:17:7d:f8:fa:86:74:ec:7a:82:d9:bf:17:e6:e4:3a:bf:2b:
da:71:96:83:c2:6c:33:eb:d5:08:43:bf:aa:9c:f8:06:bb:f5:
25:90:4a:16:a9:21:18:cd:7d:9c:7a:e5:9b:2b:3e:90:d7:fd:
41:a6:37:27:4f:c1:2d:3a:80:de:df:bc:e1:02:5e:85:55:27:
32:17:ee:d3:03:c4:5f:b6:ed:78:63:d6:14:82:c1:9c:2f:bb:
22:3b:64:1f:24:f4:20:ff:9d:23:8d:36:cc:0b:0f:3d:3e:19:
78:b8:05:1b:40:dd:d3:b1:51:3d:5f:63:5e:50:50:aa:de:08:
57:83:ae:79:4f:32:1f:51:6d:da:c6:a2:df:18:34:99:62:06:
83:94:18:68:e8:c1:67:1d:73:2c:42:9a:05:75:de:ab:f3:d4:
31:ae:7e:7b:b2:7a:e1:1c:ed:67:2c:0a:80:14:12:8b:7a:cc:
99:cf:83:05:c6:ee:b5:2c:d9:bc:ef:ef:a6:64:53:b8:5d:a4:
56:f2:b5:59:dc:31:48:a6:5f:66:c3:72:a9:e1:4c:1c:5b:0f:
79:7a:08:91:41:21:71:8a:9e:29:3b:27:64:5b:2f:96:78:be:
d4:c4:3e:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAq06iVGh5fn9Ye97ZiS2FRPaMRgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAwMThaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiYTc4YWRmZmJlMTAxZTBlYTkyMmQ1NTZkZDliZjg0NzU3NTAyMDc1M2Yx
MjMwNTk4YmVlYzNiYTZjYmMwMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL70c0HLlwfy+MSkj9bLARVPWyrMDd0aWLPlDXaq1dSDZE2By4FVodq3S85/
OKILFi7Ebp4Do/fewIqQM8geTTqINCEWhxaT4pqWWOqWpn1dmATu1X8JKg1JV6Hk
w4EIZPxTmI88Iw4rXqTqnuO3fzX2HtvfrHotRe9mjQg8ZKTHQtNoYtrt3dJ3eLtA
GpUafHYPrHD/A4fldpT+s5YebIhAot0nrdb2shMb6EVHWg71/X+fblcYgw/kcNs/
DHRwYfxRYdCy671NOeDZvsw/nqpGXr18GzM7Vx0t7FBmbpV11lasKzeliD8E6C8H
S7t9AOkOEQK9QOHDcsWDyJpBFUMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSOYxil
k7EqZjw/VRbzO5MtjDVTgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDZjZjlkMTQtZDUxMy00OTZjLTlhOGUtYTE4OTg5Nzg2NThhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeA
QDANBgkqhkiG9w0BAQsFAAOCAQEAKP4Ms2PQRplB65g47wenPvV61Rd9+PqGdOx6
gtm/F+bkOr8r2nGWg8JsM+vVCEO/qpz4Brv1JZBKFqkhGM19nHrlmys+kNf9QaY3
J0/BLTqA3t+84QJehVUnMhfu0wPEX7bteGPWFILBnC+7IjtkHyT0IP+dI402zAsP
PT4ZeLgFG0Dd07FRPV9jXlBQqt4IV4OueU8yH1Ft2sai3xg0mWIGg5QYaOjBZx1z
LEKaBXXeq/PUMa5+e7J64RztZywKgBQSi3rMmc+DBcbutSzZvO/vpmRTuF2kVvK1
WdwxSKZfZsNyqeFMHFsPeXoIkUEhcYqeKTsnZFsvlni+1MQ+jw==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:49 2025 by rpki-client