Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
File: 6a2f7401-8559-4633-8579-cca77d6fa971.roa (raw, json)
Hash identifier: hw5DsiKkZZ+sM0K+NTPuYX0iHbUjTKvZzCIAJ13U7fI=
Subject key identifier: 02:76:2C:F5:E1:7A:81:7C:40:02:6E:D7:AE:C7:31:82:D8:4D:00:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0FA1A6538900DFCFB5EBCC514712EBA98127A942
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
Signing time: Fri 11 Jul 2025 20:41:32 +0000
ROA not before: Fri 11 Jul 2025 20:41:32 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:a1:a6:53:89:00:df:cf:b5:eb:cc:51:47:12:eb:a9:81:27:a9:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:41:32 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=16cdf54641a94390dd74362f19a8ac4eddd595f960a7861d63a8924c46bc4074, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:25:86:87:70:27:ed:2c:0e:4d:6d:46:c1:65:
0f:1b:0e:6b:82:12:4d:b7:d7:4c:12:9b:f8:45:10:
50:36:c2:61:85:a7:23:b3:a0:3c:1a:6c:49:35:ce:
a3:82:35:5e:6e:8a:54:03:9d:35:e9:61:e2:4e:eb:
40:f8:e9:28:d3:82:0a:62:9f:57:3c:e9:6a:e4:eb:
89:7a:c8:ae:62:84:4a:ee:e0:8e:5f:42:86:e7:1b:
3f:3f:5b:13:19:cc:d8:5b:f0:eb:ca:bb:2f:80:19:
84:e0:50:e1:37:f5:f5:2a:63:f1:c3:82:08:d5:6d:
53:91:af:ba:ea:fc:6f:7a:02:25:c3:ce:3a:d7:0f:
35:40:fe:5b:59:19:66:a7:f7:22:30:00:3d:44:9d:
e4:1a:9d:96:d1:e2:c3:30:51:d8:17:96:98:07:fe:
3a:8d:93:4c:42:c9:b0:ae:d2:ad:6b:aa:8b:6c:30:
26:4a:a0:73:6e:36:f2:07:b0:d1:83:94:af:d0:80:
af:32:24:a2:9f:d2:94:b7:48:c4:7a:9c:ff:20:24:
af:88:92:e1:dd:6c:ca:d4:2c:3f:d7:49:48:c6:96:
c2:5c:ac:13:45:1c:48:b9:11:b1:00:bb:36:b7:e5:
a2:8d:9b:53:33:c3:5f:44:e5:f6:52:f2:cb:2e:fe:
4e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:76:2C:F5:E1:7A:81:7C:40:02:6E:D7:AE:C7:31:82:D8:4D:00:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a::/36
Signature Algorithm: sha256WithRSAEncryption
bb:cd:fe:25:a3:b0:26:d2:81:0b:80:a6:d4:73:16:7f:36:7b:
56:68:c9:50:4d:95:e5:6c:a7:53:5e:ee:ed:15:93:31:c3:d0:
fa:77:6e:bd:27:9e:2d:f6:1b:47:33:02:d0:cd:b0:45:2e:16:
6f:13:97:66:bc:e4:48:42:11:53:97:f1:9b:be:af:36:e1:38:
9d:6e:55:cf:f7:71:f7:aa:e7:29:ff:cf:26:b7:d0:5a:5d:55:
fb:22:41:4a:1f:84:54:78:ea:62:42:a6:08:06:8e:b4:1b:37:
b7:ed:3f:b6:75:2f:11:a7:e9:21:3d:2b:97:7d:83:a1:ce:c3:
c1:90:ae:d1:1e:24:17:67:bd:62:cc:f5:61:ab:a6:4f:b7:be:
73:75:d8:4d:79:ae:a6:95:46:49:cf:89:5c:cb:7c:6c:8c:aa:
94:ec:2e:7c:c1:45:6f:52:08:91:e7:32:fd:22:07:74:26:06:
cb:f3:57:9e:a7:ad:f5:12:8b:6d:86:32:8f:b9:3a:c7:60:bd:
d4:c0:be:33:15:7d:55:1b:c1:24:5e:a5:17:5c:44:43:79:c1:
a3:16:5f:68:9b:e6:58:a0:e0:4d:c0:a8:f4:0e:4b:5d:b0:9d:
b3:4e:4a:b0:38:79:b2:41:2d:9b:c2:2c:b9:cb:77:ee:b4:78:
84:77:16:32
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD6GmU4kA38+168xRRxLrqYEnqUIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQxMzJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2Y2RmNTQ2NDFhOTQzOTBkZDc0MzYyZjE5YThhYzRlZGRkNTk1Zjk2MGE3
ODYxZDYzYTg5MjRjNDZiYzQwNzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALElhodwJ+0sDk1tRsFlDxsOa4ISTbfXTBKb+EUQUDbCYYWnI7OgPBpsSTXO
o4I1Xm6KVAOdNelh4k7rQPjpKNOCCmKfVzzpauTriXrIrmKESu7gjl9ChucbPz9b
ExnM2Fvw68q7L4AZhOBQ4Tf19Spj8cOCCNVtU5Gvuur8b3oCJcPOOtcPNUD+W1kZ
Zqf3IjAAPUSd5BqdltHiwzBR2BeWmAf+Oo2TTELJsK7SrWuqi2wwJkqgc2428gew
0YOUr9CArzIkop/SlLdIxHqc/yAkr4iS4d1sytQsP9dJSMaWwlysE0UcSLkRsQC7
Nrfloo2bUzPDX0Tl9lLyyy7+TgMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQCdiz1
4XqBfEACbteuxzGC2E0ARjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmEyZjc0MDEtODU1OS00NjMzLTg1NzktY2NhNzdkNmZhOTcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BoA
MA0GCSqGSIb3DQEBCwUAA4IBAQC7zf4lo7Am0oELgKbUcxZ/NntWaMlQTZXlbKdT
Xu7tFZMxw9D6d269J54t9htHMwLQzbBFLhZvE5dmvORIQhFTl/Gbvq824TidblXP
93H3qucp/88mt9BaXVX7IkFKH4RUeOpiQqYIBo60Gze37T+2dS8Rp+khPSuXfYOh
zsPBkK7RHiQXZ71izPVhq6ZPt75zddhNea6mlUZJz4lcy3xsjKqU7C58wUVvUgiR
5zL9Igd0JgbL81eep631EotthjKPuTrHYL3UwL4zFX1VG8EkXqUXXERDecGjFl9o
m+ZYoOBNwKj0DktdsJ2zTkqwOHmyQS2bwiy5y3futHiEdxYy
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:09 2025 by rpki-client