Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
File: c6b4bacc-5824-4f9c-a10d-49f145db8549.roa (raw, json)
Hash identifier: 5s1P2QReN9K+4NWM0GiuVzW3Q+wVXYuPvNpWRgm9UcQ=
Subject key identifier: 34:D9:88:1B:16:7D:F3:AE:93:88:E6:63:63:96:FD:94:90:3E:EE:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 780EA1C3479ECEFB884E0727D259F3113FF6D6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
Signing time: Tue 15 Jul 2025 00:11:02 +0000
ROA not before: Tue 15 Jul 2025 00:11:02 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02f::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:0e:a1:c3:47:9e:ce:fb:88:4e:07:27:d2:59:f3:11:3f:f6:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 15 00:11:02 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=e28412b7809ef873b69decf58526e40f875263f87ddf5949ba9c9b3726f21338, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f8:28:8b:86:fd:08:5f:74:60:86:20:2b:c8:
14:4f:3d:26:ca:c0:08:e1:2c:c6:c7:2f:2d:6d:d7:
cf:58:15:6d:ca:c5:94:a9:b4:a8:39:60:c2:d5:5c:
a4:7b:6c:99:5b:eb:4a:38:b4:6c:d6:00:1e:74:9d:
79:10:d2:8c:91:55:01:f8:be:1e:4c:f1:73:6e:1f:
c4:64:39:e1:51:b2:ef:ed:bb:6e:e6:21:33:17:ec:
8a:d1:bf:a5:a3:08:51:68:2e:5e:6b:47:73:63:21:
c5:10:73:d5:56:e7:50:56:c2:b2:b9:99:3a:b4:a7:
5e:44:4f:28:e6:ca:8f:7b:56:b7:ff:fb:cf:5f:55:
b5:33:79:4a:55:74:c4:3c:6c:34:26:2c:fe:8d:d8:
9a:d0:cf:5d:50:74:ea:0b:cd:1a:5c:07:c2:5a:ee:
13:ea:70:b8:f0:08:0b:00:9e:a6:44:68:04:62:c9:
bf:26:27:73:cd:e2:35:8b:09:cf:10:76:2d:89:a8:
9e:2d:1a:dd:48:6e:c4:87:ad:a4:b3:83:cc:15:d1:
f7:4a:b6:f5:89:b3:e3:c3:8b:2f:8f:d6:80:af:b1:
02:22:e4:a7:12:bc:d5:6a:6a:f5:39:76:85:c1:14:
0c:49:ed:3f:75:b6:49:b4:c1:39:23:41:18:43:b2:
e3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D9:88:1B:16:7D:F3:AE:93:88:E6:63:63:96:FD:94:90:3E:EE:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02f::/36
Signature Algorithm: sha256WithRSAEncryption
18:5f:f6:db:95:cc:06:95:60:6d:88:1e:36:15:af:83:49:4b:
79:5d:3b:b9:3b:6e:7d:e5:4a:a3:71:a1:ce:d1:16:92:55:dd:
80:cc:d9:d8:6e:41:0b:61:cd:9c:61:86:59:c4:16:11:f9:2c:
3a:03:bc:28:41:5d:9a:8f:89:c8:58:46:b3:1a:c9:cc:be:d1:
55:31:31:be:88:4a:ce:d8:5b:a2:ed:71:70:8e:e3:0b:b6:aa:
b0:fe:e4:a6:0c:d8:e7:33:0c:e4:a3:74:15:20:17:53:84:1b:
ee:fa:76:80:c8:3d:f3:00:56:da:d6:01:5f:da:e1:bd:00:8c:
76:bf:17:15:15:e5:f9:e4:f3:1c:41:c8:7a:1b:d1:1d:27:90:
f7:2a:c4:7f:7c:cc:32:69:56:4f:07:db:4f:8d:09:c0:d1:0d:
aa:b8:a2:11:b7:50:50:e3:1b:b0:50:60:97:08:c1:60:82:72:
7c:89:bc:4d:54:3e:d0:19:dc:4b:d7:f6:a8:04:22:ec:da:58:
e6:43:93:0f:53:3e:af:70:b8:8c:66:ff:9c:50:92:46:5f:c9:
7e:ee:48:01:46:02:99:76:88:c1:42:59:da:b6:d8:70:a8:af:
48:a7:c5:cb:1e:38:25:0c:86:3b:22:19:37:43:fa:31:7e:53:
09:9f:a4:e3
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgITeA6hw0eezvuITgcn0lnzET/21jANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDcxNTAwMTEwMloXDTI1MDgxOTIzNTk1OVowejFJMEcGA1UE
BRNAZTI4NDEyYjc4MDllZjg3M2I2OWRlY2Y1ODUyNmU0MGY4NzUyNjNmODdkZGY1
OTQ5YmE5YzliMzcyNmYyMTMzODEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvvgoi4b9CF90YIYgK8gUTz0mysAI4SzGxy8tbdfPWBVtysWUqbSoOWDC1Vyk
e2yZW+tKOLRs1gAedJ15ENKMkVUB+L4eTPFzbh/EZDnhUbLv7btu5iEzF+yK0b+l
owhRaC5ea0dzYyHFEHPVVudQVsKyuZk6tKdeRE8o5sqPe1a3//vPX1W1M3lKVXTE
PGw0Jiz+jdia0M9dUHTqC80aXAfCWu4T6nC48AgLAJ6mRGgEYsm/JidzzeI1iwnP
EHYtiaieLRrdSG7Eh62ks4PMFdH3Srb1ibPjw4svj9aAr7ECIuSnErzVamr1OXaF
wRQMSe0/dbZJtME5I0EYQ7Lj0QIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFDTZiBsW
ffOuk4jmY2OW/ZSQPu50MB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC9j
NmI0YmFjYy01ODI0LTRmOWMtYTEwZC00OWYxNDVkYjg1NDkucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgXQLwAw
DQYJKoZIhvcNAQELBQADggEBABhf9tuVzAaVYG2IHjYVr4NJS3ldO7k7bn3lSqNx
oc7RFpJV3YDM2dhuQQthzZxhhlnEFhH5LDoDvChBXZqPichYRrMaycy+0VUxMb6I
Ss7YW6LtcXCO4wu2qrD+5KYM2OczDOSjdBUgF1OEG+76doDIPfMAVtrWAV/a4b0A
jHa/FxUV5fnk8xxByHob0R0nkPcqxH98zDJpVk8H20+NCcDRDaq4ohG3UFDjG7BQ
YJcIwWCCcnyJvE1UPtAZ3EvX9qgEIuzaWOZDkw9TPq9wuIxm/5xQkkZfyX7uSAFG
Apl2iMFCWdq22HCor0inxcseOCUMhjsiGTdD+jF+UwmfpOM=
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:48 2025 by rpki-client