Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6ce96a4-eb6b-4bed-b15b-b1e3cdcac418.roa
File: c6ce96a4-eb6b-4bed-b15b-b1e3cdcac418.roa (raw, json)
Hash identifier: mSTRWbRB9oI2DglsytjA8J1TAFOIR4iTcjn2+yfx/3Q=
Subject key identifier: 1E:FF:A6:F7:09:75:BC:B4:2D:19:DB:7C:FE:8E:D6:E8:7F:6A:2B:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78A43ADF4A2D888F6D35EA97E5C61A55881F559E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6ce96a4-eb6b-4bed-b15b-b1e3cdcac418.roa
Signing time: Fri 11 Jul 2025 20:40:38 +0000
ROA not before: Fri 11 Jul 2025 20:40:38 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:a4:3a:df:4a:2d:88:8f:6d:35:ea:97:e5:c6:1a:55:88:1f:55:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:40:38 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=4d0e6c6ced6ef008198f0f8c62213ca8060fc4706bfd76e7fc9ef685c3279578, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0e:06:c9:e6:66:99:c3:3e:69:e1:98:21:3f:
db:0d:92:88:60:0f:4d:09:94:1b:d5:d9:5f:e4:9c:
56:2f:a6:7f:67:50:d4:ce:6f:34:1b:55:f9:ec:3b:
4b:87:f2:4d:55:49:26:b9:aa:b1:f6:81:aa:09:ef:
d7:0c:39:0a:7e:89:c7:00:a4:1c:68:13:ca:86:60:
6d:ce:9f:df:19:5b:c0:19:6c:0d:b2:14:85:e1:8e:
35:5b:ed:b4:50:a9:51:54:27:e6:6f:9a:5f:76:3e:
2b:80:17:04:45:90:6c:70:af:3f:61:bb:3b:73:5a:
ac:99:7f:f0:a1:0f:8a:1f:8c:0a:d7:5d:74:98:ab:
9a:6b:86:03:e9:fd:18:8b:c2:6b:bc:e4:ea:c8:f1:
8a:d9:5b:71:d6:74:73:2f:ea:55:0e:de:ed:e3:e9:
07:7f:2c:f4:ca:6c:ca:26:64:12:5c:ae:af:33:8e:
b8:94:b5:40:17:68:a7:49:91:ba:22:70:9d:cd:3b:
b5:51:f5:16:38:6b:47:13:79:c4:93:e0:92:00:e9:
82:c3:c7:1e:d8:d4:c9:be:d5:51:78:69:5b:3e:78:
30:f3:6a:12:3a:f4:c6:2a:7c:5a:39:a3:88:99:d8:
96:30:8d:e0:d7:67:c3:b2:f4:50:df:4b:2b:ab:f4:
8b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:FF:A6:F7:09:75:BC:B4:2D:19:DB:7C:FE:8E:D6:E8:7F:6A:2B:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6ce96a4-eb6b-4bed-b15b-b1e3cdcac418.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018::/38
Signature Algorithm: sha256WithRSAEncryption
1c:75:a4:43:4a:c3:ad:b7:29:98:de:90:f6:69:1b:77:fa:0b:
5b:70:52:e3:ec:74:e2:3e:00:63:eb:01:21:0a:e8:1d:57:58:
16:42:b8:00:f4:36:b1:32:5d:20:90:27:71:ee:9b:62:95:d5:
16:8a:1b:a0:b1:1c:2c:66:ee:d1:10:ac:d1:f3:78:b8:a9:cd:
e1:9d:85:0d:ad:e8:a0:f2:c6:19:01:71:4d:1b:5a:74:2e:4e:
0d:65:de:1f:0e:4e:25:47:ae:c2:56:04:bd:29:fe:90:19:85:
ca:99:0a:2c:33:64:d4:18:c7:99:03:80:07:ed:ed:94:c4:53:
fb:5b:94:5d:7d:f4:5b:1a:42:f8:85:38:02:8e:fb:63:8a:81:
da:44:a7:a1:62:5e:58:f2:77:18:c5:a5:08:bd:c8:64:4c:09:
94:da:e6:4b:4f:1b:e7:46:f4:a5:54:23:9a:e3:37:d8:6b:02:
87:de:ee:82:89:08:a8:b2:c4:de:06:f3:33:c2:f5:a7:0c:fe:
a5:8f:a3:7c:16:89:f6:dd:a9:d4:c4:aa:09:99:50:d3:d8:f9:
b5:a8:4c:d4:c6:c7:ca:73:29:13:5a:0c:c1:de:81:1a:e2:2c:
08:aa:0d:08:41:c1:a5:43:be:29:63:fd:3b:57:07:e9:2e:1d:
a3:df:43:7c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeKQ630otiI9tNeqX5cYaVYgfVZ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQwMzhaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkMGU2YzZjZWQ2ZWYwMDgxOThmMGY4YzYyMjEzY2E4MDYwZmM0NzA2YmZk
NzZlN2ZjOWVmNjg1YzMyNzk1NzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8OBsnmZpnDPmnhmCE/2w2SiGAPTQmUG9XZX+ScVi+mf2dQ1M5vNBtV+ew7
S4fyTVVJJrmqsfaBqgnv1ww5Cn6JxwCkHGgTyoZgbc6f3xlbwBlsDbIUheGONVvt
tFCpUVQn5m+aX3Y+K4AXBEWQbHCvP2G7O3NarJl/8KEPih+MCtdddJirmmuGA+n9
GIvCa7zk6sjxitlbcdZ0cy/qVQ7e7ePpB38s9MpsyiZkElyurzOOuJS1QBdop0mR
uiJwnc07tVH1FjhrRxN5xJPgkgDpgsPHHtjUyb7VUXhpWz54MPNqEjr0xip8Wjmj
iJnYljCN4Ndnw7L0UN9LK6v0i1sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQe/6b3
CXW8tC0Z23z+jtbof2orVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzZjZTk2YTQtZWI2Yi00YmVkLWIxNWItYjFlM2NkY2FjNDE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgA
MA0GCSqGSIb3DQEBCwUAA4IBAQAcdaRDSsOttymY3pD2aRt3+gtbcFLj7HTiPgBj
6wEhCugdV1gWQrgA9DaxMl0gkCdx7ptildUWihugsRwsZu7REKzR83i4qc3hnYUN
reig8sYZAXFNG1p0Lk4NZd4fDk4lR67CVgS9Kf6QGYXKmQosM2TUGMeZA4AH7e2U
xFP7W5RdffRbGkL4hTgCjvtjioHaRKehYl5Y8ncYxaUIvchkTAmU2uZLTxvnRvSl
VCOa4zfYawKH3u6CiQiossTeBvMzwvWnDP6lj6N8Fon23anUxKoJmVDT2Pm1qEzU
xsfKcykTWgzB3oEa4iwIqg0IQcGlQ74pY/07VwfpLh2j30N8
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:45:03 2025 by rpki-client