Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6027ce14-95d4-4f5a-9a58-52d26678ea8f.roa
File: 6027ce14-95d4-4f5a-9a58-52d26678ea8f.roa (raw, json)
Hash identifier: iJVKuH2q9vD6/wMrIAwYqr/NBf+pzxCgkOsgZLx+5wM=
Subject key identifier: 6B:A2:49:75:93:FA:6A:59:F9:55:DB:E6:0B:E3:FA:17:60:8A:C9:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 157BEBA64E9EBB23D9654D3464EC7C4940D198CA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6027ce14-95d4-4f5a-9a58-52d26678ea8f.roa
Signing time: Thu 04 Sep 2025 19:52:15 +0000
ROA not before: Thu 04 Sep 2025 19:52:15 +0000
ROA not after: Thu 09 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:7b:eb:a6:4e:9e:bb:23:d9:65:4d:34:64:ec:7c:49:40:d1:98:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 4 19:52:15 2025 GMT
Not After : Oct 9 23:59:59 2025 GMT
Subject: serialNumber=5c75ec8052ab92a96d4c05572ccc66ac8d647ce090ac58a5d75d0317c3c5d34d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:94:1e:ef:34:86:d1:95:ac:6a:b1:cf:2c:0f:
74:78:31:fb:59:bc:2d:97:81:e0:5c:45:72:1f:a0:
e1:38:d2:d9:63:5f:bb:3d:b3:80:cd:24:dc:c9:b4:
68:f9:25:30:24:de:b5:5c:72:8c:f3:d0:ed:76:f3:
76:fc:3d:82:5b:30:4f:5a:37:c5:bb:a0:88:11:a9:
35:f3:20:96:6a:f7:aa:4b:a9:9d:14:f9:61:9c:da:
9a:c8:04:a4:a9:f0:f0:d3:cc:ad:9c:b8:40:b9:0d:
05:ec:a8:c4:a0:2f:98:fb:1a:3b:08:c8:ad:1d:2c:
93:87:8a:5c:c0:4e:0b:43:cf:bf:55:ba:36:fd:82:
b6:98:95:8d:99:43:0a:50:d9:fb:66:d0:86:2d:c6:
37:b5:18:27:86:cf:8b:b8:f8:d6:83:7f:f1:39:de:
b9:a2:76:3f:f4:33:0d:1a:e3:1a:cc:da:07:93:54:
55:d3:52:64:15:3e:0a:56:8a:1e:d7:4a:52:c6:74:
e2:2a:85:f7:86:c4:bf:f3:ad:b2:d4:9b:53:26:8e:
7c:ab:c4:17:43:83:19:a5:4d:b7:b7:25:79:db:78:
86:1f:82:b9:41:b6:8c:9f:ef:a3:1c:fa:83:02:78:
78:62:3d:f4:af:81:cd:e2:06:60:d3:5d:22:58:86:
d0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A2:49:75:93:FA:6A:59:F9:55:DB:E6:0B:E3:FA:17:60:8A:C9:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6027ce14-95d4-4f5a-9a58-52d26678ea8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:8080::/48
Signature Algorithm: sha256WithRSAEncryption
61:af:3a:f3:5e:62:bd:d4:7f:7a:aa:46:1b:ea:f9:af:16:50:
8c:95:bb:01:0e:ab:ca:ad:d7:93:33:c4:c9:a6:f3:de:62:8f:
ef:f4:b2:53:19:ac:2e:bf:ad:3e:40:ca:e8:7d:e2:10:ed:c0:
30:eb:b4:d0:06:7a:5b:9f:5b:6f:14:f9:1e:5b:7b:f0:d4:34:
bf:e0:cb:0f:6a:0d:6f:30:69:c1:b1:09:82:f6:e7:0c:c8:70:
e0:53:db:6c:a7:e9:34:82:15:d2:11:8e:21:4e:83:95:e8:60:
a6:1b:9b:45:51:d9:78:bd:16:1f:44:06:c2:38:12:d0:60:d9:
9e:82:d3:55:04:8c:7d:90:e7:17:27:1b:96:0b:3c:3e:a0:32:
ea:42:98:22:41:fc:89:98:c9:ab:8f:59:d7:de:e4:5e:40:d9:
31:89:83:db:d1:79:ce:eb:6d:b6:a9:4c:4c:a4:fb:9f:24:74:
3d:71:ef:6a:1e:a9:0e:98:f5:93:fd:e5:65:c1:81:57:93:90:
d9:68:2d:4e:dd:9c:c5:a0:0a:f5:b8:70:94:78:4a:ff:f8:47:
c9:8a:e7:cf:13:ca:72:82:67:c5:da:48:61:46:d0:b7:21:5e:
9c:a0:41:1e:39:a3:d8:16:8a:1b:ba:bc:c0:52:aa:e8:82:1a:
82:87:d4:f8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFXvrpk6euyPZZU00ZOx8SUDRmMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDQxOTUyMTVaFw0yNTEwMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjNzVlYzgwNTJhYjkyYTk2ZDRjMDU1NzJjY2M2NmFjOGQ2NDdjZTA5MGFj
NThhNWQ3NWQwMzE3YzNjNWQzNGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANqUHu80htGVrGqxzywPdHgx+1m8LZeB4FxFch+g4TjS2WNfuz2zgM0k3Mm0
aPklMCTetVxyjPPQ7Xbzdvw9glswT1o3xbugiBGpNfMglmr3qkupnRT5YZzamsgE
pKnw8NPMrZy4QLkNBeyoxKAvmPsaOwjIrR0sk4eKXMBOC0PPv1W6Nv2CtpiVjZlD
ClDZ+2bQhi3GN7UYJ4bPi7j41oN/8TneuaJ2P/QzDRrjGszaB5NUVdNSZBU+ClaK
HtdKUsZ04iqF94bEv/OtstSbUyaOfKvEF0ODGaVNt7cledt4hh+CuUG2jJ/voxz6
gwJ4eGI99K+BzeIGYNNdIliG0JsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRrokl1
k/pqWflV2+YL4/oXYIrJJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjAyN2NlMTQtOTVkNC00ZjVhLTlhNTgtNTJkMjY2NzhlYThmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G2A
gDANBgkqhkiG9w0BAQsFAAOCAQEAYa86815ivdR/eqpGG+r5rxZQjJW7AQ6ryq3X
kzPEyabz3mKP7/SyUxmsLr+tPkDK6H3iEO3AMOu00AZ6W59bbxT5Hlt78NQ0v+DL
D2oNbzBpwbEJgvbnDMhw4FPbbKfpNIIV0hGOIU6DlehgphubRVHZeL0WH0QGwjgS
0GDZnoLTVQSMfZDnFycblgs8PqAy6kKYIkH8iZjJq49Z197kXkDZMYmD29F5zutt
tqlMTKT7nyR0PXHvah6pDpj1k/3lZcGBV5OQ2WgtTt2cxaAK9bhwlHhK//hHyYrn
zxPKcoJnxdpIYUbQtyFenKBBHjmj2BaKG7q8wFKq6IIagofU+A==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:53 2025 by rpki-client