Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa
File: 6236cad2-ab49-4574-b740-7b70c27fae87.roa (raw, json)
Hash identifier: 4Iy5o20A2EDRgRY/7v3UyO3S24fp0VOWUSbxpf7/G2o=
Subject key identifier: CE:91:7B:75:0D:36:B8:00:8B:64:E2:AC:94:2D:12:8D:D7:BD:E0:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37F61E03FFD98A928F5AC9BDFFE4513D23E8DFE0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa
Signing time: Mon 01 Sep 2025 21:20:10 +0000
ROA not before: Mon 01 Sep 2025 21:20:10 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:f6:1e:03:ff:d9:8a:92:8f:5a:c9:bd:ff:e4:51:3d:23:e8:df:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:20:10 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=3cb4f2aee029aad81059de577db541dee16a3623759e19783c9f487da8b194ad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e8:4f:69:1e:de:7c:13:12:cb:2a:16:6d:22:
3e:db:75:ac:11:48:54:66:8e:d0:85:79:47:d3:61:
30:7c:03:04:fc:0a:bd:84:40:83:cc:f8:a9:b3:d3:
10:c8:1e:ad:3d:86:cb:15:60:6b:b3:6c:91:93:79:
25:7a:19:9f:4c:5f:da:ab:24:37:f8:3f:8a:0e:92:
15:42:02:1f:16:4e:15:ea:61:9a:fa:ab:07:80:45:
fb:05:40:1b:54:a3:7b:ed:5f:c6:cb:02:56:b9:41:
14:7e:e3:96:68:2e:9c:77:92:99:88:31:11:6c:e9:
75:41:6c:03:1d:fc:8a:70:07:21:44:0d:2f:ac:ce:
d6:a4:13:a3:c5:95:6b:67:a3:81:32:03:22:83:1f:
93:2c:4b:89:f4:bf:11:17:45:8f:c9:1a:21:6d:18:
97:f6:7b:af:8f:95:76:a6:cf:d5:43:ab:04:3f:25:
fc:5c:9c:5b:cb:4e:44:b9:b9:9a:9a:e0:50:51:ca:
40:40:1d:6a:d0:b5:e6:f2:3b:09:80:ca:9b:5a:2d:
5b:93:8b:6c:8c:95:7c:9e:d8:55:6d:0b:96:13:98:
81:30:8a:6c:cf:66:c2:b4:77:88:0c:3b:e0:7a:60:
a7:3f:c7:b0:0d:07:c3:65:48:e3:27:6f:10:12:21:
37:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:91:7B:75:0D:36:B8:00:8B:64:E2:AC:94:2D:12:8D:D7:BD:E0:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8400::/38
Signature Algorithm: sha256WithRSAEncryption
3b:ff:f0:4c:a2:7a:4f:49:7e:f5:df:c3:82:df:87:96:3a:fb:
9f:39:f4:f5:a1:fa:c1:6a:e8:fc:44:26:e9:08:b7:49:6b:a4:
55:b8:7d:3a:bf:5b:e1:0a:09:34:40:83:0f:5d:98:69:6f:aa:
ff:f4:80:7d:ef:9c:f1:67:d6:e3:70:c7:16:40:b7:63:5d:93:
e5:d2:98:56:f7:c2:79:cd:bf:ed:ad:5a:ae:9d:7b:0f:23:e3:
70:22:0b:06:30:7c:ea:20:91:8c:8d:65:76:7e:ff:46:96:e4:
8d:cf:c0:46:43:77:3c:e9:90:70:7b:7e:07:20:a5:1e:75:1c:
de:58:de:41:f4:31:3c:c2:83:70:f1:00:8c:a1:53:f2:24:3b:
7b:8b:91:f4:70:66:59:bf:4d:b6:a7:ca:00:0d:75:32:f9:5a:
bd:10:cc:e5:c0:bb:e3:8c:52:0d:de:3c:22:46:fd:67:08:a8:
1f:51:89:f1:9f:53:a7:61:d7:5b:e4:37:60:37:70:42:a8:9c:
d2:7a:21:15:fc:88:7b:6a:2e:66:4b:5a:3f:c5:0b:02:22:fa:
19:ee:27:b6:91:d6:90:2a:63:74:82:63:b4:8f:b3:1e:96:5a:
b2:d7:69:71:ee:bf:95:bb:c1:9d:29:57:58:d5:f6:87:6c:62:
f8:a2:57:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN/YeA//ZipKPWsm9/+RRPSPo3+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIwMTBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjYjRmMmFlZTAyOWFhZDgxMDU5ZGU1NzdkYjU0MWRlZTE2YTM2MjM3NTll
MTk3ODNjOWY0ODdkYThiMTk0YWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJPoT2ke3nwTEssqFm0iPtt1rBFIVGaO0IV5R9NhMHwDBPwKvYRAg8z4qbPT
EMgerT2GyxVga7NskZN5JXoZn0xf2qskN/g/ig6SFUICHxZOFephmvqrB4BF+wVA
G1Sje+1fxssCVrlBFH7jlmgunHeSmYgxEWzpdUFsAx38inAHIUQNL6zO1qQTo8WV
a2ejgTIDIoMfkyxLifS/ERdFj8kaIW0Yl/Z7r4+VdqbP1UOrBD8l/FycW8tORLm5
mprgUFHKQEAdatC15vI7CYDKm1otW5OLbIyVfJ7YVW0LlhOYgTCKbM9mwrR3iAw7
4Hpgpz/HsA0Hw2VI4ydvEBIhN/cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTOkXt1
DTa4AItk4qyULRKN173glTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjIzNmNhZDItYWI0OS00NTc0LWI3NDAtN2I3MGMyN2ZhZTg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCE
MA0GCSqGSIb3DQEBCwUAA4IBAQA7//BMonpPSX7138OC34eWOvufOfT1ofrBauj8
RCbpCLdJa6RVuH06v1vhCgk0QIMPXZhpb6r/9IB975zxZ9bjcMcWQLdjXZPl0phW
98J5zb/trVqunXsPI+NwIgsGMHzqIJGMjWV2fv9GluSNz8BGQ3c86ZBwe34HIKUe
dRzeWN5B9DE8woNw8QCMoVPyJDt7i5H0cGZZv022p8oADXUy+Vq9EMzlwLvjjFIN
3jwiRv1nCKgfUYnxn1OnYddb5DdgN3BCqJzSeiEV/Ih7ai5mS1o/xQsCIvoZ7ie2
kdaQKmN0gmO0j7Mellqy12lx7r+Vu8GdKVdY1faHbGL4oldX
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:09:27 2025 by rpki-client