Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ddb8169-a0ba-4989-b488-a344085c56c9.roa
File: 6ddb8169-a0ba-4989-b488-a344085c56c9.roa (raw, json)
Hash identifier: UOE3/bvQJ3U0ARPK4CCMF0tpwTHOXea83XY6GR+SrqQ=
Subject key identifier: 37:13:70:9E:8C:E5:79:DB:8D:8A:AB:B7:99:E8:AD:D3:D9:B2:D5:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4BB1F5D195442F651D9A265DA86223AB59CD0E12
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ddb8169-a0ba-4989-b488-a344085c56c9.roa
Signing time: Mon 01 Sep 2025 20:41:08 +0000
ROA not before: Mon 01 Sep 2025 20:41:08 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 13:49:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:b1:f5:d1:95:44:2f:65:1d:9a:26:5d:a8:62:23:ab:59:cd:0e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:41:08 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=4ba7a0d2d82373f1b23f055e0b58db02d5fd6098608722917ae1fd99a743ba02, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cd:10:8e:78:40:00:e2:90:ee:4a:d1:27:7f:
3e:c0:b9:d5:35:83:52:f3:e5:f3:95:85:5c:c2:dc:
d0:3f:1c:b9:c1:d4:a4:65:61:d1:24:ea:ab:c7:f5:
e7:3e:8c:21:9a:3a:b7:4b:27:bc:ea:fb:5d:f7:12:
03:0b:90:6b:6c:bb:65:5e:ba:4a:fb:a3:84:40:7e:
28:15:ca:d0:c8:8b:9d:bc:6b:9b:94:bd:cd:df:b0:
20:69:bd:54:c4:7b:c4:c9:b6:ab:81:27:aa:21:00:
fd:05:e0:91:68:66:57:c2:da:13:a2:0b:76:96:80:
80:e1:c1:1a:5f:58:05:c4:2b:67:d9:bc:b8:42:09:
00:d6:41:99:26:36:4a:f2:37:e7:8d:a9:bf:a2:6e:
79:38:22:5f:2d:c5:f2:15:ae:98:fe:af:85:bf:f1:
2a:7d:b2:51:d2:fd:79:c0:ca:78:70:c0:57:b5:fe:
9f:d8:a8:90:f3:38:79:4d:2c:0e:42:01:43:9c:d4:
0a:7c:71:14:d5:8c:5a:94:af:f9:fc:5a:df:62:30:
f2:b2:7c:82:a9:91:ac:a5:b0:50:4d:3d:6a:02:fb:
5d:49:a9:c8:88:91:d4:b4:32:e4:26:78:35:94:6d:
cf:3f:af:5f:40:4a:29:e9:92:ea:8f:8a:ce:63:44:
37:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:13:70:9E:8C:E5:79:DB:8D:8A:AB:B7:99:E8:AD:D3:D9:B2:D5:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ddb8169-a0ba-4989-b488-a344085c56c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:c000::/40
Signature Algorithm: sha256WithRSAEncryption
7d:f2:03:ec:e5:f1:71:02:cc:c4:f9:be:aa:9d:72:b3:93:cb:
fa:7b:97:36:fe:ee:c8:de:c7:dc:63:40:6b:c5:7c:08:6d:9e:
d6:ae:82:b0:d7:90:15:08:b0:dc:34:e9:48:5c:4f:b5:a3:a6:
1f:20:9e:7f:31:79:d9:14:36:55:76:cf:22:01:1e:a2:e3:6d:
76:d4:ec:c4:58:ce:18:a3:7d:86:66:9c:3b:d7:84:6a:75:6d:
ad:1f:c6:e7:93:af:29:24:81:00:40:7c:7e:d7:e4:0c:5a:76:
13:ec:53:84:c3:fe:bb:2c:2d:c8:ab:ff:0f:9f:d7:7e:82:c1:
e5:05:f1:7b:bd:2e:ff:12:5d:ed:be:d3:d5:37:75:03:7f:49:
e8:83:0a:a8:84:82:e8:69:e0:b6:4a:79:6a:1b:19:36:c8:5d:
53:fb:74:45:b9:bb:d1:3e:f1:64:e3:39:0c:18:c5:5a:03:5e:
91:25:13:1d:9f:9f:fd:b7:35:f6:2a:f0:0b:d5:67:3f:62:e9:
0f:aa:31:cf:b3:1a:98:85:51:13:35:4c:d4:7c:f7:36:92:74:
80:6f:d8:2e:da:27:47:47:34:53:38:57:b8:7a:06:1e:21:5c:
e1:91:4d:fa:cb:25:4f:32:19:5d:8c:00:5a:8d:54:c4:bb:e5:
0b:6f:ab:26
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUS7H10ZVEL2UdmiZdqGIjq1nNDhIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQxMDhaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiYTdhMGQyZDgyMzczZjFiMjNmMDU1ZTBiNThkYjAyZDVmZDYwOTg2MDg3
MjI5MTdhZTFmZDk5YTc0M2JhMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI3NEI54QADikO5K0Sd/PsC51TWDUvPl85WFXMLc0D8cucHUpGVh0STqq8f1
5z6MIZo6t0snvOr7XfcSAwuQa2y7ZV66SvujhEB+KBXK0MiLnbxrm5S9zd+wIGm9
VMR7xMm2q4EnqiEA/QXgkWhmV8LaE6ILdpaAgOHBGl9YBcQrZ9m8uEIJANZBmSY2
SvI3542pv6JueTgiXy3F8hWumP6vhb/xKn2yUdL9ecDKeHDAV7X+n9iokPM4eU0s
DkIBQ5zUCnxxFNWMWpSv+fxa32Iw8rJ8gqmRrKWwUE09agL7XUmpyIiR1LQy5CZ4
NZRtzz+vX0BKKemS6o+KzmNEN+ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3E3Ce
jOV5242Kq7eZ6K3T2bLVPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmRkYjgxNjktYTBiYS00OTg5LWI0ODgtYTM0NDA4NWM1NmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HHA
MA0GCSqGSIb3DQEBCwUAA4IBAQB98gPs5fFxAszE+b6qnXKzk8v6e5c2/u7I3sfc
Y0BrxXwIbZ7WroKw15AVCLDcNOlIXE+1o6YfIJ5/MXnZFDZVds8iAR6i42121OzE
WM4Yo32GZpw714RqdW2tH8bnk68pJIEAQHx+1+QMWnYT7FOEw/67LC3Iq/8Pn9d+
gsHlBfF7vS7/El3tvtPVN3UDf0nogwqohILoaeC2SnlqGxk2yF1T+3RFubvRPvFk
4zkMGMVaA16RJRMdn5/9tzX2KvAL1Wc/YukPqjHPsxqYhVETNUzUfPc2knSAb9gu
2idHRzRTOFe4egYeIVzhkU36yyVPMhldjABajVTEu+ULb6sm
-----END CERTIFICATE-----
Generated at Thu Sep 18 22:36:36 2025 by rpki-client