Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ddb8169-a0ba-4989-b488-a344085c56c9.roa
File: 6ddb8169-a0ba-4989-b488-a344085c56c9.roa (raw, json)
Hash identifier: ntDwtpYy1qVleyafEpa+mJZmZ83gNeh9//MgZ+5gX8U=
Subject key identifier: 3D:70:9C:42:46:21:5A:1F:8F:4F:1B:9E:0F:64:98:99:D3:CA:7C:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29167C6646103AD74B5B076433A83982C87CA965
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ddb8169-a0ba-4989-b488-a344085c56c9.roa
Signing time: Tue 05 Aug 2025 19:40:13 +0000
ROA not before: Tue 05 Aug 2025 19:40:13 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:16:7c:66:46:10:3a:d7:4b:5b:07:64:33:a8:39:82:c8:7c:a9:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:40:13 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=b13fd03590b41a91519b4405d556c95ddfdd8b875ab44b7de2d881ef2aa30328, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:df:5c:30:19:c3:a8:c8:4a:0f:4c:6e:67:60:
e8:5e:5d:5c:ba:6e:79:d5:a5:39:63:21:97:45:46:
9e:c9:8d:73:d0:8d:b2:de:6b:5f:30:46:a0:0c:e4:
9c:b6:1c:3c:6f:51:81:bb:4b:1c:3a:41:5e:2e:c9:
2e:66:ca:2e:f4:68:01:6c:f9:8e:2a:7b:a4:2c:f9:
12:86:cc:14:1c:f9:20:d0:25:bc:11:86:54:8b:56:
5b:e5:aa:91:1b:59:0a:f1:3b:74:34:a9:86:bf:0e:
89:ea:b8:43:0d:34:e4:39:80:45:ff:c2:f9:50:67:
a2:19:d7:c6:a2:e8:6c:90:f1:b7:26:94:f7:15:8d:
84:43:2e:23:a4:d5:d9:ee:09:2d:56:7a:a9:95:8e:
b2:0e:be:96:5a:85:f1:c4:1c:ef:0f:d0:0e:ee:b7:
d8:f2:24:f8:a4:b2:f8:2a:1d:94:83:3f:d4:a2:5b:
ea:4a:09:08:60:b4:3f:c8:38:a5:31:5c:38:59:b5:
39:84:8c:4c:b3:27:31:80:fa:b7:1a:b7:f2:c0:09:
b0:85:7e:73:d7:c3:77:a1:ca:03:f4:66:6c:82:1a:
8c:35:52:c7:e5:72:f5:3b:1c:b5:cd:8c:1a:29:ea:
50:ff:57:89:c5:4c:96:f4:b5:1a:d2:65:a7:54:ef:
db:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:70:9C:42:46:21:5A:1F:8F:4F:1B:9E:0F:64:98:99:D3:CA:7C:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ddb8169-a0ba-4989-b488-a344085c56c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:c000::/40
Signature Algorithm: sha256WithRSAEncryption
41:30:3f:8a:e8:28:94:e9:06:30:0f:c9:88:1c:68:e9:50:ad:
37:a9:4d:d9:af:46:7f:dc:92:66:2e:cb:8f:55:2d:5c:65:0d:
1c:ca:2c:22:31:dd:2b:53:7f:72:6e:76:2c:65:e8:ad:dd:39:
e6:7b:f3:6a:ab:c0:b8:69:1d:7b:01:83:d6:4d:5c:36:21:05:
ae:3e:5d:7f:78:72:ae:44:b2:99:e2:2e:e2:4c:25:e4:a8:e6:
8a:03:d9:7e:c3:c7:54:41:4e:9d:3c:9a:07:4c:8c:56:7d:46:
12:ea:5d:bc:80:34:bb:6e:2d:8d:ea:89:58:39:09:35:95:47:
9f:79:fe:21:88:47:fb:b3:2f:48:c1:8e:b0:9d:c0:0d:ef:8e:
35:06:39:44:53:5c:8b:2a:5e:0e:ce:db:13:a8:4a:3b:80:cf:
59:56:06:b6:f4:df:46:7e:d5:1b:64:7b:2d:3a:42:f3:41:01:
99:fb:ef:74:d2:7c:33:96:97:45:5f:64:ad:5b:e7:6d:7b:50:
fa:a5:61:b6:db:4c:99:68:80:89:9d:67:58:ca:74:3d:72:73:
e9:6a:00:b1:ee:1d:9c:9c:73:22:18:01:49:4c:b6:01:c4:1a:
eb:96:c5:a0:87:11:40:86:33:b1:13:63:e5:dd:9c:21:5b:be:
d4:a2:06:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKRZ8ZkYQOtdLWwdkM6g5gsh8qWUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQwMTNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxM2ZkMDM1OTBiNDFhOTE1MTliNDQwNWQ1NTZjOTVkZGZkZDhiODc1YWI0
NGI3ZGUyZDg4MWVmMmFhMzAzMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANnfXDAZw6jISg9Mbmdg6F5dXLpuedWlOWMhl0VGnsmNc9CNst5rXzBGoAzk
nLYcPG9RgbtLHDpBXi7JLmbKLvRoAWz5jip7pCz5EobMFBz5INAlvBGGVItWW+Wq
kRtZCvE7dDSphr8Oieq4Qw005DmARf/C+VBnohnXxqLobJDxtyaU9xWNhEMuI6TV
2e4JLVZ6qZWOsg6+llqF8cQc7w/QDu632PIk+KSy+CodlIM/1KJb6koJCGC0P8g4
pTFcOFm1OYSMTLMnMYD6txq38sAJsIV+c9fDd6HKA/RmbIIajDVSx+Vy9Tsctc2M
GinqUP9XicVMlvS1GtJlp1Tv220CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9cJxC
RiFaH49PG54PZJiZ08p8ITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmRkYjgxNjktYTBiYS00OTg5LWI0ODgtYTM0NDA4NWM1NmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HHA
MA0GCSqGSIb3DQEBCwUAA4IBAQBBMD+K6CiU6QYwD8mIHGjpUK03qU3Zr0Z/3JJm
LsuPVS1cZQ0cyiwiMd0rU39ybnYsZeit3Tnme/Nqq8C4aR17AYPWTVw2IQWuPl1/
eHKuRLKZ4i7iTCXkqOaKA9l+w8dUQU6dPJoHTIxWfUYS6l28gDS7bi2N6olYOQk1
lUefef4hiEf7sy9IwY6wncAN7441BjlEU1yLKl4OztsTqEo7gM9ZVga29N9GftUb
ZHstOkLzQQGZ++900nwzlpdFX2StW+dte1D6pWG220yZaICJnWdYynQ9cnPpagCx
7h2cnHMiGAFJTLYBxBrrlsWghxFAhjOxE2Pl3ZwhW77Uogaa
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:28 2025 by rpki-client