Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
File: 6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa (raw, json)
Hash identifier: U8dt2S6ZBvOjN53WU1TzgArokJbFGX5EWoyoCCLjzNI=
Subject key identifier: 53:41:92:56:E1:F1:20:95:B8:8C:AD:CC:5F:4B:78:00:B1:15:AB:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 690652B950B35576DCC98ED9A20B6C04974FF139
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
Signing time: Mon 01 Sep 2025 19:50:14 +0000
ROA not before: Mon 01 Sep 2025 19:50:14 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:06:52:b9:50:b3:55:76:dc:c9:8e:d9:a2:0b:6c:04:97:4f:f1:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:50:14 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=0a8db62f5e6a7542a1eb802ac4672e0c0dfd23b87cd0f9d11a136f0301e498e3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:72:52:ba:3f:ab:f3:47:38:23:17:a4:c5:d9:
f8:78:0f:d8:34:a5:59:14:a8:32:6f:4f:72:92:01:
06:be:94:ad:9c:32:f8:0b:20:48:e4:eb:fb:a6:e2:
3e:ca:7b:cc:af:10:48:bc:16:4d:2e:ac:47:8d:80:
e1:1c:f8:7a:4f:e3:46:a7:e8:ed:d2:cb:29:da:97:
5f:32:77:01:12:e7:00:55:a5:3b:10:a6:1e:aa:78:
53:b2:10:53:12:63:c2:f9:3c:8a:68:1b:63:53:dd:
70:9d:d7:1a:4f:c2:5e:bb:9b:5a:53:51:4f:0b:8d:
a7:32:f3:45:02:aa:f0:fd:ad:09:dc:f0:7e:dc:2e:
86:73:e9:50:f0:5f:19:96:e7:a7:cf:12:f7:e2:bf:
91:ea:9e:98:5f:21:eb:34:35:7f:e8:c1:42:09:2d:
3c:6f:18:ab:13:a6:cc:0a:6b:e8:60:86:81:ff:c8:
6b:c0:a7:6d:49:eb:b0:07:ee:35:c8:cd:23:68:ce:
01:21:2f:e6:55:4a:8a:a4:70:c0:f2:dd:39:04:30:
fe:3e:e0:8f:7f:0f:c8:83:9f:9b:12:22:d8:c6:e3:
a0:f2:9f:66:1c:08:c4:0b:90:65:36:f9:f2:a6:10:
f5:69:d2:8c:0b:70:05:b9:fc:ac:0a:65:34:66:34:
53:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:41:92:56:E1:F1:20:95:B8:8C:AD:CC:5F:4B:78:00:B1:15:AB:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4040::/48
Signature Algorithm: sha256WithRSAEncryption
90:ad:6c:2d:fd:b1:b4:a1:d8:f8:22:56:f6:88:ca:29:f8:4d:
6b:5a:0a:05:de:33:91:38:aa:05:d4:d6:ac:f5:fe:13:66:5b:
c1:d3:5c:92:4c:3a:5e:ac:5e:94:d2:1e:c1:ff:a4:75:03:b2:
56:fe:0e:7b:8f:f3:cd:66:fe:47:e9:77:9d:44:c2:8b:11:0b:
3f:dd:6c:ea:27:6d:cd:e3:98:12:ab:e3:58:2c:82:dc:67:c6:
7a:e7:cf:0a:3f:2d:3f:98:a9:87:6d:5d:08:c4:2f:ae:5c:26:
c5:82:96:1f:67:fa:3f:c0:6a:43:76:d6:ed:07:4d:4d:ef:bb:
82:a6:36:3b:da:81:f8:87:ed:f0:0f:85:23:15:7d:17:cc:b5:
60:29:d8:5c:5d:17:4e:e8:9e:f8:c2:d7:14:c2:55:13:8a:1b:
f0:f7:82:49:fa:57:77:80:23:40:18:58:eb:71:74:aa:05:a1:
83:57:48:cc:d8:90:fd:34:a1:2f:30:f9:c7:26:2e:4b:94:5e:
7e:cd:f2:38:dc:05:b8:cd:42:20:db:78:c3:c6:22:3c:b7:e6:
04:40:31:60:3a:74:d4:3c:c7:87:7e:37:84:ad:92:e5:a7:ef:
12:a0:8c:6d:7f:c7:c7:15:85:ed:02:01:21:4b:ce:a5:e1:1b:
d2:e2:56:1d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaQZSuVCzVXbcyY7ZogtsBJdP8TkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTUwMTRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhOGRiNjJmNWU2YTc1NDJhMWViODAyYWM0NjcyZTBjMGRmZDIzYjg3Y2Qw
ZjlkMTFhMTM2ZjAzMDFlNDk4ZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlyUro/q/NHOCMXpMXZ+HgP2DSlWRSoMm9PcpIBBr6UrZwy+AsgSOTr+6bi
Psp7zK8QSLwWTS6sR42A4Rz4ek/jRqfo7dLLKdqXXzJ3ARLnAFWlOxCmHqp4U7IQ
UxJjwvk8imgbY1PdcJ3XGk/CXrubWlNRTwuNpzLzRQKq8P2tCdzwftwuhnPpUPBf
GZbnp88S9+K/keqemF8h6zQ1f+jBQgktPG8YqxOmzApr6GCGgf/Ia8CnbUnrsAfu
NcjNI2jOASEv5lVKiqRwwPLdOQQw/j7gj38PyIOfmxIi2MbjoPKfZhwIxAuQZTb5
8qYQ9WnSjAtwBbn8rAplNGY0U8sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRTQZJW
4fEglbiMrcxfS3gAsRWrGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU0ZDk4OTAtYjRmNC00YjllLWE3MzQtYjYzZjUxNTM2MGUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
QDANBgkqhkiG9w0BAQsFAAOCAQEAkK1sLf2xtKHY+CJW9ojKKfhNa1oKBd4zkTiq
BdTWrPX+E2ZbwdNckkw6XqxelNIewf+kdQOyVv4Oe4/zzWb+R+l3nUTCixELP91s
6idtzeOYEqvjWCyC3GfGeufPCj8tP5iph21dCMQvrlwmxYKWH2f6P8BqQ3bW7QdN
Te+7gqY2O9qB+Ift8A+FIxV9F8y1YCnYXF0XTuie+MLXFMJVE4ob8PeCSfpXd4Aj
QBhY63F0qgWhg1dIzNiQ/TShLzD5xyYuS5Refs3yONwFuM1CINt4w8YiPLfmBEAx
YDp01DzHh343hK2S5afvEqCMbX/HxxWF7QIBIUvOpeEb0uJWHQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:06 2025 by rpki-client