Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee98048-5141-4b16-8b8c-269a397f53ce.roa
File: 6ee98048-5141-4b16-8b8c-269a397f53ce.roa (raw, json)
Hash identifier: ZxkT9AfKUdRSRm9n9X+LZ6+I+idp0Z59SVQ46k6gfJw=
Subject key identifier: 45:9D:6E:D4:94:40:28:B4:4D:46:92:93:01:16:B4:78:BE:29:99:EB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 278F10FF7B02FF5A868DB84A8903F670CC8CD9A6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee98048-5141-4b16-8b8c-269a397f53ce.roa
Signing time: Mon 01 Sep 2025 20:00:08 +0000
ROA not before: Mon 01 Sep 2025 20:00:08 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:8f:10:ff:7b:02:ff:5a:86:8d:b8:4a:89:03:f6:70:cc:8c:d9:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:00:08 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=40bb665cb1c40a41b160b8a2ee54989ed83650cb8c40230bdc0b7dba77b466cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:60:75:bd:17:9a:06:2b:cd:83:69:bf:d8:cb:
a0:7a:5a:a3:80:8b:f0:e9:cf:4e:71:53:2d:5b:7a:
02:c2:71:22:a1:72:4b:43:b5:1b:bb:7f:f0:e7:71:
de:b8:56:96:1f:8d:69:c7:32:77:04:42:7d:fa:5e:
a8:aa:1f:1f:3b:9f:8b:8f:e8:7f:b0:07:05:9a:c7:
ef:b3:97:7c:8f:59:bc:6d:35:bf:9a:8d:c3:2c:3f:
0a:77:b6:e1:65:6b:47:08:a6:f8:38:0c:74:af:a2:
9d:c8:90:85:db:5c:0b:2f:c1:8a:6b:83:0f:46:01:
c9:4f:68:4e:19:3b:27:72:e2:b5:0b:6c:79:e3:c9:
5f:26:63:c4:bb:8a:d0:43:3d:34:cd:5c:2a:00:6f:
2a:b6:d9:b8:fa:8d:90:f2:3a:98:83:31:47:15:d4:
b0:29:43:3f:9f:8b:8b:a5:22:e0:9d:ca:b1:1a:20:
2f:26:2a:42:7e:ce:d0:26:5c:db:3f:ce:e8:22:6d:
75:8f:f7:15:38:b5:55:60:5a:43:60:63:d9:46:4c:
be:d1:d9:2a:fd:1f:d0:87:a0:a1:e8:8f:09:bb:50:
4b:a1:4f:5b:97:86:0c:87:40:4a:b3:4a:ee:4b:4b:
c9:8e:42:41:90:a1:65:44:1e:4a:77:ba:dc:ab:c0:
4a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:9D:6E:D4:94:40:28:B4:4D:46:92:93:01:16:B4:78:BE:29:99:EB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee98048-5141-4b16-8b8c-269a397f53ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4080::/48
Signature Algorithm: sha256WithRSAEncryption
04:42:57:5a:80:c4:ba:c4:b2:fe:02:22:6e:7f:e8:73:e6:ec:
80:7b:31:0b:97:88:bd:6b:34:90:e3:ac:c1:15:05:3b:66:09:
df:d2:59:62:10:7e:67:b1:ee:a9:db:37:47:0a:c8:98:b6:b9:
4d:aa:1b:67:50:cf:dd:8b:76:5f:65:87:c4:8b:d9:7a:46:63:
c4:9c:09:da:75:ad:b2:8d:5e:7d:6b:03:9c:1a:f3:79:48:0d:
3c:2c:b3:5c:14:fd:32:cf:15:bf:e1:d7:06:1f:1f:7d:6d:4f:
b4:03:1d:16:9b:70:fd:9f:40:82:cd:76:12:08:dd:f0:f3:a3:
ae:fb:69:7a:0c:69:23:7c:98:6b:ea:ec:b0:f1:70:e4:5d:5f:
dd:6f:d0:3d:71:0e:4c:68:51:36:7d:61:b6:a1:cf:02:95:2b:
45:75:96:9a:a7:ee:46:f5:ea:6f:2f:9d:c2:e5:ea:65:19:33:
78:89:9a:fe:1d:76:90:a6:70:be:8d:b9:31:8c:8b:d6:56:a8:
0d:48:d3:a2:bf:50:d8:cb:cd:d5:30:b5:36:fc:ca:fb:25:a7:
16:04:c5:4f:e2:b1:b2:f3:14:32:37:d8:e2:37:32:a9:29:ca:
f4:d5:b7:71:9b:5f:5e:af:0a:1a:38:d3:2e:7a:67:cc:36:22:
ed:ff:03:86
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJ48Q/3sC/1qGjbhKiQP2cMyM2aYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDAwMDhaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwYmI2NjVjYjFjNDBhNDFiMTYwYjhhMmVlNTQ5ODllZDgzNjUwY2I4YzQw
MjMwYmRjMGI3ZGJhNzdiNDY2Y2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNgdb0XmgYrzYNpv9jLoHpao4CL8OnPTnFTLVt6AsJxIqFyS0O1G7t/8Odx
3rhWlh+NaccydwRCffpeqKofHzufi4/of7AHBZrH77OXfI9ZvG01v5qNwyw/Cne2
4WVrRwim+DgMdK+inciQhdtcCy/BimuDD0YByU9oThk7J3LitQtseePJXyZjxLuK
0EM9NM1cKgBvKrbZuPqNkPI6mIMxRxXUsClDP5+Li6Ui4J3KsRogLyYqQn7O0CZc
2z/O6CJtdY/3FTi1VWBaQ2Bj2UZMvtHZKv0f0IegoeiPCbtQS6FPW5eGDIdASrNK
7ktLyY5CQZChZUQeSne63KvASisCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRFnW7U
lEAotE1GkpMBFrR4vimZ6zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmVlOTgwNDgtNTE0MS00YjE2LThiOGMtMjY5YTM5N2Y1M2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
gDANBgkqhkiG9w0BAQsFAAOCAQEABEJXWoDEusSy/gIibn/oc+bsgHsxC5eIvWs0
kOOswRUFO2YJ39JZYhB+Z7Huqds3RwrImLa5TaobZ1DP3Yt2X2WHxIvZekZjxJwJ
2nWtso1efWsDnBrzeUgNPCyzXBT9Ms8Vv+HXBh8ffW1PtAMdFptw/Z9Ags12Egjd
8POjrvtpegxpI3yYa+rssPFw5F1f3W/QPXEOTGhRNn1htqHPApUrRXWWmqfuRvXq
by+dwuXqZRkzeIma/h12kKZwvo25MYyL1laoDUjTor9Q2MvN1TC1NvzK+yWnFgTF
T+KxsvMUMjfY4jcyqSnK9NW3cZtfXq8KGjjTLnpnzDYi7f8Dhg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:18 2025 by rpki-client