Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f8d79c6-b773-4073-9ff4-2210e6a111b7.roa
File: 6f8d79c6-b773-4073-9ff4-2210e6a111b7.roa (raw, json)
Hash identifier: vTtcETLeaeW0R//Az3ckOf6gwEdiup8IV/hsLaGjd0Y=
Subject key identifier: 75:6B:D9:C2:74:3C:59:4B:C5:9E:4B:69:AB:CB:9B:DB:0C:C8:EA:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 256B87B3F891E228591E2A286525A849A4E4C526
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f8d79c6-b773-4073-9ff4-2210e6a111b7.roa
Signing time: Mon 01 Sep 2025 20:30:47 +0000
ROA not before: Mon 01 Sep 2025 20:30:47 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Sep 2025 13:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:6b:87:b3:f8:91:e2:28:59:1e:2a:28:65:25:a8:49:a4:e4:c5:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:47 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=9cf6248eac9eb725505b322c5af2e2ee2604792866466d399838a66091c643cf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:06:34:ff:66:82:a6:76:b8:e1:79:28:40:7e:
ab:c4:d5:57:48:b5:f0:b7:d6:ea:f8:09:05:08:b3:
00:79:54:a6:1e:7a:63:84:48:04:77:aa:88:18:f5:
a4:1d:85:1c:77:42:d1:f5:ed:78:76:96:b0:19:32:
e8:df:52:02:11:0d:9b:6f:45:17:45:ab:78:92:f0:
c7:cd:f1:ce:b9:4c:31:ed:a2:7c:b8:ba:de:e2:b8:
d0:6c:5c:cd:37:8c:28:8a:ed:bc:6e:79:b0:20:35:
51:74:8c:9f:ec:6c:44:e0:b4:da:b2:f2:85:fe:11:
8b:a2:0d:e1:17:12:b1:61:c4:2e:ae:70:fd:4b:d9:
70:cf:37:0d:e0:e9:72:20:9f:8a:f3:17:7f:8d:48:
d5:a1:b4:ed:a0:f9:87:c8:43:24:d4:8c:f7:2a:d1:
be:5a:de:97:d5:e4:56:96:44:22:8c:5a:44:6e:0e:
2c:43:dc:56:07:49:0d:1c:b3:e4:df:b2:7f:5e:1d:
07:8b:a9:cf:3f:5b:60:58:f4:02:86:3b:54:8d:61:
fa:1c:4f:64:d7:96:d8:ba:a7:4b:a3:41:c5:73:df:
5a:bc:60:92:ef:d8:02:42:b2:b2:7e:ac:fa:07:b2:
56:a0:79:4b:03:43:29:02:77:d2:5b:fb:01:5f:50:
f6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6B:D9:C2:74:3C:59:4B:C5:9E:4B:69:AB:CB:9B:DB:0C:C8:EA:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f8d79c6-b773-4073-9ff4-2210e6a111b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:1000::/40
Signature Algorithm: sha256WithRSAEncryption
1f:a9:45:8b:69:5d:fe:a4:7a:56:26:13:cb:29:cc:ec:b0:4f:
27:a0:bc:9e:08:36:24:11:bb:31:92:10:f3:d5:e0:1f:c1:3a:
fb:34:7c:dc:d3:55:57:a3:a1:dd:2e:bb:e7:3c:1b:4f:0f:4e:
9e:3c:72:1e:94:8a:45:1a:7b:7d:53:c9:7d:bc:30:fa:5a:42:
0b:43:28:7e:cb:a2:8b:9e:d0:9a:43:16:08:e8:ec:39:59:16:
58:57:e6:2a:07:0a:59:e5:b4:d9:f5:69:96:84:8b:e0:78:1b:
fb:9b:22:b3:72:6b:9f:01:03:a9:2e:49:a5:fa:69:83:d2:ca:
62:ba:02:4a:b4:d2:dd:10:8c:12:7e:79:60:5a:5b:51:18:43:
68:58:b1:e7:48:12:ce:bf:28:34:c6:e9:5b:e1:47:42:cd:28:
3f:a0:9d:21:b4:56:25:3e:f2:c0:7b:fd:12:d5:59:ca:5f:bd:
10:c8:52:17:c8:64:ad:99:31:eb:0a:00:4a:82:c4:bc:76:7f:
18:ee:ec:6c:61:92:97:1c:6b:fe:99:22:15:ba:de:fa:7b:5b:
63:94:e3:1b:11:8d:91:7b:50:5c:44:9c:ce:8c:3e:0c:bd:f3:
8a:46:dd:66:dd:b4:c7:74:6c:05:64:06:f5:35:4b:55:12:7c:
9a:82:8f:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJWuHs/iR4ihZHiooZSWoSaTkxSYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwNDdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDljZjYyNDhlYWM5ZWI3MjU1MDViMzIyYzVhZjJlMmVlMjYwNDc5Mjg2NjQ2
NmQzOTk4MzhhNjYwOTFjNjQzY2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMoGNP9mgqZ2uOF5KEB+q8TVV0i18LfW6vgJBQizAHlUph56Y4RIBHeqiBj1
pB2FHHdC0fXteHaWsBky6N9SAhENm29FF0WreJLwx83xzrlMMe2ifLi63uK40Gxc
zTeMKIrtvG55sCA1UXSMn+xsROC02rLyhf4Ri6IN4RcSsWHELq5w/UvZcM83DeDp
ciCfivMXf41I1aG07aD5h8hDJNSM9yrRvlrel9XkVpZEIoxaRG4OLEPcVgdJDRyz
5N+yf14dB4upzz9bYFj0AoY7VI1h+hxPZNeW2LqnS6NBxXPfWrxgku/YAkKysn6s
+geyVqB5SwNDKQJ30lv7AV9Q9tsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR1a9nC
dDxZS8WeS2mry5vbDMjqZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmY4ZDc5YzYtYjc3My00MDczLTlmZjQtMjIxMGU2YTExMWI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H4Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAfqUWLaV3+pHpWJhPLKczssE8noLyeCDYkEbsx
khDz1eAfwTr7NHzc01VXo6HdLrvnPBtPD06ePHIelIpFGnt9U8l9vDD6WkILQyh+
y6KLntCaQxYI6Ow5WRZYV+YqBwpZ5bTZ9WmWhIvgeBv7myKzcmufAQOpLkml+mmD
0spiugJKtNLdEIwSfnlgWltRGENoWLHnSBLOvyg0xulb4UdCzSg/oJ0htFYlPvLA
e/0S1VnKX70QyFIXyGStmTHrCgBKgsS8dn8Y7uxsYZKXHGv+mSIVut76e1tjlOMb
EY2Re1BcRJzOjD4MvfOKRt1m3bTHdGwFZAb1NUtVEnyago/6
-----END CERTIFICATE-----
Generated at Tue Sep 16 20:20:43 2025 by rpki-client