Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f8d79c6-b773-4073-9ff4-2210e6a111b7.roa
File: 6f8d79c6-b773-4073-9ff4-2210e6a111b7.roa (raw, json)
Hash identifier: fnUIvhAa/zHLu7rj/IvbWEjGaTe0rc32AggEs+K8Xvg=
Subject key identifier: B5:4F:4F:52:02:CE:60:83:94:DF:F3:87:37:D8:6B:22:CB:E1:EC:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 064A7E63B2615769F8ECFAAE5B274BE861E565A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f8d79c6-b773-4073-9ff4-2210e6a111b7.roa
Signing time: Tue 05 Aug 2025 19:41:11 +0000
ROA not before: Tue 05 Aug 2025 19:41:11 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:4a:7e:63:b2:61:57:69:f8:ec:fa:ae:5b:27:4b:e8:61:e5:65:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:41:11 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=7f0a9e2621d090a9c43a100459ace0b31de58d5f198fbc1fab386b214f376ae7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cd:b1:e4:c3:0a:80:18:04:90:bc:42:d6:f3:
b0:e8:b3:12:1a:33:ad:8b:60:1c:b1:90:45:ab:93:
30:08:1c:20:4f:eb:64:1b:59:7b:48:de:87:49:a7:
ef:eb:e9:f4:80:ac:1d:89:a3:9a:4d:67:47:22:11:
ab:a6:ec:b2:e3:98:11:89:79:30:ba:aa:59:e4:14:
f0:03:11:ce:4b:50:17:ca:b7:2f:ce:03:6f:ac:a6:
50:07:ce:17:4b:9f:e6:f0:fd:75:a8:a8:0d:63:46:
62:fb:ad:07:2d:db:4c:5a:10:d3:86:e4:0a:8f:81:
38:ce:cf:5d:59:e0:5f:59:7c:63:91:b1:f7:ea:6d:
f0:61:f0:3f:9b:1d:57:13:76:a6:ab:65:9b:0c:c4:
bb:df:e9:ab:56:58:db:e8:ad:5b:69:1c:1b:ea:a6:
c2:71:dd:f6:c8:19:3e:b4:b9:b0:1b:a6:05:53:f8:
6f:ff:1b:fc:06:2e:ec:dc:62:ae:cc:77:cc:b5:79:
26:ae:9f:54:5d:26:42:a1:33:2c:ba:2d:91:cb:de:
8b:23:21:48:ed:b2:85:63:75:6e:e8:b2:bf:08:62:
0d:c4:d6:e6:91:99:44:1d:c2:71:3c:8c:04:45:bb:
3b:32:e7:74:38:59:cb:1f:bd:29:46:5c:80:a7:11:
cb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:4F:4F:52:02:CE:60:83:94:DF:F3:87:37:D8:6B:22:CB:E1:EC:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f8d79c6-b773-4073-9ff4-2210e6a111b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:1000::/40
Signature Algorithm: sha256WithRSAEncryption
a1:00:15:b7:f9:2b:7c:bf:36:aa:fa:a0:f4:05:78:15:08:9b:
db:5f:7f:0c:b6:32:37:87:e9:25:97:09:28:81:3a:ec:22:e4:
da:31:5b:b7:1b:9a:04:69:c8:21:48:0d:d1:64:00:f1:67:5b:
9b:5e:2b:13:ec:65:40:d0:2c:fd:64:ab:4b:29:42:0f:34:e9:
7c:cc:ec:d7:50:7a:37:06:df:03:2c:1d:fe:d1:dd:d1:42:69:
54:ff:a3:1b:b4:50:7a:56:9c:c2:70:9d:7b:95:47:a4:d6:63:
5d:ed:93:81:ec:98:71:da:70:bf:2e:20:ee:fe:e5:d3:08:9f:
05:3a:6a:89:f7:4a:bb:98:7b:8f:70:f3:15:06:52:3b:7d:ef:
b1:52:00:44:d2:db:e5:a8:ea:af:44:e3:c1:0f:7b:ca:0b:d5:
48:58:4c:7a:45:5b:fa:33:b1:fd:15:f8:dd:88:7f:1e:8e:00:
1d:81:f4:7d:96:3d:bf:f7:45:48:38:0e:37:ef:e8:e7:12:ca:
01:ff:cf:b8:2c:2d:22:ee:08:6f:6e:db:8c:73:7e:0c:5c:a8:
23:ea:71:1e:f0:09:85:69:75:5b:26:93:cd:2b:5d:ff:ae:45:
37:6e:ed:02:42:4b:98:57:5c:b6:48:78:12:8d:8b:20:61:7c:
47:a1:2f:16
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBkp+Y7JhV2n47PquWydL6GHlZaMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQxMTFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmMGE5ZTI2MjFkMDkwYTljNDNhMTAwNDU5YWNlMGIzMWRlNThkNWYxOThm
YmMxZmFiMzg2YjIxNGYzNzZhZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfNseTDCoAYBJC8QtbzsOizEhozrYtgHLGQRauTMAgcIE/rZBtZe0jeh0mn
7+vp9ICsHYmjmk1nRyIRq6bssuOYEYl5MLqqWeQU8AMRzktQF8q3L84Db6ymUAfO
F0uf5vD9daioDWNGYvutBy3bTFoQ04bkCo+BOM7PXVngX1l8Y5Gx9+pt8GHwP5sd
VxN2pqtlmwzEu9/pq1ZY2+itW2kcG+qmwnHd9sgZPrS5sBumBVP4b/8b/AYu7Nxi
rsx3zLV5Jq6fVF0mQqEzLLotkcveiyMhSO2yhWN1buiyvwhiDcTW5pGZRB3CcTyM
BEW7OzLndDhZyx+9KUZcgKcRyyECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS1T09S
As5gg5Tf84c32Gsiy+HsSTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmY4ZDc5YzYtYjc3My00MDczLTlmZjQtMjIxMGU2YTExMWI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H4Q
MA0GCSqGSIb3DQEBCwUAA4IBAQChABW3+St8vzaq+qD0BXgVCJvbX38MtjI3h+kl
lwkogTrsIuTaMVu3G5oEacghSA3RZADxZ1ubXisT7GVA0Cz9ZKtLKUIPNOl8zOzX
UHo3Bt8DLB3+0d3RQmlU/6MbtFB6VpzCcJ17lUek1mNd7ZOB7Jhx2nC/LiDu/uXT
CJ8FOmqJ90q7mHuPcPMVBlI7fe+xUgBE0tvlqOqvROPBD3vKC9VIWEx6RVv6M7H9
FfjdiH8ejgAdgfR9lj2/90VIOA437+jnEsoB/8+4LC0i7ghvbtuMc34MXKgj6nEe
8AmFaXVbJpPNK13/rkU3bu0CQkuYV1y2SHgSjYsgYXxHoS8W
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:29 2025 by rpki-client