Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6fbb7303-c6a4-43da-bcdb-d26ab78c366e.roa
File: 6fbb7303-c6a4-43da-bcdb-d26ab78c366e.roa (raw, json)
Hash identifier: jMNtCkcouyBkHoCwfaCbDF6m+ObY/tQQPz/RVhGjCvQ=
Subject key identifier: 9C:83:9D:E5:0C:E6:40:04:89:35:6E:24:97:F9:25:15:66:75:A8:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2659A9F47A83379C221D00160AA1A3F6E2315F65
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6fbb7303-c6a4-43da-bcdb-d26ab78c366e.roa
Signing time: Mon 01 Sep 2025 20:20:18 +0000
ROA not before: Mon 01 Sep 2025 20:20:18 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:59:a9:f4:7a:83:37:9c:22:1d:00:16:0a:a1:a3:f6:e2:31:5f:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:20:18 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=33325c4d29fb348ebf052d546789a8b23291560b3cb86eda4beccefbf3e9f6ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:42:8a:83:df:16:21:2c:c5:38:b2:79:b7:b5:
16:d1:22:a5:71:18:a2:39:e5:64:ec:e3:94:70:39:
63:01:87:05:7a:63:67:67:31:c9:ac:98:42:b1:3e:
ae:bd:54:c3:51:fe:07:d2:12:a8:f5:8a:e2:a9:58:
16:e2:03:ed:77:67:88:15:24:99:cd:0c:cb:e7:27:
4e:0f:bb:45:e6:19:3d:de:0c:f4:37:00:69:28:4e:
69:fa:e9:6e:fc:9f:bd:e8:87:37:d1:e2:7a:7c:04:
23:3a:cd:6e:f3:c1:22:5e:fe:07:83:a3:d7:cb:1a:
f0:47:0f:f7:a3:40:74:dd:f7:2d:43:b1:76:23:54:
dc:0f:f8:4e:bc:f2:59:6e:e6:a9:ba:86:3e:28:6e:
7a:52:e7:c9:92:93:92:3c:65:e3:0c:04:75:fd:2f:
39:e4:df:b8:ea:7c:ee:06:d4:f3:2c:02:37:89:b3:
51:e4:a9:0d:9b:2c:34:dc:03:83:94:ad:ad:56:be:
59:be:92:02:73:1b:6f:6b:55:17:f5:9e:7d:a4:41:
a3:60:8f:9d:dc:d2:82:01:c4:90:8c:53:11:bf:1e:
e5:ba:f6:89:2e:f1:4e:fd:a5:07:c1:d5:09:e5:c2:
b9:d3:7c:2b:fe:42:2c:ef:0b:4c:b7:7d:b7:b5:00:
a1:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:83:9D:E5:0C:E6:40:04:89:35:6E:24:97:F9:25:15:66:75:A8:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6fbb7303-c6a4-43da-bcdb-d26ab78c366e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2040::/48
Signature Algorithm: sha256WithRSAEncryption
1e:d7:39:09:e2:e0:59:c9:9a:d7:d0:b3:59:26:aa:eb:ba:5b:
bb:38:b2:2e:cd:56:cf:0d:ed:c0:ec:23:54:9a:76:20:7b:17:
72:e3:16:28:3d:76:83:7b:50:77:41:c1:92:24:56:6f:cc:da:
ad:d2:7a:6f:25:fc:84:61:49:db:16:e7:54:9f:e9:75:f8:61:
8b:0b:d5:9f:bd:3d:ac:94:af:86:d3:5c:2f:99:c5:12:58:c6:
79:37:3c:f8:ab:c4:4f:9e:75:fc:fc:73:5d:a7:e8:0b:91:f2:
09:90:2f:d0:8b:6d:a5:d9:0b:a3:8a:ea:08:ef:db:ab:32:f8:
96:9c:e3:95:61:5e:ab:5d:37:69:8f:d1:0b:1c:0e:bd:53:3f:
8e:f1:c7:b2:2c:3a:2f:26:3b:c1:ad:82:a3:dd:a0:bc:c8:d8:
4d:86:a2:47:3d:d2:41:c5:50:b6:91:07:05:ca:8f:62:d3:cd:
3e:f6:e0:2f:ce:8c:6d:6a:d4:cc:14:07:b3:23:8c:26:ac:a3:
8c:7b:a3:0e:a5:31:6d:39:7f:61:89:30:37:0f:c3:c5:40:9f:
6d:a3:f9:bf:97:de:72:05:fc:6b:2f:48:b4:43:54:a9:6d:e2:
5d:90:3f:9c:81:d3:81:6a:73:3c:9e:73:de:ba:99:8f:40:0f:
53:0f:23:12
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJlmp9HqDN5wiHQAWCqGj9uIxX2UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIwMThaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzMzI1YzRkMjlmYjM0OGViZjA1MmQ1NDY3ODlhOGIyMzI5MTU2MGIzY2I4
NmVkYTRiZWNjZWZiZjNlOWY2ZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANxCioPfFiEsxTiyebe1FtEipXEYojnlZOzjlHA5YwGHBXpjZ2cxyayYQrE+
rr1Uw1H+B9ISqPWK4qlYFuID7XdniBUkmc0My+cnTg+7ReYZPd4M9DcAaShOafrp
bvyfveiHN9HienwEIzrNbvPBIl7+B4Oj18sa8EcP96NAdN33LUOxdiNU3A/4Trzy
WW7mqbqGPihuelLnyZKTkjxl4wwEdf0vOeTfuOp87gbU8ywCN4mzUeSpDZssNNwD
g5StrVa+Wb6SAnMbb2tVF/WefaRBo2CPndzSggHEkIxTEb8e5br2iS7xTv2lB8HV
CeXCudN8K/5CLO8LTLd9t7UAoX8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBScg53l
DOZABIk1biSX+SUVZnWoMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmZiYjczMDMtYzZhNC00M2RhLWJjZGItZDI2YWI3OGMzNjZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
QDANBgkqhkiG9w0BAQsFAAOCAQEAHtc5CeLgWcma19CzWSaq67pbuziyLs1Wzw3t
wOwjVJp2IHsXcuMWKD12g3tQd0HBkiRWb8zardJ6byX8hGFJ2xbnVJ/pdfhhiwvV
n709rJSvhtNcL5nFEljGeTc8+KvET551/PxzXafoC5HyCZAv0IttpdkLo4rqCO/b
qzL4lpzjlWFeq103aY/RCxwOvVM/jvHHsiw6LyY7wa2Co92gvMjYTYaiRz3SQcVQ
tpEHBcqPYtPNPvbgL86MbWrUzBQHsyOMJqyjjHujDqUxbTl/YYkwNw/DxUCfbaP5
v5fecgX8ay9ItENUqW3iXZA/nIHTgWpzPJ5z3rqZj0APUw8jEg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:12 2025 by rpki-client