Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
File: 7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa (raw, json)
Hash identifier: 2nZU2ZkrJrSiMqDW1ig7It181nN/J37q4wX20iumAvk=
Subject key identifier: 2A:F1:28:20:99:3F:9A:F5:79:DF:B4:EE:4D:20:C3:C0:3A:62:44:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F0927489A05AED6D29313703D51CDEFFF0820FC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
Signing time: Mon 01 Sep 2025 21:10:09 +0000
ROA not before: Mon 01 Sep 2025 21:10:09 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:09:27:48:9a:05:ae:d6:d2:93:13:70:3d:51:cd:ef:ff:08:20:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:10:09 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=e646c91aee83ea01fdd91c9f029d6c67013252e0933049d5643b826a26209314, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d9:50:1b:99:06:82:6b:c4:f8:64:a0:83:8b:
f4:6b:1d:aa:6e:7d:91:f0:5c:9e:65:ed:e6:5a:a0:
75:30:5d:7c:5f:02:61:6b:4a:f8:9b:35:41:7c:aa:
51:e7:ca:99:14:28:d1:27:db:e5:11:3b:9d:e9:bd:
26:2e:0b:e6:dc:8f:78:4d:c5:f2:63:03:9c:7a:ad:
70:22:9d:2d:d7:b8:8a:3f:57:f7:4e:ed:d5:f1:f3:
99:5f:31:94:7f:44:c8:45:d5:20:42:0e:01:31:11:
9f:05:61:8b:33:46:be:44:49:aa:b3:85:2b:05:b9:
da:5b:41:65:d5:81:e0:b8:d4:be:46:27:38:f2:75:
31:73:51:28:b9:d2:9a:0f:87:18:f4:06:cb:99:57:
94:67:de:4b:2e:88:25:33:81:38:fc:0d:00:86:bd:
b1:5c:89:e5:8d:01:6a:c5:ef:ca:f6:8e:d6:86:f7:
fa:43:da:97:ae:5f:01:dc:ab:63:b6:cf:ce:ae:7c:
99:11:89:d4:c8:e5:c1:5a:42:0e:60:13:72:17:3f:
39:82:71:35:23:ae:dd:a5:1c:d0:12:60:3b:de:ec:
f2:97:e0:46:7f:e9:16:42:59:27:e4:84:1a:b8:21:
d5:f8:e2:96:ff:e5:26:9e:39:ac:ea:99:db:1f:55:
1f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F1:28:20:99:3F:9A:F5:79:DF:B4:EE:4D:20:C3:C0:3A:62:44:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012::/36
Signature Algorithm: sha256WithRSAEncryption
7f:52:e4:8e:c6:ac:57:77:23:95:6e:46:b0:4d:9d:aa:f1:9b:
74:c5:6a:0d:94:48:e9:cc:2b:45:13:80:11:17:36:ce:12:82:
81:eb:40:bb:87:41:06:fb:a0:d2:95:5d:db:22:dd:54:fc:cc:
6c:29:16:6b:3e:c0:a2:f5:f7:63:f8:41:0b:98:d8:b1:c7:f2:
0b:cc:09:4c:25:b7:38:1c:0b:62:13:40:7f:54:28:98:85:1f:
3e:8b:27:a6:e4:cf:45:da:83:16:5e:d6:56:09:28:d0:aa:d3:
d5:d9:f7:2c:f9:7c:c2:af:01:b4:0e:42:68:91:dc:37:b2:4e:
60:8d:51:1b:a9:1c:d0:65:85:29:45:14:08:64:07:4d:e1:15:
65:10:4f:0c:40:82:54:fa:b7:f4:8f:ba:18:a0:6f:21:7e:12:
ce:d1:fb:6c:0a:47:98:14:d1:b3:b3:4e:1c:ac:b7:eb:4c:04:
d8:44:71:48:2b:54:b9:95:36:79:f8:3d:6c:ea:82:7b:5a:c6:
55:fb:c8:da:3d:0f:1d:08:9c:fa:f5:58:1e:f7:a6:18:43:8e:
29:e6:9b:d8:dc:38:6c:dc:f9:c0:27:19:f7:49:58:53:46:1a:
ab:77:77:54:39:17:0f:bb:02:33:6a:64:dd:7b:09:dd:5e:ab:
1c:c1:f9:c0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbwknSJoFrtbSkxNwPVHN7/8IIPwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTEwMDlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2NDZjOTFhZWU4M2VhMDFmZGQ5MWM5ZjAyOWQ2YzY3MDEzMjUyZTA5MzMw
NDlkNTY0M2I4MjZhMjYyMDkzMTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7ZUBuZBoJrxPhkoIOL9Gsdqm59kfBcnmXt5lqgdTBdfF8CYWtK+Js1QXyq
UefKmRQo0Sfb5RE7nem9Ji4L5tyPeE3F8mMDnHqtcCKdLde4ij9X907t1fHzmV8x
lH9EyEXVIEIOATERnwVhizNGvkRJqrOFKwW52ltBZdWB4LjUvkYnOPJ1MXNRKLnS
mg+HGPQGy5lXlGfeSy6IJTOBOPwNAIa9sVyJ5Y0BasXvyvaO1ob3+kPal65fAdyr
Y7bPzq58mRGJ1MjlwVpCDmATchc/OYJxNSOu3aUc0BJgO97s8pfgRn/pFkJZJ+SE
Grgh1fjilv/lJp45rOqZ2x9VH+sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQq8Sgg
mT+a9XnftO5NIMPAOmJELzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RmNzY2NDktZGNjMC00ZjhjLWJlNmItMTNmY2EyN2VjNGYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BIA
MA0GCSqGSIb3DQEBCwUAA4IBAQB/UuSOxqxXdyOVbkawTZ2q8Zt0xWoNlEjpzCtF
E4ARFzbOEoKB60C7h0EG+6DSlV3bIt1U/MxsKRZrPsCi9fdj+EELmNixx/ILzAlM
Jbc4HAtiE0B/VCiYhR8+iyem5M9F2oMWXtZWCSjQqtPV2fcs+XzCrwG0DkJokdw3
sk5gjVEbqRzQZYUpRRQIZAdN4RVlEE8MQIJU+rf0j7oYoG8hfhLO0ftsCkeYFNGz
s04crLfrTATYRHFIK1S5lTZ5+D1s6oJ7WsZV+8jaPQ8dCJz69Vge96YYQ44p5pvY
3Dhs3PnAJxn3SVhTRhqrd3dUORcPuwIzamTdewndXqscwfnA
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:41 2025 by rpki-client