Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6b5f2f6-236d-447e-aeb1-24c947937396.roa
File: b6b5f2f6-236d-447e-aeb1-24c947937396.roa (raw, json)
Hash identifier: kuvvxjdWJCXOxbygzsig/gmapxdid+lEATaPSCoN33U=
Subject key identifier: 79:8D:A5:65:B4:F5:0E:44:C8:A3:7E:94:B0:79:2A:6A:8E:59:73:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 125F63910FA80DD883D24B7A7FA077947BD083D1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6b5f2f6-236d-447e-aeb1-24c947937396.roa
Signing time: Thu 04 Sep 2025 19:52:18 +0000
ROA not before: Thu 04 Sep 2025 19:52:18 +0000
ROA not after: Thu 09 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:5f:63:91:0f:a8:0d:d8:83:d2:4b:7a:7f:a0:77:94:7b:d0:83:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 4 19:52:18 2025 GMT
Not After : Oct 9 23:59:59 2025 GMT
Subject: serialNumber=729a5e1e12776fcc6a966c496536c7805fba57ace9828069afe66077652c0b2e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:17:4d:b5:c1:53:0a:7d:4f:ff:4d:29:e3:cf:
47:40:b4:21:f8:fb:27:57:3d:0c:80:f1:e9:df:2a:
98:97:4a:ba:0c:00:82:1b:c7:d4:b8:29:93:4b:03:
66:1b:99:13:6f:90:24:58:6e:92:9f:c9:71:d8:e7:
b4:8c:52:54:1b:57:e8:3d:fd:fe:a0:b2:8b:1e:1f:
97:11:72:81:29:1d:f6:49:94:3b:bf:d8:91:82:50:
f0:bd:32:7d:3c:9f:91:35:43:fd:e1:d7:72:78:9c:
b5:0f:0c:8f:d3:b7:c3:85:9d:e6:74:f2:82:d4:e0:
f2:0c:e6:65:9f:8b:93:c7:a0:1e:bd:0a:25:09:c8:
ea:d8:6b:64:1c:34:75:d3:6e:15:94:41:db:ee:0a:
2f:f1:c8:be:fe:89:30:ec:ee:c1:7b:f0:b5:2a:6f:
28:4f:c7:52:6d:c4:e1:ac:5a:40:a0:fb:e6:0c:b8:
32:9c:d1:10:40:22:08:00:d1:1c:16:a1:bf:02:c9:
81:be:b8:f9:de:12:24:f3:fc:52:fe:ef:2e:0e:95:
69:7d:31:fc:dc:67:31:cb:98:f8:18:92:a7:2e:24:
df:e8:30:bc:d5:1e:ef:4f:04:15:85:2c:69:a1:6f:
3b:fc:2a:dc:d8:ab:dd:38:56:f8:29:7b:28:02:00:
46:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:8D:A5:65:B4:F5:0E:44:C8:A3:7E:94:B0:79:2A:6A:8E:59:73:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6b5f2f6-236d-447e-aeb1-24c947937396.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
06:5b:2c:16:1a:93:7a:d2:8a:73:6f:2f:19:e2:1a:9c:bf:3f:
91:32:ab:2e:61:b6:69:7c:49:9d:41:f8:60:e6:46:2a:22:54:
43:ca:a0:c2:5d:86:8e:7e:66:d6:53:48:2a:85:ca:28:df:16:
a1:ee:25:aa:82:32:d8:8a:78:f8:a4:ee:3f:c2:e7:c4:92:13:
42:e4:6a:58:97:3d:5e:8f:47:7f:fc:84:6b:96:76:71:5c:87:
52:d6:45:4e:4f:9e:8b:7d:23:3b:94:44:f2:b3:f5:49:e2:d3:
29:10:ae:77:73:8c:16:4c:35:3f:d2:28:eb:a7:ea:ba:c9:d8:
17:02:4b:fe:7f:c7:9b:a5:1f:97:88:fe:d7:e2:a8:63:84:a3:
2e:70:37:88:33:d4:0e:c3:f0:dc:50:80:03:d5:3f:61:17:b2:
ee:63:1b:32:91:84:85:e1:4f:b1:d7:ee:82:aa:d6:59:a8:fb:
11:98:e4:29:58:fa:92:6a:fa:aa:3f:af:ab:d2:8f:bc:74:96:
58:da:7f:8f:26:00:91:d0:01:b6:17:96:07:82:cc:14:f1:a3:
8e:5b:3b:9c:38:70:e1:52:03:d9:3c:16:d3:b8:7f:0c:d4:b0:
19:ea:ef:5a:cb:e8:47:ca:2a:66:21:bc:51:b8:06:b5:22:54:
45:4b:eb:fb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEl9jkQ+oDdiD0kt6f6B3lHvQg9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDQxOTUyMThaFw0yNTEwMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyOWE1ZTFlMTI3NzZmY2M2YTk2NmM0OTY1MzZjNzgwNWZiYTU3YWNlOTgy
ODA2OWFmZTY2MDc3NjUyYzBiMmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUXTbXBUwp9T/9NKePPR0C0Ifj7J1c9DIDx6d8qmJdKugwAghvH1Lgpk0sD
ZhuZE2+QJFhukp/JcdjntIxSVBtX6D39/qCyix4flxFygSkd9kmUO7/YkYJQ8L0y
fTyfkTVD/eHXcnictQ8Mj9O3w4Wd5nTygtTg8gzmZZ+Lk8egHr0KJQnI6thrZBw0
ddNuFZRB2+4KL/HIvv6JMOzuwXvwtSpvKE/HUm3E4axaQKD75gy4MpzREEAiCADR
HBahvwLJgb64+d4SJPP8Uv7vLg6VaX0x/NxnMcuY+BiSpy4k3+gwvNUe708EFYUs
aaFvO/wq3Nir3ThW+Cl7KAIARu8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR5jaVl
tPUORMijfpSweSpqjllzbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjZiNWYyZjYtMjM2ZC00NDdlLWFlYjEtMjRjOTQ3OTM3Mzk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G2A
wDANBgkqhkiG9w0BAQsFAAOCAQEABlssFhqTetKKc28vGeIanL8/kTKrLmG2aXxJ
nUH4YOZGKiJUQ8qgwl2Gjn5m1lNIKoXKKN8Woe4lqoIy2Ip4+KTuP8LnxJITQuRq
WJc9Xo9Hf/yEa5Z2cVyHUtZFTk+ei30jO5RE8rP1SeLTKRCud3OMFkw1P9Io66fq
usnYFwJL/n/Hm6Ufl4j+1+KoY4SjLnA3iDPUDsPw3FCAA9U/YRey7mMbMpGEheFP
sdfugqrWWaj7EZjkKVj6kmr6qj+vq9KPvHSWWNp/jyYAkdABtheWB4LMFPGjjls7
nDhw4VID2TwW07h/DNSwGervWsvoR8oqZiG8UbgGtSJURUvr+w==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:18 2025 by rpki-client