Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
File: c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa (raw, json)
Hash identifier: Uw6EANSNs/cyGEFr61XEaVwQ+JqkudkF+gUJvtlCXNs=
Subject key identifier: 52:2C:69:6B:19:52:0F:91:2F:33:93:CA:E4:61:74:AF:DB:C1:C1:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1713813127F84653D17957A5BC7EEEEB55C175B2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
Signing time: Mon 01 Sep 2025 20:40:21 +0000
ROA not before: Mon 01 Sep 2025 20:40:21 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:13:81:31:27:f8:46:53:d1:79:57:a5:bc:7e:ee:eb:55:c1:75:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:40:21 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=b3161ab0d4ae77f5058db775e0478972c2183ce985a8abdea54246fdf98de526, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:34:ac:1f:cc:44:ab:38:09:a9:3e:1d:c2:8e:
f7:11:5a:8d:99:2a:db:57:06:6b:87:2f:a1:14:66:
2f:0a:20:95:c8:6b:cf:11:25:34:9e:ac:74:e1:34:
dd:50:bb:eb:42:6e:4d:52:ce:2f:04:4a:8b:fe:74:
89:47:46:ae:fc:af:f2:a9:87:fb:b1:7e:52:c7:84:
05:8a:88:fa:73:bb:19:24:0b:09:20:9a:2c:35:1c:
d3:a5:f4:60:84:49:fb:2b:42:90:2e:43:0c:53:5a:
8d:59:d1:74:09:93:d3:d6:ae:04:b5:9f:ac:ac:94:
ec:37:e8:84:90:fe:2b:cf:8b:20:fb:02:a8:aa:b1:
d4:c6:04:0d:09:4b:36:49:bd:31:b6:23:a9:73:50:
68:16:0b:1f:ea:f6:5a:ee:a1:3e:3c:05:21:54:2b:
bc:9d:f3:96:01:f4:a7:ab:bf:ad:92:02:7e:43:90:
5d:06:4b:5d:1b:78:31:f3:87:17:36:96:24:f5:1a:
b6:99:e7:38:2c:c9:87:6c:1d:9f:1a:20:1a:25:21:
23:95:d1:79:f2:c2:6d:75:f5:3d:eb:e7:11:5b:1a:
83:0a:8a:c5:03:cc:d7:bf:e4:1c:1f:03:32:d9:93:
d9:29:20:94:f3:00:41:d2:81:38:db:52:3b:57:37:
75:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:2C:69:6B:19:52:0F:91:2F:33:93:CA:E4:61:74:AF:DB:C1:C1:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:2000::/40
Signature Algorithm: sha256WithRSAEncryption
29:89:1e:92:ea:7f:39:e7:be:08:27:ca:4e:7e:83:ee:a6:07:
bb:22:02:48:60:09:0c:46:60:21:85:d9:91:60:03:dc:81:ce:
df:a9:21:86:5d:a7:1b:73:74:c6:a5:3c:f5:af:ca:0f:1e:75:
a2:24:ec:cc:2b:28:17:5a:36:27:98:63:69:b5:b9:30:b2:62:
76:e6:cc:e1:74:b6:69:96:f0:d8:02:2f:c8:b1:63:25:14:82:
10:9f:a7:0a:42:ff:d4:81:aa:9b:be:9d:37:c9:8a:a4:68:e9:
e9:dc:0b:81:f8:65:f5:88:35:11:fe:ae:0d:99:94:eb:23:ac:
94:61:97:20:30:8e:a9:5b:ce:c7:54:4b:c1:c2:e4:ec:76:bf:
e9:a1:db:0d:74:44:bf:2c:5c:60:03:56:fe:4f:22:a7:0f:e2:
1e:0f:b3:30:af:2d:45:d5:00:7a:b6:88:d5:7f:7b:6a:71:73:
56:71:2d:eb:d0:9b:18:7c:24:46:13:71:34:c0:85:c0:f6:1f:
58:d5:6b:8a:8f:af:84:33:73:68:f1:50:fb:8c:2b:a8:71:67:
33:e2:57:44:b6:a4:d5:13:3b:7f:68:93:08:11:5d:8c:77:d3:
d8:14:a4:80:47:99:9a:34:67:f2:e0:36:00:07:81:c1:c5:e4:
9d:a8:f6:0f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFxOBMSf4RlPReVelvH7u61XBdbIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQwMjFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzMTYxYWIwZDRhZTc3ZjUwNThkYjc3NWUwNDc4OTcyYzIxODNjZTk4NWE4
YWJkZWE1NDI0NmZkZjk4ZGU1MjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPQ0rB/MRKs4Cak+HcKO9xFajZkq21cGa4cvoRRmLwoglchrzxElNJ6sdOE0
3VC760JuTVLOLwRKi/50iUdGrvyv8qmH+7F+UseEBYqI+nO7GSQLCSCaLDUc06X0
YIRJ+ytCkC5DDFNajVnRdAmT09auBLWfrKyU7DfohJD+K8+LIPsCqKqx1MYEDQlL
Nkm9MbYjqXNQaBYLH+r2Wu6hPjwFIVQrvJ3zlgH0p6u/rZICfkOQXQZLXRt4MfOH
FzaWJPUatpnnOCzJh2wdnxogGiUhI5XRefLCbXX1PevnEVsagwqKxQPM17/kHB8D
MtmT2SkglPMAQdKBONtSO1c3dbMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRSLGlr
GVIPkS8zk8rkYXSv28HBBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzZhNWFjZmYtYjVkOC00YzgwLTllY2MtOTQxNTQwNjU3NmYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUg
MA0GCSqGSIb3DQEBCwUAA4IBAQApiR6S6n85574IJ8pOfoPupge7IgJIYAkMRmAh
hdmRYAPcgc7fqSGGXacbc3TGpTz1r8oPHnWiJOzMKygXWjYnmGNptbkwsmJ25szh
dLZplvDYAi/IsWMlFIIQn6cKQv/Ugaqbvp03yYqkaOnp3AuB+GX1iDUR/q4NmZTr
I6yUYZcgMI6pW87HVEvBwuTsdr/podsNdES/LFxgA1b+TyKnD+IeD7Mwry1F1QB6
tojVf3tqcXNWcS3r0JsYfCRGE3E0wIXA9h9Y1WuKj6+EM3No8VD7jCuocWcz4ldE
tqTVEzt/aJMIEV2Md9PYFKSAR5maNGfy4DYAB4HBxeSdqPYP
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:31 2025 by rpki-client