Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
File: c6b4bacc-5824-4f9c-a10d-49f145db8549.roa (raw, json)
Hash identifier: 3oG+oYN0WwviTkhR9U90XBAXIv7J2lHODLXDoGBhx58=
Subject key identifier: C6:41:43:5D:BF:F4:B7:DE:86:D3:4D:A0:96:DD:F8:F0:82:5A:AD:4D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B1B81DA34E672CE3A719B6442C97293560F0581
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
Signing time: Wed 03 Sep 2025 00:10:28 +0000
ROA not before: Wed 03 Sep 2025 00:10:28 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02f::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:1b:81:da:34:e6:72:ce:3a:71:9b:64:42:c9:72:93:56:0f:05:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 3 00:10:28 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=b6d8e2a198d7f405dfff157181a64ae6629d4edc1f89f7222cff4fde41190b16, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e1:a6:45:74:10:3b:00:5c:eb:1b:0b:67:ca:
17:8a:24:ce:a1:8c:b5:5f:b4:ed:d4:f7:41:d3:64:
73:2d:21:9e:21:8c:23:77:39:cc:bb:b4:98:dd:a9:
cc:70:68:cb:38:2d:5e:1d:0d:21:39:15:34:e0:4d:
91:c5:ab:e5:35:68:bf:ce:2f:1f:a2:d3:28:3c:1c:
36:4f:08:a5:8d:a5:6b:18:f2:cf:00:81:0d:94:7d:
4b:98:98:1d:2d:53:27:a3:87:f3:25:6f:97:90:e4:
bc:27:23:f4:df:94:4e:8e:74:76:fa:54:f3:3f:e2:
43:dc:94:2e:ac:47:50:c8:08:f7:c2:ad:a2:e1:44:
e5:bf:12:7a:cd:64:5b:da:fd:7a:0d:e4:ad:e0:69:
a8:fd:2a:88:06:ee:fb:f8:39:82:36:a8:8d:b9:ce:
e3:e8:d5:78:5e:f5:f2:8a:53:48:c8:92:4c:95:b3:
cf:16:a5:67:ea:a9:1c:07:d4:a7:c9:56:11:f4:af:
d6:0d:cf:02:77:a8:48:ac:4d:7e:a3:2d:5b:77:bf:
d2:92:53:cf:0f:2d:03:26:5c:56:5c:36:1b:07:d9:
8e:19:e0:73:58:6c:9a:e8:ca:c3:0d:0f:a4:db:54:
58:b8:c6:86:1b:7a:60:ee:91:f7:0e:1f:13:98:39:
6b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:41:43:5D:BF:F4:B7:DE:86:D3:4D:A0:96:DD:F8:F0:82:5A:AD:4D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02f::/36
Signature Algorithm: sha256WithRSAEncryption
00:fa:da:3b:b0:05:fe:db:61:9a:e0:96:2f:79:a8:63:f9:1e:
1a:2f:91:83:5f:b0:d3:5f:a0:3c:61:61:36:64:7f:99:a1:ed:
3f:18:fd:a8:d3:77:3b:d4:9b:7a:6a:27:d2:da:46:7a:17:50:
29:49:7c:62:b8:c8:e6:64:fe:06:d5:13:6a:68:aa:4c:d7:ce:
91:51:cb:4a:94:25:81:8a:6d:5a:68:45:ca:b2:c8:d7:54:0d:
a7:d3:c2:de:e4:21:41:7f:3c:3e:a6:14:1b:4c:65:b1:cd:8d:
e9:a3:58:2e:c7:07:96:cc:8f:b3:24:8d:4b:75:f9:90:8a:85:
93:80:e6:0d:72:d3:21:e1:f7:c7:c2:da:d5:03:77:61:4d:07:
91:dc:47:29:68:e0:38:d0:9d:5f:00:54:75:4d:f6:43:91:85:
eb:fe:fa:e5:45:a0:b5:3e:7e:e1:81:09:53:c0:a0:62:17:e5:
92:b7:02:d5:2e:f2:97:26:74:28:0a:59:d4:77:18:24:5b:cb:
f9:11:e6:8e:9d:f1:28:68:d5:bf:72:f5:c5:37:7e:f3:2d:2e:
54:c0:60:ce:5b:15:cb:ba:79:e4:9b:43:05:46:e0:28:e4:3e:
8c:a5:7e:ab:cf:6e:f2:46:de:5f:b7:26:7c:53:74:b8:ad:9c:
41:57:83:bd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUexuB2jTmcs46cZtkQslyk1YPBYEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDMwMDEwMjhaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2ZDhlMmExOThkN2Y0MDVkZmZmMTU3MTgxYTY0YWU2NjI5ZDRlZGMxZjg5
ZjcyMjJjZmY0ZmRlNDExOTBiMTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANzhpkV0EDsAXOsbC2fKF4okzqGMtV+07dT3QdNkcy0hniGMI3c5zLu0mN2p
zHBoyzgtXh0NITkVNOBNkcWr5TVov84vH6LTKDwcNk8IpY2laxjyzwCBDZR9S5iY
HS1TJ6OH8yVvl5DkvCcj9N+UTo50dvpU8z/iQ9yULqxHUMgI98KtouFE5b8Ses1k
W9r9eg3kreBpqP0qiAbu+/g5gjaojbnO4+jVeF718opTSMiSTJWzzxalZ+qpHAfU
p8lWEfSv1g3PAneoSKxNfqMtW3e/0pJTzw8tAyZcVlw2GwfZjhngc1hsmujKww0P
pNtUWLjGhht6YO6R9w4fE5g5a0cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTGQUNd
v/S33obTTaCW3fjwglqtTTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzZiNGJhY2MtNTgyNC00ZjljLWExMGQtNDlmMTQ1ZGI4NTQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C8A
MA0GCSqGSIb3DQEBCwUAA4IBAQAA+to7sAX+22Ga4JYveahj+R4aL5GDX7DTX6A8
YWE2ZH+Zoe0/GP2o03c71Jt6aifS2kZ6F1ApSXxiuMjmZP4G1RNqaKpM186RUctK
lCWBim1aaEXKssjXVA2n08Le5CFBfzw+phQbTGWxzY3po1guxweWzI+zJI1LdfmQ
ioWTgOYNctMh4ffHwtrVA3dhTQeR3EcpaOA40J1fAFR1TfZDkYXr/vrlRaC1Pn7h
gQlTwKBiF+WStwLVLvKXJnQoClnUdxgkW8v5EeaOnfEoaNW/cvXFN37zLS5UwGDO
WxXLunnkm0MFRuAo5D6MpX6rz27yRt5ftyZ8U3S4rZxBV4O9
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:02 2025 by rpki-client