Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
File: fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa (raw, json)
Hash identifier: 6+kfF+vV8qUeLapDXSleK2uofdMffknMe3x0ToxTaiU=
Subject key identifier: 66:F7:BB:6A:30:F0:B2:0F:60:03:BD:33:8C:72:C5:6B:66:DA:DF:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6EAFA4818FEAEF67C51CB426E2634DD3B924DA46
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
Signing time: Mon 01 Sep 2025 21:00:20 +0000
ROA not before: Mon 01 Sep 2025 21:00:20 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:af:a4:81:8f:ea:ef:67:c5:1c:b4:26:e2:63:4d:d3:b9:24:da:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:20 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=628110f1d4bb67370ed10facc7f717507862eee6f6d3fe74dde18e6f5d877e2e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:01:33:93:12:ea:c0:bb:36:22:81:9d:74:30:
3a:e8:55:db:9f:98:1b:c5:5d:e6:0d:7c:c8:2e:c4:
71:d5:e2:06:85:01:1d:47:41:76:b0:11:66:97:a0:
5e:91:e9:f6:aa:b4:44:b9:32:2d:ba:82:60:ea:c6:
00:f7:6c:c7:4a:6e:b6:b2:50:46:db:e0:2b:14:8b:
b0:dd:cb:22:19:77:db:3c:af:ef:aa:d1:b7:0a:58:
14:43:96:51:16:54:34:96:5f:fa:76:da:b7:87:18:
9d:5d:48:14:ca:34:6b:a7:00:0a:bc:ab:c0:f4:15:
6f:ab:64:9e:96:bc:c9:88:ac:9c:31:ee:48:5d:2d:
14:15:ea:5a:f3:f6:14:89:6d:47:50:82:6f:27:06:
16:89:63:ae:fb:6e:a0:cc:02:17:19:3b:22:ce:c5:
f2:db:12:ec:89:7a:de:02:5b:7c:79:f6:13:96:0f:
68:20:1e:8c:96:1f:d5:44:a9:03:65:7b:ed:1f:c1:
a1:70:4c:ad:0a:d8:6f:14:4d:36:89:e9:5f:81:a9:
0c:59:f2:ec:b4:73:8e:70:98:50:5c:92:86:e2:4e:
c5:55:15:c2:47:bc:da:0f:14:13:1e:d3:3e:5a:7f:
0b:66:27:06:0f:d0:21:fc:77:7f:a7:94:3e:f6:1e:
83:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:F7:BB:6A:30:F0:B2:0F:60:03:BD:33:8C:72:C5:6B:66:DA:DF:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
b7:06:7f:28:a1:cd:9c:db:d9:52:9a:78:54:18:de:94:e6:fe:
13:fe:f1:28:a3:8d:76:ff:b8:f4:02:8d:36:f8:49:6c:c7:18:
52:f3:0b:8d:94:b7:8e:50:55:e7:03:8c:8f:f8:22:7e:05:f1:
4e:47:23:1d:31:16:a1:74:50:ba:4b:b3:0a:d6:24:90:16:a0:
0e:3c:92:f7:6e:12:b4:28:ac:7a:36:1c:39:01:50:63:e2:9a:
e3:a5:d9:c4:f4:c5:6d:14:a8:c6:40:50:ab:4f:2e:74:aa:25:
c6:f9:d0:cb:27:15:31:44:7d:f9:91:c4:c5:73:3c:47:b5:04:
26:97:e6:2b:e3:7d:4d:d6:fa:36:8d:2f:e2:04:1e:e8:29:b1:
f9:48:5a:d2:63:8d:13:96:6a:65:55:10:7e:45:23:47:9b:e3:
d8:5b:56:bb:f9:b2:41:7e:a9:ea:d3:ab:ec:b1:05:e9:3f:84:
62:1c:4e:76:72:61:4f:cc:85:e6:00:ae:77:e6:39:55:db:6c:
97:6c:49:2f:ac:63:e3:0c:4a:ea:fe:1c:26:02:f0:44:e2:51:
dc:c3:b2:93:b5:ed:a5:6a:cd:66:7c:0f:72:1f:e8:1a:45:a1:
61:f5:a8:ba:70:3f:5b:aa:d3:60:4e:cc:52:c4:93:ce:05:4f:
8e:f8:6e:20
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbq+kgY/q72fFHLQm4mNN07kk2kYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwMjBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyODExMGYxZDRiYjY3MzcwZWQxMGZhY2M3ZjcxNzUwNzg2MmVlZTZmNmQz
ZmU3NGRkZTE4ZTZmNWQ4NzdlMmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsBM5MS6sC7NiKBnXQwOuhV25+YG8Vd5g18yC7EcdXiBoUBHUdBdrARZpeg
XpHp9qq0RLkyLbqCYOrGAPdsx0putrJQRtvgKxSLsN3LIhl32zyv76rRtwpYFEOW
URZUNJZf+nbat4cYnV1IFMo0a6cACryrwPQVb6tknpa8yYisnDHuSF0tFBXqWvP2
FIltR1CCbycGFoljrvtuoMwCFxk7Is7F8tsS7Il63gJbfHn2E5YPaCAejJYf1USp
A2V77R/BoXBMrQrYbxRNNonpX4GpDFny7LRzjnCYUFyShuJOxVUVwke82g8UEx7T
Plp/C2YnBg/QIfx3f6eUPvYeg7kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRm97tq
MPCyD2ADvTOMcsVrZtrfwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmQzMjlhYjUtYWU1Yy00YjY4LWE0YzYtYjgyZjZlYTI5ZGQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQC3Bn8ooc2c29lSmnhUGN6U5v4T/vEoo412/7j0
Ao02+ElsxxhS8wuNlLeOUFXnA4yP+CJ+BfFORyMdMRahdFC6S7MK1iSQFqAOPJL3
bhK0KKx6Nhw5AVBj4prjpdnE9MVtFKjGQFCrTy50qiXG+dDLJxUxRH35kcTFczxH
tQQml+Yr431N1vo2jS/iBB7oKbH5SFrSY40TlmplVRB+RSNHm+PYW1a7+bJBfqnq
06vssQXpP4RiHE52cmFPzIXmAK535jlV22yXbEkvrGPjDErq/hwmAvBE4lHcw7KT
te2las1mfA9yH+gaRaFh9ai6cD9bqtNgTsxSxJPOBU+O+G4g
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:06 2025 by rpki-client