Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
File: 6e236a15-c957-4409-8a2a-3a19150d1b43.roa (raw, json)
Hash identifier: QdBVoSLzBODo38sXRP7LsI5q0ZOvawfW+0Gm9huPYVg=
Subject key identifier: A0:D6:BD:1B:FE:7F:1B:EB:28:99:E7:A7:C8:A3:23:DF:DA:F9:03:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2324AA386E9DAF7D7789DDE633E699D4E1256343
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
Signing time: Mon 28 Jul 2025 16:11:02 +0000
ROA not before: Mon 28 Jul 2025 16:11:02 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:24:aa:38:6e:9d:af:7d:77:89:dd:e6:33:e6:99:d4:e1:25:63:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:11:02 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=cc6b41a56a9c6f6549e3879ed3b972dab9be7df5f5661f22c28c746a1e8bd710, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:65:e2:68:8b:c8:13:81:99:24:0e:f1:78:95:
85:1e:09:76:90:2c:90:00:e9:af:85:36:45:6d:b8:
97:82:aa:88:cd:3d:a2:d9:47:d8:d0:1f:14:c0:e3:
1f:54:fb:56:f1:53:46:26:aa:6f:eb:0b:36:4a:7a:
4f:6d:22:3b:3f:87:b5:61:50:fa:81:3e:72:ea:18:
11:03:e0:7c:8d:99:f0:cd:be:56:33:ac:8c:12:59:
09:78:99:7e:4f:1f:d1:d7:16:38:4e:24:98:8b:f6:
4d:ec:89:db:6f:78:17:17:30:5c:80:32:aa:29:8c:
7d:70:09:e7:bf:52:db:67:6b:6e:24:bf:cf:81:f4:
4b:2e:ca:48:2c:1c:fe:7c:7c:2c:d8:d3:bc:a3:a7:
e9:e4:cc:a9:5a:5c:0a:20:80:9c:71:a9:c5:0f:9d:
fb:df:7e:91:ed:c4:c4:07:82:23:d2:51:fc:f2:47:
ab:2a:37:e8:18:f1:70:a1:03:c9:da:32:1b:7b:eb:
67:b9:22:f3:13:72:e3:b8:00:c4:b1:5f:9e:6e:b8:
aa:7d:44:b6:69:52:ff:14:7d:40:4f:21:bd:84:eb:
13:b0:4e:37:8b:a3:8c:3c:00:93:03:24:45:15:6c:
1e:d4:7d:8b:63:f7:2d:ed:7f:2b:2e:6f:ea:bb:9f:
d5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:D6:BD:1B:FE:7F:1B:EB:28:99:E7:A7:C8:A3:23:DF:DA:F9:03:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:9000::/40
Signature Algorithm: sha256WithRSAEncryption
14:78:30:fe:6a:2f:eb:38:31:af:61:3a:8d:ca:72:76:95:e8:
19:1c:ed:b5:1e:ed:9f:53:3b:7b:0f:86:c1:1d:30:76:95:23:
8c:fa:d5:de:47:48:bf:34:5c:33:a6:55:6d:eb:82:f6:a9:38:
02:e6:54:e4:53:f7:b3:10:f2:dc:b9:66:ce:12:21:2f:f3:5e:
75:33:f0:53:f3:cb:b7:76:95:c2:b4:1f:cb:b9:b1:4c:02:17:
12:f0:d2:57:30:d6:ee:94:2e:d0:88:08:8e:f5:53:df:46:d8:
06:02:e3:d6:77:18:78:df:61:62:10:34:76:80:e3:72:c8:24:
a9:73:dc:94:9e:84:2f:23:dc:50:90:87:48:f6:42:7e:f7:90:
d9:35:dd:63:22:53:51:f5:29:78:7d:97:c4:6f:57:a7:d2:8f:
f6:19:7c:36:bf:c2:b6:d4:9d:02:e8:1f:29:3a:05:0a:6d:1f:
57:6a:f6:cd:3c:2f:2f:43:af:c2:9c:82:1a:f9:d8:67:b2:fe:
eb:c3:60:ed:60:d8:ee:98:44:cd:e1:53:74:08:75:b9:bc:cb:
a0:34:78:d9:8f:2a:a8:94:e0:c6:af:59:cf:7e:90:c2:d8:86:
df:10:b6:69:a7:52:31:67:45:b5:e0:1d:41:da:81:1d:b6:1b:
c6:0e:69:e6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIySqOG6dr313id3mM+aZ1OElY0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjExMDJaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjNmI0MWE1NmE5YzZmNjU0OWUzODc5ZWQzYjk3MmRhYjliZTdkZjVmNTY2
MWYyMmMyOGM3NDZhMWU4YmQ3MTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNl4miLyBOBmSQO8XiVhR4JdpAskADpr4U2RW24l4KqiM09otlH2NAfFMDj
H1T7VvFTRiaqb+sLNkp6T20iOz+HtWFQ+oE+cuoYEQPgfI2Z8M2+VjOsjBJZCXiZ
fk8f0dcWOE4kmIv2TeyJ2294FxcwXIAyqimMfXAJ579S22drbiS/z4H0Sy7KSCwc
/nx8LNjTvKOn6eTMqVpcCiCAnHGpxQ+d+99+ke3ExAeCI9JR/PJHqyo36BjxcKED
ydoyG3vrZ7ki8xNy47gAxLFfnm64qn1EtmlS/xR9QE8hvYTrE7BON4ujjDwAkwMk
RRVsHtR9i2P3Le1/Ky5v6ruf1X8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSg1r0b
/n8b6yiZ56fIoyPf2vkDdjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmUyMzZhMTUtYzk1Ny00NDA5LThhMmEtM2ExOTE1MGQxYjQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAUeDD+ai/rODGvYTqNynJ2legZHO21Hu2fUzt7
D4bBHTB2lSOM+tXeR0i/NFwzplVt64L2qTgC5lTkU/ezEPLcuWbOEiEv8151M/BT
88u3dpXCtB/LubFMAhcS8NJXMNbulC7QiAiO9VPfRtgGAuPWdxh432FiEDR2gONy
yCSpc9yUnoQvI9xQkIdI9kJ+95DZNd1jIlNR9Sl4fZfEb1en0o/2GXw2v8K21J0C
6B8pOgUKbR9XavbNPC8vQ6/CnIIa+dhnsv7rw2DtYNjumETN4VN0CHW5vMugNHjZ
jyqolODGr1nPfpDC2IbfELZpp1IxZ0W14B1B2oEdthvGDmnm
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:04 2025 by rpki-client