Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f231f7ae-7dbf-4dbb-8f7a-91b4103218aa.roa
File: f231f7ae-7dbf-4dbb-8f7a-91b4103218aa.roa (raw, json)
Hash identifier: yiBDSqrdjLVaaGcQC0TRHlLoEW9eA95EDDp8a49BXhY=
Subject key identifier: A6:21:7D:C8:D3:38:DB:B5:81:A5:80:E8:74:3F:6E:F1:44:B9:ED:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C0856C73CC820490DEE6BDB14ACB3B26658109A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f231f7ae-7dbf-4dbb-8f7a-91b4103218aa.roa
Signing time: Fri 01 Aug 2025 17:10:33 +0000
ROA not before: Fri 01 Aug 2025 17:10:33 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:08:56:c7:3c:c8:20:49:0d:ee:6b:db:14:ac:b3:b2:66:58:10:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:10:33 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=c939e02f4f4bd3c9daf9d5ddf5f8e7617ab6d93421f531590fd55a194defbf01, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e6:41:16:dd:aa:2a:f4:d2:24:c7:ae:6f:9f:
e2:74:5e:06:02:66:57:08:c3:9f:90:57:ba:e6:c6:
28:b5:c0:45:83:2b:16:27:7b:58:fc:ee:6c:d9:67:
c4:33:07:c7:36:41:a9:5a:ed:38:fb:1d:e9:40:60:
e1:a6:07:f6:99:99:02:81:f0:14:45:40:be:6f:3e:
58:23:50:ad:32:c4:d3:74:d0:31:39:d8:5b:ff:e4:
d5:b1:43:98:d0:82:2f:30:d9:f1:f3:eb:c5:82:f4:
65:95:16:1a:95:25:b8:46:73:c7:75:a2:56:e3:86:
67:8b:a3:4a:f4:5b:62:a4:53:7b:b1:d9:92:06:b9:
48:96:6d:5f:d6:2a:fd:e4:5f:fe:b8:1c:30:9d:95:
87:54:9e:92:9d:c5:d0:37:1f:ac:59:70:ee:2a:8d:
4e:35:eb:68:62:8d:f7:99:52:88:c0:1b:38:6e:66:
e4:07:92:cb:66:e9:89:98:60:2a:42:57:ad:03:23:
db:29:c6:d3:9f:49:2c:0e:b0:01:a0:69:49:f3:cf:
ca:09:17:a1:c6:b3:82:5a:d8:34:25:b8:e2:e4:49:
2f:8e:e2:bf:03:1c:61:60:cc:dd:86:4e:79:5c:3b:
d0:1c:5d:4d:ca:9c:17:5e:13:f8:75:c6:1c:9b:ff:
c6:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:21:7D:C8:D3:38:DB:B5:81:A5:80:E8:74:3F:6E:F1:44:B9:ED:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f231f7ae-7dbf-4dbb-8f7a-91b4103218aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
24:89:ec:14:7b:ff:33:14:29:81:e3:bb:92:dc:27:4b:4e:95:
5e:c5:8c:7d:ff:a0:2f:0d:21:32:16:68:26:58:05:89:b4:c3:
79:7e:6e:06:f8:1c:e1:2e:d9:22:6d:cd:c4:c3:a4:1c:5b:8b:
2a:c3:ae:c5:2d:e9:ed:5f:16:8f:73:ba:06:39:b7:fa:48:79:
13:3a:85:10:cc:7d:18:b6:e1:54:38:5e:48:39:3a:9f:8e:26:
b6:24:5d:cc:96:4d:65:4b:8c:5a:64:a6:51:21:1b:36:c4:bd:
84:a2:e3:cd:c5:2f:f6:d6:d9:99:97:17:c4:7c:aa:55:d9:b0:
fb:f2:ec:57:b3:22:64:9a:26:eb:2d:26:c5:d3:a4:ac:e7:3c:
fc:1a:76:e4:23:3d:29:50:f5:c8:16:af:54:96:51:3e:a1:4a:
0e:24:78:de:7a:36:b3:50:72:b6:bb:22:2a:f8:cd:f4:ea:74:
09:f6:a0:fd:a3:d4:3f:0b:7b:13:cf:b6:f4:36:18:66:64:bf:
b0:47:6c:ab:a7:25:11:e8:50:91:39:8b:c2:2b:28:95:9e:75:
61:39:97:6e:45:d3:88:77:56:af:ed:7c:9c:ce:8e:05:a6:e3:
ea:ad:9e:38:79:07:b2:8b:28:f8:bb:c1:e0:c9:9a:f1:94:93:
8a:90:ea:d8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbAhWxzzIIEkN7mvbFKyzsmZYEJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzEwMzNaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5MzllMDJmNGY0YmQzYzlkYWY5ZDVkZGY1ZjhlNzYxN2FiNmQ5MzQyMWY1
MzE1OTBmZDU1YTE5NGRlZmJmMDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANLmQRbdqir00iTHrm+f4nReBgJmVwjDn5BXuubGKLXARYMrFid7WPzubNln
xDMHxzZBqVrtOPsd6UBg4aYH9pmZAoHwFEVAvm8+WCNQrTLE03TQMTnYW//k1bFD
mNCCLzDZ8fPrxYL0ZZUWGpUluEZzx3WiVuOGZ4ujSvRbYqRTe7HZkga5SJZtX9Yq
/eRf/rgcMJ2Vh1Sekp3F0DcfrFlw7iqNTjXraGKN95lSiMAbOG5m5AeSy2bpiZhg
KkJXrQMj2ynG059JLA6wAaBpSfPPygkXocazglrYNCW44uRJL47ivwMcYWDM3YZO
eVw70BxdTcqcF14T+HXGHJv/xqsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSmIX3I
0zjbtYGlgOh0P27xRLntXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjIzMWY3YWUtN2RiZi00ZGJiLThmN2EtOTFiNDEwMzIxOGFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII
wDANBgkqhkiG9w0BAQsFAAOCAQEAJInsFHv/MxQpgeO7ktwnS06VXsWMff+gLw0h
MhZoJlgFibTDeX5uBvgc4S7ZIm3NxMOkHFuLKsOuxS3p7V8Wj3O6Bjm3+kh5EzqF
EMx9GLbhVDheSDk6n44mtiRdzJZNZUuMWmSmUSEbNsS9hKLjzcUv9tbZmZcXxHyq
Vdmw+/LsV7MiZJom6y0mxdOkrOc8/Bp25CM9KVD1yBavVJZRPqFKDiR43no2s1By
trsiKvjN9Op0Cfag/aPUPwt7E8+29DYYZmS/sEdsq6clEehQkTmLwisolZ51YTmX
bkXTiHdWr+18nM6OBabj6q2eOHkHsoso+LvB4Mma8ZSTipDq2A==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:46 2025 by rpki-client