Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
File: f6aec084-593c-47be-8e46-9024b5572011.roa (raw, json)
Hash identifier: OpLYzpg9bK4OyfqtZ1IZEAvhO8IJphzkB2eZMQqFtfM=
Subject key identifier: BB:D1:70:B0:19:95:AB:FB:6A:E5:EF:1B:19:A1:65:7C:0D:55:AF:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4CCBF6B27E11D2FB15DD89A9290D57B32F14EFFA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
Signing time: Mon 28 Jul 2025 16:10:15 +0000
ROA not before: Mon 28 Jul 2025 16:10:15 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:cb:f6:b2:7e:11:d2:fb:15:dd:89:a9:29:0d:57:b3:2f:14:ef:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:15 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=817e1ad4de01e5f6709cd2fcb2a53190fc1f65ea61dbb4968da729c21636c84e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8f:7f:e6:6c:d9:c1:50:40:9a:74:d0:63:48:
96:74:bc:30:97:f4:13:28:2c:25:78:77:ff:3e:81:
c7:44:a5:ce:91:f6:43:7d:af:05:b7:0f:ef:5d:30:
65:8c:44:24:4c:26:64:cc:61:8f:86:90:d5:f5:b7:
d3:35:df:f4:f8:0b:cc:ac:2e:3b:69:71:52:2a:4c:
e2:5c:38:c3:c6:df:22:f6:7a:c2:bf:e3:12:f8:32:
11:ef:19:df:92:c5:c5:e1:45:05:63:4e:14:6b:6a:
f3:b1:2f:93:65:fb:68:ac:99:c7:6f:43:9c:8d:3e:
be:9a:6f:66:08:fa:a2:c3:75:8c:6e:0d:14:96:dd:
e6:b9:d5:fa:70:69:48:b3:8b:fa:63:1f:64:29:4b:
3b:7f:53:ce:33:da:d6:e5:fc:65:13:d9:8b:80:22:
43:28:8b:73:9d:c4:6d:b6:b4:25:fa:a9:09:d0:7e:
9f:6b:55:85:59:ae:5f:16:37:f6:ad:d2:c1:49:29:
96:08:f3:28:a7:99:a4:95:02:78:a6:85:17:2a:b1:
15:2a:f7:67:39:94:c9:e1:0f:1a:c2:ee:81:17:13:
21:27:52:a9:ab:75:25:27:df:90:a4:53:be:33:84:
44:1d:2d:c4:67:e2:a0:e3:e6:75:3a:77:b0:94:0c:
b5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D1:70:B0:19:95:AB:FB:6A:E5:EF:1B:19:A1:65:7C:0D:55:AF:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:e000::/40
Signature Algorithm: sha256WithRSAEncryption
38:cb:3c:ab:d4:60:f5:68:a4:a4:44:ef:c4:b6:cd:31:1a:3f:
ab:a9:ac:ab:c2:25:3f:df:9d:1d:e5:cb:0c:fb:70:1e:82:95:
45:2d:01:6a:e9:68:e9:49:c7:9a:ee:80:9d:bd:d8:bb:86:23:
a1:bb:c2:b7:76:d2:8b:94:f9:6e:9a:f2:ae:0e:81:33:dc:9e:
86:65:6a:94:35:7d:15:b3:50:4a:e0:d5:66:4d:7d:f4:f8:0f:
ff:bb:27:8b:b1:51:0f:54:10:6d:ad:0d:2f:0c:70:ea:13:cd:
57:8f:bc:ac:04:66:04:87:32:f7:b6:db:c6:9b:c3:40:bd:f6:
08:e4:a0:ab:b1:c3:5e:14:1a:3a:8b:6a:c9:73:ca:fb:3c:1e:
6c:0f:71:33:c4:7d:ff:a4:82:2e:ef:e7:b8:87:d5:80:2d:6c:
45:b1:7b:bc:2e:22:98:aa:3f:78:ca:5c:60:f9:a4:22:fd:66:
ae:d1:ff:54:83:47:e7:6b:e9:b2:75:f7:1d:0c:2d:8a:6a:b6:
bd:20:c6:10:e8:6c:cc:91:00:c9:82:6c:d4:9b:93:9c:e4:53:
aa:2c:f4:6f:1c:bc:a7:58:84:f8:67:f3:22:3e:f5:70:9f:7e:
22:ca:6a:a8:00:c6:58:98:a4:db:8e:4f:cb:11:87:d9:2f:65:
09:f0:88:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTMv2sn4R0vsV3YmpKQ1Xsy8U7/owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMTVaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxN2UxYWQ0ZGUwMWU1ZjY3MDljZDJmY2IyYTUzMTkwZmMxZjY1ZWE2MWRi
YjQ5NjhkYTcyOWMyMTYzNmM4NGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMuPf+Zs2cFQQJp00GNIlnS8MJf0EygsJXh3/z6Bx0SlzpH2Q32vBbcP710w
ZYxEJEwmZMxhj4aQ1fW30zXf9PgLzKwuO2lxUipM4lw4w8bfIvZ6wr/jEvgyEe8Z
35LFxeFFBWNOFGtq87Evk2X7aKyZx29DnI0+vppvZgj6osN1jG4NFJbd5rnV+nBp
SLOL+mMfZClLO39TzjPa1uX8ZRPZi4AiQyiLc53Ebba0JfqpCdB+n2tVhVmuXxY3
9q3SwUkplgjzKKeZpJUCeKaFFyqxFSr3ZzmUyeEPGsLugRcTISdSqat1JSffkKRT
vjOERB0txGfioOPmdTp3sJQMta0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS70XCw
GZWr+2rl7xsZoWV8DVWvFTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjZhZWMwODQtNTkzYy00N2JlLThlNDYtOTAyNGI1NTcyMDExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDg
MA0GCSqGSIb3DQEBCwUAA4IBAQA4yzyr1GD1aKSkRO/Ets0xGj+rqayrwiU/350d
5csM+3AegpVFLQFq6WjpScea7oCdvdi7hiOhu8K3dtKLlPlumvKuDoEz3J6GZWqU
NX0Vs1BK4NVmTX30+A//uyeLsVEPVBBtrQ0vDHDqE81Xj7ysBGYEhzL3ttvGm8NA
vfYI5KCrscNeFBo6i2rJc8r7PB5sD3EzxH3/pIIu7+e4h9WALWxFsXu8LiKYqj94
ylxg+aQi/Wau0f9Ug0fna+mydfcdDC2Kara9IMYQ6GzMkQDJgmzUm5Oc5FOqLPRv
HLynWIT4Z/MiPvVwn34iymqoAMZYmKTbjk/LEYfZL2UJ8Iii
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:45 2025 by rpki-client