Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/002c315b-3412-464e-b865-645f657f136d.roa
File: 002c315b-3412-464e-b865-645f657f136d.roa (raw, json)
Hash identifier: 1wKJ1k8j9uMmDb7AMEfYHKkm/OTYqKmwxX9fdVXCvZM=
Subject key identifier: 07:5A:F6:6B:A6:50:9E:F7:98:52:40:A3:5B:34:AE:1A:35:C6:7F:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2FCABA63D6B220394916E6EA2475568783E5B08E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/002c315b-3412-464e-b865-645f657f136d.roa
Signing time: Fri 06 Jun 2025 15:10:57 +0000
ROA not before: Fri 06 Jun 2025 15:10:57 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:ca:ba:63:d6:b2:20:39:49:16:e6:ea:24:75:56:87:83:e5:b0:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:57 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=cc09ecca3229933648b14b2d84e3837dfa0337b6b0c4f147575703e1695c4961, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:69:21:7e:47:c5:87:f0:9e:52:dc:18:68:4e:
60:61:e3:a0:09:bb:23:35:39:45:56:8b:7a:a1:6e:
f6:67:4f:10:cc:54:80:32:8c:82:86:f3:d6:c2:f4:
fa:75:bf:30:e3:55:e7:ad:30:93:ae:a1:62:2f:a6:
75:d9:bc:b2:03:b5:c3:fd:ec:df:b5:af:39:ef:9a:
b5:5a:91:90:a8:00:8b:c7:15:d5:b1:b5:3c:a7:48:
f5:fb:eb:5b:d9:c7:ab:06:a9:f4:0f:a4:e0:fe:cc:
d0:a9:6d:a7:6c:6c:c1:ef:bc:55:92:66:ae:29:72:
8c:ed:1d:05:24:33:a3:2e:15:c5:ea:34:82:fb:50:
03:32:21:bf:bf:0a:76:f0:f5:65:a0:89:72:54:0c:
ab:b1:9a:50:75:0b:af:49:b4:74:9c:24:69:cd:46:
7d:b4:34:04:5c:4b:1e:ce:71:a2:c2:d0:ad:65:1f:
ba:bd:2b:9b:68:d3:b5:1b:fd:34:44:76:d6:e0:27:
bd:8a:48:5a:67:b2:c2:03:43:4f:01:1a:eb:41:70:
0d:8f:6b:86:c1:06:10:54:e8:d2:31:2c:12:1c:ab:
76:0b:69:54:77:2d:6e:88:ab:0a:7e:17:3c:f3:f1:
1c:93:18:3b:c8:b7:e9:76:3d:28:0a:b5:39:5e:30:
74:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:5A:F6:6B:A6:50:9E:F7:98:52:40:A3:5B:34:AE:1A:35:C6:7F:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/002c315b-3412-464e-b865-645f657f136d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079::/32
Signature Algorithm: sha256WithRSAEncryption
2b:d6:34:ba:20:5f:0a:a7:68:f6:1d:8c:53:5b:ea:74:2e:09:
4f:d3:ba:4b:92:13:12:52:ce:58:08:b2:ec:8b:e0:9b:7c:d1:
94:71:7f:da:c8:20:86:7e:20:17:34:05:09:fa:5a:2f:15:8d:
13:a5:12:25:fe:1d:9e:0a:ea:19:06:09:7e:64:24:94:8d:61:
38:8a:9a:54:bf:8a:e7:ed:05:fc:68:99:80:a7:76:f2:97:65:
fd:de:6a:f0:1b:85:42:c7:d8:bd:fd:d4:a7:0c:7f:cf:83:66:
8c:75:c9:3a:62:a3:16:32:47:be:90:85:0b:7e:c9:b0:08:6c:
40:09:ad:e9:e6:85:9a:9b:dc:10:d2:f8:8b:92:78:29:3c:6e:
d0:15:d7:88:ad:75:0a:50:e5:5d:e5:e9:63:8d:62:9b:e4:ff:
4a:9e:d9:07:df:02:fd:cc:2c:fb:d2:92:4a:30:84:02:85:2d:
e4:75:aa:a5:91:1a:61:7c:45:93:41:4d:d8:e7:2d:82:18:15:
a2:a9:51:9c:cd:a1:ba:f5:06:8d:26:0d:82:b6:95:d3:80:ea:
0e:bc:61:41:92:14:86:33:50:82:c0:f6:8f:8b:58:a3:b8:69:
eb:69:c2:51:0c:84:b7:54:3b:f2:68:a3:b6:2b:d0:10:eb:02:
94:c7:28:8f
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUL8q6Y9ayIDlJFubqJHVWh4PlsI4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwNTdaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjMDllY2NhMzIyOTkzMzY0OGIxNGIyZDg0ZTM4MzdkZmEwMzM3YjZiMGM0
ZjE0NzU3NTcwM2UxNjk1YzQ5NjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMppIX5HxYfwnlLcGGhOYGHjoAm7IzU5RVaLeqFu9mdPEMxUgDKMgobz1sL0
+nW/MONV560wk66hYi+mddm8sgO1w/3s37WvOe+atVqRkKgAi8cV1bG1PKdI9fvr
W9nHqwap9A+k4P7M0Kltp2xswe+8VZJmrilyjO0dBSQzoy4Vxeo0gvtQAzIhv78K
dvD1ZaCJclQMq7GaUHULr0m0dJwkac1GfbQ0BFxLHs5xosLQrWUfur0rm2jTtRv9
NER21uAnvYpIWmeywgNDTwEa60FwDY9rhsEGEFTo0jEsEhyrdgtpVHctboirCn4X
PPPxHJMYO8i36XY9KAq1OV4wdBsCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQHWvZr
plCe95hSQKNbNK4aNcZ/DjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDAyYzMxNWItMzQxMi00NjRlLWI4NjUtNjQ1ZjY1N2YxMzZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hkw
DQYJKoZIhvcNAQELBQADggEBACvWNLogXwqnaPYdjFNb6nQuCU/TukuSExJSzlgI
suyL4Jt80ZRxf9rIIIZ+IBc0BQn6Wi8VjROlEiX+HZ4K6hkGCX5kJJSNYTiKmlS/
iuftBfxomYCndvKXZf3eavAbhULH2L391KcMf8+DZox1yTpioxYyR76QhQt+ybAI
bEAJrenmhZqb3BDS+IuSeCk8btAV14itdQpQ5V3l6WONYpvk/0qe2QffAv3MLPvS
kkowhAKFLeR1qqWRGmF8RZNBTdjnLYIYFaKpUZzNobr1Bo0mDYK2ldOA6g68YUGS
FIYzUILA9o+LWKO4aetpwlEMhLdUO/Joo7Yr0BDrApTHKI8=
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:50:45 2025 by rpki-client