Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/060d4100-8917-4547-940a-7545ce6a0fcb.roa
File: 060d4100-8917-4547-940a-7545ce6a0fcb.roa (raw, json)
Hash identifier: dL0nxauS0ltqzdAEOSG1f0i4tIA2JulxWWsXczdp8dM=
Subject key identifier: 00:E8:96:A2:14:CB:7E:74:CD:DE:1A:D1:5A:89:23:05:BC:8C:3D:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 432151B01FAEB15C8897AED3A9DA50892D2651AE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/060d4100-8917-4547-940a-7545ce6a0fcb.roa
Signing time: Tue 10 Jun 2025 17:20:43 +0000
ROA not before: Tue 10 Jun 2025 17:20:43 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:21:51:b0:1f:ae:b1:5c:88:97:ae:d3:a9:da:50:89:2d:26:51:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:43 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=b31715cacf42b249956fcc295fdaf5df734d3995805878e982de8bd1eed9c284, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f8:9b:55:1f:8a:45:01:dd:7f:94:87:6b:ba:
31:37:d4:40:d0:4b:37:29:17:99:3f:03:52:f2:f5:
33:d0:2c:b0:f1:51:d1:bf:39:8e:19:d4:9a:7d:f6:
f5:68:36:77:3e:31:02:e8:3d:0e:02:2d:9c:75:8e:
ae:3e:e5:b8:8b:3c:98:9f:cc:0f:c9:f5:8a:25:f7:
12:48:b5:da:f4:68:ee:7b:54:b1:cd:5b:52:46:7c:
8b:c5:81:a2:90:90:6e:bd:72:7e:86:83:5d:e6:3b:
32:f3:4c:fd:13:08:bf:d1:f9:61:1f:95:17:65:bc:
1b:08:07:11:52:fb:a2:a2:dc:3d:06:d1:26:f3:da:
3b:4f:60:fd:22:e4:73:70:92:bb:e1:80:77:6b:8f:
5a:68:c3:59:ab:9a:9a:0c:68:18:21:46:8b:77:de:
30:75:87:99:5b:de:40:27:b0:0a:19:b4:fd:b1:db:
ff:78:70:35:8a:60:34:0b:ad:b7:54:f8:08:de:d3:
41:43:0b:2e:b6:5d:3a:d5:e4:eb:55:81:3b:80:f1:
fe:1a:81:80:e2:74:95:2c:e6:9e:9d:71:fe:2b:db:
81:f6:a1:c0:76:c9:3a:43:34:c7:16:27:94:76:cc:
12:12:90:87:4e:19:8d:17:3f:2c:ee:79:d2:56:f4:
72:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E8:96:A2:14:CB:7E:74:CD:DE:1A:D1:5A:89:23:05:BC:8C:3D:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/060d4100-8917-4547-940a-7545ce6a0fcb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:880::/46
Signature Algorithm: sha256WithRSAEncryption
31:39:39:05:03:36:d3:7f:be:9b:aa:8e:15:0f:13:aa:61:d0:
ba:a9:1e:48:72:04:d6:43:67:ce:39:37:1f:79:26:33:e6:47:
ac:2a:6a:76:6b:6f:f3:24:29:c7:bd:f1:3a:7f:4b:9b:00:f0:
d0:0e:be:cc:a5:04:bb:9d:d7:5b:48:c1:bc:33:17:62:0f:01:
97:83:05:68:d4:08:20:57:d5:2a:82:0e:cf:00:f8:50:73:16:
d7:0e:76:db:8a:8b:ef:12:66:b2:92:47:71:a1:d0:f8:2d:99:
fd:10:e7:9f:f7:65:c7:21:28:3b:bb:e0:91:d7:d5:41:68:5a:
06:cf:3b:08:5b:6e:a9:7b:2a:3e:74:be:d2:11:c1:d7:da:84:
86:00:9f:fe:7c:00:2f:9f:65:e1:2a:20:5d:7e:73:c2:60:b0:
30:ed:94:23:df:67:fb:f2:cf:52:f3:92:75:62:12:7b:4b:eb:
6b:a6:c4:0a:aa:e3:12:1f:fb:63:c9:a0:1e:86:4c:1e:4b:4e:
44:62:9a:9a:8c:e6:f0:6d:bd:0d:c8:ba:b7:2e:2d:ad:96:e5:
e5:ee:5a:85:3a:2d:5d:80:24:cf:bc:45:e0:63:b7:fb:83:8b:
60:6d:01:3a:7f:2d:ea:58:32:24:2d:84:69:7c:3e:82:e3:03:
bb:46:d4:e1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQyFRsB+usVyIl67TqdpQiS0mUa4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwNDNaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzMTcxNWNhY2Y0MmIyNDk5NTZmY2MyOTVmZGFmNWRmNzM0ZDM5OTU4MDU4
NzhlOTgyZGU4YmQxZWVkOWMyODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/4m1UfikUB3X+Uh2u6MTfUQNBLNykXmT8DUvL1M9AssPFR0b85jhnUmn32
9Wg2dz4xAug9DgItnHWOrj7luIs8mJ/MD8n1iiX3Eki12vRo7ntUsc1bUkZ8i8WB
opCQbr1yfoaDXeY7MvNM/RMIv9H5YR+VF2W8GwgHEVL7oqLcPQbRJvPaO09g/SLk
c3CSu+GAd2uPWmjDWauamgxoGCFGi3feMHWHmVveQCewChm0/bHb/3hwNYpgNAut
t1T4CN7TQUMLLrZdOtXk61WBO4Dx/hqBgOJ0lSzmnp1x/ivbgfahwHbJOkM0xxYn
lHbMEhKQh04ZjRc/LO550lb0chkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQA6Jai
FMt+dM3eGtFaiSMFvIw9NjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDYwZDQxMDAtODkxNy00NTQ3LTk0MGEtNzU0NWNlNmEwZmNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HsI
gDANBgkqhkiG9w0BAQsFAAOCAQEAMTk5BQM203++m6qOFQ8TqmHQuqkeSHIE1kNn
zjk3H3kmM+ZHrCpqdmtv8yQpx73xOn9LmwDw0A6+zKUEu53XW0jBvDMXYg8Bl4MF
aNQIIFfVKoIOzwD4UHMW1w5224qL7xJmspJHcaHQ+C2Z/RDnn/dlxyEoO7vgkdfV
QWhaBs87CFtuqXsqPnS+0hHB19qEhgCf/nwAL59l4SogXX5zwmCwMO2UI99n+/LP
UvOSdWISe0vra6bECqrjEh/7Y8mgHoZMHktORGKamozm8G29Dci6ty4trZbl5e5a
hTotXYAkz7xF4GO3+4OLYG0BOn8t6lgyJC2EaXw+guMDu0bU4Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:58:02 2025 by rpki-client