Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06a4b0ee-b740-45a8-9574-79207837db5b.roa
File: 06a4b0ee-b740-45a8-9574-79207837db5b.roa (raw, json)
Hash identifier: Tx2xUiplvsV3xsuh1CQ1J0g0WXi/BhPt0FQdarlR5go=
Subject key identifier: AA:FE:5F:86:A9:99:52:78:22:16:6E:13:8F:D2:5B:98:F2:0B:0F:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D3B6017567B62BCA86FB5F88159BE597E10709C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06a4b0ee-b740-45a8-9574-79207837db5b.roa
Signing time: Tue 20 May 2025 19:31:45 +0000
ROA not before: Tue 20 May 2025 19:31:45 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:a0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:3b:60:17:56:7b:62:bc:a8:6f:b5:f8:81:59:be:59:7e:10:70:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:31:45 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=161f3f289aeea0e026cc4757a95e97af0cb9d3bbcec49f5bb3bfc42726bdc636, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:12:0b:dc:02:91:7d:5b:ee:57:d5:d7:5b:ec:
c9:ec:0c:5c:cc:5d:23:f8:b6:d2:bd:6b:33:8a:96:
cf:44:58:63:e3:a3:72:fd:c4:d9:6d:d6:db:67:e0:
68:ab:43:b3:6d:69:e6:2f:f4:fe:64:aa:2a:51:5c:
db:3a:dc:79:f4:8f:6b:3c:8e:95:90:28:85:a7:cf:
39:45:b3:18:1a:63:5c:94:a7:e9:27:59:dd:9c:64:
d0:a5:3f:a0:dc:5f:ce:89:57:01:e9:27:a6:b2:1d:
58:08:7e:e3:09:c2:85:59:d9:54:59:ad:ae:2b:a1:
cf:e8:e4:8d:23:09:e1:20:7a:5c:67:f2:34:bf:32:
b9:08:96:0a:b4:f3:89:2d:3e:61:30:1e:a8:33:82:
21:7c:c4:26:3f:25:6d:a0:34:08:b9:09:8e:ca:8d:
70:62:73:ef:84:27:56:34:70:9b:ae:8b:ce:41:b5:
12:76:9a:94:4d:3f:9c:bb:f4:c3:a6:b8:8e:12:cc:
85:f4:13:1b:16:82:6d:0f:11:8e:d7:1f:55:38:48:
45:af:63:1a:b2:dd:2d:7c:9c:ba:f9:25:e0:c5:7f:
ae:a1:7c:38:72:99:b9:34:99:70:eb:e1:1f:b1:0d:
d7:d5:ae:00:66:25:e4:d7:67:33:3f:1a:0e:10:9d:
bd:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:FE:5F:86:A9:99:52:78:22:16:6E:13:8F:D2:5B:98:F2:0B:0F:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06a4b0ee-b740-45a8-9574-79207837db5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:a0c0::/46
Signature Algorithm: sha256WithRSAEncryption
14:4c:71:7e:2c:24:da:1b:75:1a:44:e1:d7:1c:4b:5d:eb:e5:
26:76:03:21:f2:2b:99:9f:ac:ae:25:9b:e3:3a:c2:4c:1e:a0:
41:76:76:9f:e0:58:1a:f7:1d:d3:e5:9e:10:88:ff:9f:38:d2:
7f:16:57:57:64:5f:dd:75:ac:3d:3d:df:cd:3e:ef:6a:6d:3d:
4a:dc:98:a8:41:8b:77:8d:94:f4:ac:79:17:97:3a:96:cd:c1:
3e:35:42:04:68:84:97:d1:90:0d:03:4f:41:2f:62:29:f5:94:
02:e0:7a:11:11:be:82:96:98:da:5f:4f:fa:a0:c2:23:81:24:
5a:7b:d7:0a:0b:7b:a7:9d:d5:49:ac:0a:5b:2a:26:c5:0a:a1:
d2:92:0a:ee:4c:a7:c6:b4:4e:15:09:84:f4:08:42:a0:f5:9c:
1d:44:13:be:84:4f:3b:b4:4a:13:e1:17:b2:22:15:95:20:c7:
f6:99:77:8a:e6:0b:5e:a9:1b:3b:9b:ae:ec:07:c6:08:7a:c0:
bd:29:31:76:b6:84:c3:e1:22:ac:a1:e9:36:c1:7f:0c:9f:04:
af:7b:2a:53:17:8c:d6:fe:a8:b9:f7:45:c6:d0:58:25:d7:60:
13:74:ee:fe:29:18:68:6b:b5:f3:c6:d5:3e:d9:90:1b:e1:60:
b9:33:32:2a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbTtgF1Z7Yryob7X4gVm+WX4QcJwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTMxNDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2MWYzZjI4OWFlZWEwZTAyNmNjNDc1N2E5NWU5N2FmMGNiOWQzYmJjZWM0
OWY1YmIzYmZjNDI3MjZiZGM2MzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMSC9wCkX1b7lfV11vsyewMXMxdI/i20r1rM4qWz0RYY+Ojcv3E2W3W22fg
aKtDs21p5i/0/mSqKlFc2zrcefSPazyOlZAohafPOUWzGBpjXJSn6SdZ3Zxk0KU/
oNxfzolXAeknprIdWAh+4wnChVnZVFmtriuhz+jkjSMJ4SB6XGfyNL8yuQiWCrTz
iS0+YTAeqDOCIXzEJj8lbaA0CLkJjsqNcGJz74QnVjRwm66LzkG1EnaalE0/nLv0
w6a4jhLMhfQTGxaCbQ8RjtcfVThIRa9jGrLdLXycuvkl4MV/rqF8OHKZuTSZcOvh
H7EN19WuAGYl5NdnMz8aDhCdvS8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSq/l+G
qZlSeCIWbhOP0luY8gsP0DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDZhNGIwZWUtYjc0MC00NWE4LTk1NzQtNzkyMDc4MzdkYjViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWg
wDANBgkqhkiG9w0BAQsFAAOCAQEAFExxfiwk2ht1GkTh1xxLXevlJnYDIfIrmZ+s
riWb4zrCTB6gQXZ2n+BYGvcd0+WeEIj/nzjSfxZXV2Rf3XWsPT3fzT7vam09StyY
qEGLd42U9Kx5F5c6ls3BPjVCBGiEl9GQDQNPQS9iKfWUAuB6ERG+gpaY2l9P+qDC
I4EkWnvXCgt7p53VSawKWyomxQqh0pIK7kynxrROFQmE9AhCoPWcHUQTvoRPO7RK
E+EXsiIVlSDH9pl3iuYLXqkbO5uu7AfGCHrAvSkxdraEw+EirKHpNsF/DJ8Er3sq
UxeM1v6oufdFxtBYJddgE3Tu/ikYaGu188bVPtmQG+FguTMyKg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:05 2025 by rpki-client