Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06cf9d14-d513-496c-9a8e-a1898978658a.roa
File: 06cf9d14-d513-496c-9a8e-a1898978658a.roa (raw, json)
Hash identifier: up6KU6vBEgm+7y+IQnwoIlNaRvIgdeC1u8w9IeBNM2U=
Subject key identifier: BA:3A:5E:23:B2:56:1F:1D:BA:9F:BA:9E:F9:9B:57:AD:85:0E:45:F1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24443019958A0CC7289331A77AAA34F6483DF4AB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06cf9d14-d513-496c-9a8e-a1898978658a.roa
Signing time: Tue 20 May 2025 19:51:49 +0000
ROA not before: Tue 20 May 2025 19:51:49 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:8040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:44:30:19:95:8a:0c:c7:28:93:31:a7:7a:aa:34:f6:48:3d:f4:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:51:49 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ec2b4e96ee9a2fd28d1186b55d13bae34db3e53a0339faec564cf405fae6eb0b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:66:a5:5b:20:a6:26:40:57:1a:2e:c8:bd:43:
52:35:05:34:12:1f:ef:98:10:55:9c:f2:dd:af:39:
e4:ea:7e:7b:05:f0:dd:18:fc:12:60:13:1b:71:df:
23:47:98:1c:5a:ba:9c:37:cf:e5:bf:8f:a1:58:8f:
bb:f7:6e:57:34:fa:d9:94:e7:90:5b:af:62:ed:4d:
e4:ca:8d:6d:62:a2:ca:a2:69:64:6d:c2:fd:35:62:
b9:a2:80:9c:47:dd:d4:ad:93:90:09:3e:30:23:1c:
0c:52:08:b2:71:9d:57:45:cd:0b:58:0d:a6:46:7c:
bf:c7:41:18:7f:5d:4f:a8:11:d9:93:f9:16:6e:53:
f4:b2:af:d5:ad:c0:9d:68:54:e2:ed:20:a9:0c:3d:
85:54:4c:0e:39:f5:03:17:60:6f:b0:d7:30:3d:93:
24:5c:e9:39:5d:0d:d2:07:f6:e7:cd:0c:3d:ab:05:
0c:ec:14:98:28:1e:99:f6:2e:7b:f3:5f:53:02:8c:
68:61:4b:56:1e:0a:fa:4c:fa:af:6e:dc:a7:59:c9:
b6:73:19:69:60:e0:03:97:d1:bd:2d:ed:94:e0:f2:
0c:0e:2c:26:c6:1e:19:25:d6:62:50:51:73:b3:58:
9c:3c:de:84:2a:1c:aa:69:aa:74:b2:57:08:e5:51:
2a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3A:5E:23:B2:56:1F:1D:BA:9F:BA:9E:F9:9B:57:AD:85:0E:45:F1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06cf9d14-d513-496c-9a8e-a1898978658a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:8040::/46
Signature Algorithm: sha256WithRSAEncryption
7f:39:42:e4:57:12:9a:da:7d:3c:bc:b5:69:45:3d:fa:9c:c7:
38:76:03:02:97:b8:60:21:24:b2:47:e0:17:ed:58:da:dd:e3:
d2:87:4e:77:63:e7:7e:e6:55:b9:ed:74:06:c7:74:57:67:fb:
2c:c5:df:83:cd:77:e2:f5:75:db:c0:b1:98:4f:80:39:b6:be:
93:ff:49:43:49:13:ef:ee:2e:b6:61:12:f3:e7:4c:42:96:31:
38:ec:36:c5:b8:85:73:26:ac:3b:c0:70:60:7b:35:3a:f8:2b:
e9:73:d0:0c:25:bc:2a:b8:d1:01:23:f2:0d:6a:60:b4:c9:0f:
55:47:26:13:6e:12:6c:10:a8:e9:a1:56:c1:9e:dd:b3:13:7e:
08:67:f9:d7:e1:ae:b4:16:df:e1:7f:f9:2b:a0:1b:f1:65:f8:
99:d2:44:19:6a:4e:97:ca:72:54:39:a8:8f:b7:a7:ed:eb:06:
c0:d1:37:dd:fe:f3:09:d0:0c:53:cd:5d:41:3a:5b:01:f9:26:
7f:e4:9b:c3:c3:a2:70:b0:d6:5a:c1:11:3f:28:4d:25:fd:ad:
8f:8c:db:3f:7a:86:8e:46:c9:37:dc:23:8e:cc:1b:40:3e:cd:
e5:d3:4f:29:bb:3b:16:b2:ad:3b:0d:f6:8d:4f:65:12:6e:3c:
48:34:d2:c5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJEQwGZWKDMcokzGneqo09kg99KswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUxNDlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjMmI0ZTk2ZWU5YTJmZDI4ZDExODZiNTVkMTNiYWUzNGRiM2U1M2EwMzM5
ZmFlYzU2NGNmNDA1ZmFlNmViMGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZmpVsgpiZAVxouyL1DUjUFNBIf75gQVZzy3a855Op+ewXw3Rj8EmATG3Hf
I0eYHFq6nDfP5b+PoViPu/duVzT62ZTnkFuvYu1N5MqNbWKiyqJpZG3C/TViuaKA
nEfd1K2TkAk+MCMcDFIIsnGdV0XNC1gNpkZ8v8dBGH9dT6gR2ZP5Fm5T9LKv1a3A
nWhU4u0gqQw9hVRMDjn1Axdgb7DXMD2TJFzpOV0N0gf2580MPasFDOwUmCgemfYu
e/NfUwKMaGFLVh4K+kz6r27cp1nJtnMZaWDgA5fRvS3tlODyDA4sJsYeGSXWYlBR
c7NYnDzehCocqmmqdLJXCOVRKtcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS6Ol4j
slYfHbqfup75m1ethQ5F8TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDZjZjlkMTQtZDUxMy00OTZjLTlhOGUtYTE4OTg5Nzg2NThhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeA
QDANBgkqhkiG9w0BAQsFAAOCAQEAfzlC5FcSmtp9PLy1aUU9+pzHOHYDApe4YCEk
skfgF+1Y2t3j0odOd2PnfuZVue10Bsd0V2f7LMXfg8134vV128CxmE+AOba+k/9J
Q0kT7+4utmES8+dMQpYxOOw2xbiFcyasO8BwYHs1Ovgr6XPQDCW8KrjRASPyDWpg
tMkPVUcmE24SbBCo6aFWwZ7dsxN+CGf51+GutBbf4X/5K6Ab8WX4mdJEGWpOl8py
VDmoj7en7esGwNE33f7zCdAMU81dQTpbAfkmf+Sbw8OicLDWWsERPyhNJf2tj4zb
P3qGjkbJN9wjjswbQD7N5dNPKbs7FrKtOw32jU9lEm48SDTSxQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:48 2025 by rpki-client