Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
File: 0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa (raw, json)
Hash identifier: FBEv0KQXszSHRbAnQNDwL6mNBCta/cdDZ7sQsomhAkA=
Subject key identifier: A6:B0:61:C8:EF:74:14:88:DE:2F:E0:54:CA:B2:64:B9:0B:8C:09:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6583DE45A66E5DC7D086529AA8EE49FAE59AB9A1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
Signing time: Tue 20 May 2025 20:40:05 +0000
ROA not before: Tue 20 May 2025 20:40:05 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:83:de:45:a6:6e:5d:c7:d0:86:52:9a:a8:ee:49:fa:e5:9a:b9:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:40:05 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=23aa082a8cafdd7126eb6c00a56f4a4ec73e0ed9f182e1af9bb4895a40757e6c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6e:fa:0e:8d:07:f1:4a:2f:87:11:c6:07:68:
1f:53:af:7f:1a:f5:e6:36:81:18:de:10:b8:0d:e4:
84:42:23:5b:f4:f8:99:6e:88:24:09:fe:bd:b6:f5:
48:b8:dc:fc:8d:4b:78:d1:da:da:6d:38:c0:99:c4:
4e:92:78:74:fa:f8:8d:8d:76:44:d4:55:45:7c:79:
81:32:e8:9f:f1:c2:ba:1e:26:7e:fc:96:36:f0:70:
6e:7e:48:1c:fe:8b:53:78:38:5b:fa:17:ce:61:43:
de:69:6d:d0:91:f7:97:21:e5:ae:77:74:0f:a2:e0:
9b:0c:b0:c8:f1:85:ef:45:31:69:f8:a7:0b:77:dc:
55:80:8d:92:2d:df:69:02:75:c4:c4:fe:02:a6:34:
34:fd:d8:fb:b1:74:55:45:e6:35:f1:67:db:08:09:
90:b6:bb:10:62:c0:75:5e:7f:55:64:80:c8:82:95:
f9:1a:9c:3e:0f:4c:ff:c2:58:bd:d8:75:86:da:66:
ee:4a:72:53:7b:5c:76:ca:d5:db:b7:bb:11:72:28:
e3:94:cd:e3:48:c6:b8:5e:c4:1d:ca:5c:b8:52:3d:
cb:e3:c5:4e:8d:1e:43:e6:a6:ea:c4:b1:27:4f:e0:
35:a8:d2:67:d3:ed:b9:b4:b4:ad:d1:b0:a2:ca:5c:
98:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B0:61:C8:EF:74:14:88:DE:2F:E0:54:CA:B2:64:B9:0B:8C:09:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:1000::/36
Signature Algorithm: sha256WithRSAEncryption
b7:ec:fa:24:51:69:9a:be:b5:eb:a8:49:15:49:09:6b:82:61:
72:ab:93:b7:41:85:f6:62:8c:fd:1d:dc:8d:33:d4:2b:f6:1e:
2c:6e:b0:33:25:75:31:c4:98:59:d6:95:6b:00:92:d2:ff:c8:
2e:13:01:95:a6:6f:8e:e1:50:d9:50:38:fe:7b:67:dc:c9:f7:
89:cf:92:8c:23:8d:08:d3:ca:7a:21:0f:7d:d8:73:d4:45:1f:
ba:f4:04:0c:04:93:ea:50:5a:c5:a9:b1:4f:e3:27:7b:95:6d:
48:9a:e1:6d:a5:91:8a:2e:99:29:a9:a3:81:b4:b5:b6:f1:6d:
c4:05:b4:34:ec:4f:f1:d5:c5:f4:74:07:dc:97:4c:cd:74:00:
0f:57:46:cb:3e:55:f1:33:c0:e2:ac:52:9c:e5:d8:a9:2d:79:
c8:9c:45:23:6a:37:b9:1e:b3:bd:79:17:64:00:6d:06:60:c9:
06:38:e0:fe:b3:ce:0c:c6:30:6f:a4:94:67:6e:28:39:92:7a:
c9:d4:b7:18:8c:a4:ba:54:6b:e8:d3:4f:ab:37:90:2c:9e:1f:
57:ba:4d:14:2d:7a:06:9d:6d:4d:62:a8:c0:67:ba:78:f0:ea:
0a:fd:98:32:22:3f:c0:ac:f9:1e:c6:dc:f0:89:95:8c:67:67:
18:77:ec:6e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZYPeRaZuXcfQhlKaqO5J+uWauaEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDQwMDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzYWEwODJhOGNhZmRkNzEyNmViNmMwMGE1NmY0YTRlYzczZTBlZDlmMTgy
ZTFhZjliYjQ4OTVhNDA3NTdlNmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpu+g6NB/FKL4cRxgdoH1Ovfxr15jaBGN4QuA3khEIjW/T4mW6IJAn+vbb1
SLjc/I1LeNHa2m04wJnETpJ4dPr4jY12RNRVRXx5gTLon/HCuh4mfvyWNvBwbn5I
HP6LU3g4W/oXzmFD3mlt0JH3lyHlrnd0D6LgmwywyPGF70UxafinC3fcVYCNki3f
aQJ1xMT+AqY0NP3Y+7F0VUXmNfFn2wgJkLa7EGLAdV5/VWSAyIKV+RqcPg9M/8JY
vdh1htpm7kpyU3tcdsrV27e7EXIo45TN40jGuF7EHcpcuFI9y+PFTo0eQ+am6sSx
J0/gNajSZ9PtubS0rdGwospcmA0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSmsGHI
73QUiN4v4FTKsmS5C4wJfDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGJmNmNlZjgtOGM2MC00YTBlLTg5MzItY2ZkYTY0OGQyNzcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC37PokUWmavrXrqEkVSQlrgmFyq5O3QYX2Yoz9
HdyNM9Qr9h4sbrAzJXUxxJhZ1pVrAJLS/8guEwGVpm+O4VDZUDj+e2fcyfeJz5KM
I40I08p6IQ992HPURR+69AQMBJPqUFrFqbFP4yd7lW1ImuFtpZGKLpkpqaOBtLW2
8W3EBbQ07E/x1cX0dAfcl0zNdAAPV0bLPlXxM8DirFKc5dipLXnInEUjaje5HrO9
eRdkAG0GYMkGOOD+s84MxjBvpJRnbig5knrJ1LcYjKS6VGvo00+rN5Asnh9Xuk0U
LXoGnW1NYqjAZ7p48OoK/ZgyIj/ArPkextzwiZWMZ2cYd+xu
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:49 2025 by rpki-client