Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2636a453-2dd9-4fde-9f15-753f76341841.roa
File: 2636a453-2dd9-4fde-9f15-753f76341841.roa (raw, json)
Hash identifier: o7pyqNu+QcXzbQJNy68PkjssgWSxEGz9EBCxFaZUxlk=
Subject key identifier: BE:D6:7B:60:A7:E8:C7:8D:67:18:96:0A:3E:F7:BF:6B:DC:76:A8:C9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F5F16518AB7C106BA185B363E7E5430C7C70B00
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2636a453-2dd9-4fde-9f15-753f76341841.roa
Signing time: Tue 03 Jun 2025 20:53:50 +0000
ROA not before: Tue 03 Jun 2025 20:53:50 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:5f:16:51:8a:b7:c1:06:ba:18:5b:36:3e:7e:54:30:c7:c7:0b:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 20:53:50 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=9f7e4e3ad883daf2f94d93274ebf2d4047233eaf083de02581a1dfad0a45e168, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:80:87:3b:ff:ca:74:67:da:a6:d8:3c:b5:50:
f1:8d:3c:5f:ef:cd:31:5e:42:e5:64:0d:4f:f3:17:
b5:e0:bf:91:25:94:37:7e:41:35:39:06:45:7d:25:
1d:bb:63:3e:3d:77:14:52:1d:7b:f8:d8:06:d7:4a:
65:f8:55:67:88:e2:e5:b9:4d:16:bd:d7:d4:fc:f1:
1d:71:90:76:14:1b:0a:05:bc:e3:bb:62:6c:60:10:
f7:f4:e8:87:c6:a3:4e:1f:36:7a:a3:03:16:17:e0:
53:5f:50:d7:99:c8:97:f5:46:a6:ab:46:17:42:40:
d5:b4:20:0f:99:c0:71:36:34:6a:a7:84:89:ae:23:
f7:ce:00:c1:a9:9c:1c:4c:95:76:94:8f:e8:6c:bc:
05:d5:b0:6f:e4:da:10:92:e1:cd:f6:5e:3a:aa:d4:
8a:b6:47:a0:dd:92:fd:2c:71:e3:85:77:52:8e:0f:
d6:d1:36:f2:42:e4:56:1a:d7:d6:ed:b7:a2:c9:09:
2a:67:09:19:c9:2f:29:28:e0:3f:0e:9f:04:b1:de:
4f:b5:1d:79:3e:88:6b:4e:bb:bc:d4:2d:02:dd:70:
21:35:c1:cd:1b:83:0f:36:b7:41:85:70:c9:d4:7b:
ee:30:22:42:05:ae:3c:5a:47:94:c2:bd:cb:72:e3:
55:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:D6:7B:60:A7:E8:C7:8D:67:18:96:0A:3E:F7:BF:6B:DC:76:A8:C9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2636a453-2dd9-4fde-9f15-753f76341841.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:a000::/40
Signature Algorithm: sha256WithRSAEncryption
60:da:a4:fd:3e:62:91:43:dd:20:97:ea:c9:13:23:c3:84:34:
55:f6:0f:b6:84:58:8f:fc:e5:35:6a:f3:dd:e5:14:dc:57:3d:
a7:c1:a4:2b:1d:cd:39:e5:1c:e8:f2:a9:ca:de:4a:61:89:db:
66:40:8c:37:89:b7:84:3b:ed:7e:bf:f5:fd:ca:8b:6e:2a:28:
c6:1d:dd:5d:1b:f1:d7:71:ff:7c:ad:f8:80:5f:56:06:1a:3a:
dc:6c:49:ea:06:3e:23:8f:b3:14:f7:7a:b9:31:6a:fc:c7:a0:
98:1f:84:5c:37:25:de:7f:7e:61:71:c8:41:15:ba:ea:dc:f5:
1d:d3:35:a9:20:d6:2a:42:2f:68:30:b2:f0:29:b9:fc:01:33:
a2:7f:09:8e:3f:ce:37:fa:dd:87:4e:11:1a:c9:db:fc:78:24:
90:50:7e:1a:09:6a:28:79:ea:a8:74:36:c4:53:09:36:22:9e:
4b:88:f5:d0:34:43:84:11:fd:c1:0f:06:17:dd:06:b3:fe:0b:
f3:9d:1d:ff:c4:07:b0:8b:1a:2d:87:a2:6c:5e:80:b1:ec:23:
7f:f2:23:68:b1:e0:f9:c2:27:17:a4:5e:86:ee:8e:d1:a0:bc:
38:81:1e:f2:32:92:eb:bc:c7:d0:17:9c:d0:3a:0e:72:ac:91:
02:63:f6:5d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH18WUYq3wQa6GFs2Pn5UMMfHCwAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMyMDUzNTBaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmN2U0ZTNhZDg4M2RhZjJmOTRkOTMyNzRlYmYyZDQwNDcyMzNlYWYwODNk
ZTAyNTgxYTFkZmFkMGE0NWUxNjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOaAhzv/ynRn2qbYPLVQ8Y08X+/NMV5C5WQNT/MXteC/kSWUN35BNTkGRX0l
HbtjPj13FFIde/jYBtdKZfhVZ4ji5blNFr3X1PzxHXGQdhQbCgW847tibGAQ9/To
h8ajTh82eqMDFhfgU19Q15nIl/VGpqtGF0JA1bQgD5nAcTY0aqeEia4j984Awamc
HEyVdpSP6Gy8BdWwb+TaEJLhzfZeOqrUirZHoN2S/Sxx44V3Uo4P1tE28kLkVhrX
1u23oskJKmcJGckvKSjgPw6fBLHeT7UdeT6Ia067vNQtAt1wITXBzRuDDza3QYVw
ydR77jAiQgWuPFpHlMK9y3LjVT8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS+1ntg
p+jHjWcYlgo+979r3HaoyTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjYzNmE0NTMtMmRkOS00ZmRlLTlmMTUtNzUzZjc2MzQxODQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSg
MA0GCSqGSIb3DQEBCwUAA4IBAQBg2qT9PmKRQ90gl+rJEyPDhDRV9g+2hFiP/OU1
avPd5RTcVz2nwaQrHc055Rzo8qnK3kphidtmQIw3ibeEO+1+v/X9yotuKijGHd1d
G/HXcf98rfiAX1YGGjrcbEnqBj4jj7MU93q5MWr8x6CYH4RcNyXef35hcchBFbrq
3PUd0zWpINYqQi9oMLLwKbn8ATOifwmOP843+t2HThEaydv8eCSQUH4aCWooeeqo
dDbEUwk2Ip5LiPXQNEOEEf3BDwYX3Qaz/gvznR3/xAewixoth6JsXoCx7CN/8iNo
seD5wicXpF6G7o7RoLw4gR7yMpLrvMfQF5zQOg5yrJECY/Zd
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:29 2025 by rpki-client