Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
File: 2678e5d7-5995-4791-9318-f087e83654a9.roa (raw, json)
Hash identifier: z8BqS7+V7JONjeFO6CFk+XO2FW9jx59s2fiF0oUrlf8=
Subject key identifier: C6:B8:01:D4:76:28:B6:BA:0D:B4:74:0C:CE:11:16:EA:9B:36:46:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51C61C0EB11BC2ADD0AFB3A0C1CA53D95C3FD927
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
Signing time: Mon 09 Jun 2025 19:20:18 +0000
ROA not before: Mon 09 Jun 2025 19:20:18 +0000
ROA not after: Mon 14 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:e000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:c6:1c:0e:b1:1b:c2:ad:d0:af:b3:a0:c1:ca:53:d9:5c:3f:d9:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 9 19:20:18 2025 GMT
Not After : Jul 14 23:59:59 2025 GMT
Subject: serialNumber=b40d1b03b9f58a60c7eee19dc17181ea4339c00dd1c6d26ca8d7051ba00a2393, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9f:18:4c:54:3a:e0:a2:64:8b:ab:92:7d:46:
34:38:8e:07:74:00:aa:4a:d7:84:db:42:cd:cd:cc:
cd:51:64:29:ff:22:47:1c:4c:03:ba:54:ec:b3:53:
4f:cb:bc:f0:c7:0c:1e:00:8a:8d:5d:e6:7b:af:07:
e4:45:8b:07:c5:47:8a:04:9d:dc:c6:8e:0f:b8:ce:
a0:03:bc:80:06:61:90:77:f1:31:1b:dd:96:8f:b9:
00:c3:f9:38:f7:bd:f6:a4:d4:d3:79:66:c9:dc:1d:
85:5d:31:c6:56:6f:15:cb:f4:4d:d9:09:cf:12:61:
76:95:89:68:a7:e5:9b:b0:1b:29:c5:62:ae:c7:d9:
bc:99:23:58:8d:8b:68:95:06:38:a3:2d:39:b7:d5:
16:a0:1f:58:de:81:35:7e:34:cd:68:d5:37:d7:0d:
7c:44:4a:a0:85:9c:b7:59:45:c7:30:9a:7c:5c:10:
cd:6b:16:b1:25:cd:e7:17:8a:a0:5a:d8:e2:36:7d:
9a:f3:28:7a:3f:5f:b4:21:ef:a8:98:8b:44:be:61:
14:aa:c3:4c:62:d7:23:af:e1:3c:f3:91:58:bd:0f:
90:f9:9b:d0:89:c4:47:1b:8c:c6:8c:d5:f8:3d:e6:
13:08:8b:71:03:b1:43:83:79:43:3e:aa:0c:f4:b8:
32:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B8:01:D4:76:28:B6:BA:0D:B4:74:0C:CE:11:16:EA:9B:36:46:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:e000::/48
Signature Algorithm: sha256WithRSAEncryption
73:45:59:09:d1:ed:68:41:99:d8:96:4d:eb:e4:7a:82:ed:36:
10:17:69:33:79:01:8c:a2:06:37:0b:48:f8:0c:d2:be:81:19:
fe:68:c1:aa:64:5a:38:d7:0e:88:69:e1:32:58:a5:fc:8f:07:
ce:5a:07:a0:16:45:60:b2:09:40:ae:71:1a:8a:8b:e2:86:f1:
1e:57:37:dc:f3:c5:c7:39:af:12:54:0f:2e:db:1e:2a:07:f4:
0f:70:91:fa:c2:73:80:9a:98:be:c6:90:31:b3:0c:ae:99:2c:
e6:1f:ca:0c:e5:42:90:44:4f:1c:0f:a6:ab:79:60:d8:3e:47:
fa:45:b2:66:3c:fd:b5:c2:90:ad:11:68:5e:b7:34:45:b4:35:
fd:ef:5d:b5:a4:57:4c:eb:54:92:28:de:0f:6d:21:4a:05:ab:
14:40:48:73:9b:99:59:38:ed:ee:e5:da:23:6d:b0:0b:be:6f:
29:20:f1:6b:47:72:4f:d6:7c:cd:38:1b:72:7f:fb:cd:b6:e3:
fd:d6:51:59:6d:42:80:19:e2:98:a8:e4:a6:0d:07:34:04:31:
e1:4d:8f:6c:79:f2:81:18:29:24:2d:1f:5d:42:0c:fd:89:eb:
3c:7f:43:57:9e:e1:36:f5:ee:3f:44:79:48:e8:7a:e9:ee:69:
09:35:ca:a2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUcYcDrEbwq3Qr7OgwcpT2Vw/2ScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDkxOTIwMThaFw0yNTA3MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0MGQxYjAzYjlmNThhNjBjN2VlZTE5ZGMxNzE4MWVhNDMzOWMwMGRkMWM2
ZDI2Y2E4ZDcwNTFiYTAwYTIzOTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGfGExUOuCiZIurkn1GNDiOB3QAqkrXhNtCzc3MzVFkKf8iRxxMA7pU7LNT
T8u88McMHgCKjV3me68H5EWLB8VHigSd3MaOD7jOoAO8gAZhkHfxMRvdlo+5AMP5
OPe99qTU03lmydwdhV0xxlZvFcv0TdkJzxJhdpWJaKflm7AbKcVirsfZvJkjWI2L
aJUGOKMtObfVFqAfWN6BNX40zWjVN9cNfERKoIWct1lFxzCafFwQzWsWsSXN5xeK
oFrY4jZ9mvMoej9ftCHvqJiLRL5hFKrDTGLXI6/hPPORWL0PkPmb0InERxuMxozV
+D3mEwiLcQOxQ4N5Qz6qDPS4MtMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTGuAHU
dii2ug20dAzOERbqmzZG9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjY3OGU1ZDctNTk5NS00NzkxLTkzMTgtZjA4N2U4MzY1NGE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Hbg
ADANBgkqhkiG9w0BAQsFAAOCAQEAc0VZCdHtaEGZ2JZN6+R6gu02EBdpM3kBjKIG
NwtI+AzSvoEZ/mjBqmRaONcOiGnhMlil/I8HzloHoBZFYLIJQK5xGoqL4obxHlc3
3PPFxzmvElQPLtseKgf0D3CR+sJzgJqYvsaQMbMMrpks5h/KDOVCkERPHA+mq3lg
2D5H+kWyZjz9tcKQrRFoXrc0RbQ1/e9dtaRXTOtUkijeD20hSgWrFEBIc5uZWTjt
7uXaI22wC75vKSDxa0dyT9Z8zTgbcn/7zbbj/dZRWW1CgBnimKjkpg0HNAQx4U2P
bHnygRgpJC0fXUIM/YnrPH9DV57hNvXuP0R5SOh66e5pCTXKog==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:47:30 2025 by rpki-client