Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
File: 2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa (raw, json)
Hash identifier: 2MzK6FYq5MZFk/r4m08j0i0aQ6pPJ48VoR4II/WZ1/8=
Subject key identifier: 53:4A:F0:05:71:8D:DE:38:2F:9D:E4:AF:50:BC:C7:E7:16:B2:C2:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6013C637B5A50A1E73AA965BDBEB92D5C76F5A61
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
Signing time: Tue 20 May 2025 19:21:41 +0000
ROA not before: Tue 20 May 2025 19:21:41 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:13:c6:37:b5:a5:0a:1e:73:aa:96:5b:db:eb:92:d5:c7:6f:5a:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:21:41 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=8129700875ae3512b23a97482770944bc77e4de45e6ad1d18b489dcbf47d35c4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:54:30:3b:1a:e9:55:2d:61:14:4f:8d:13:23:
06:a0:4a:8a:a1:65:ae:61:f7:c9:a2:3f:8b:ca:59:
87:5a:74:f3:28:1e:96:ba:1d:b3:42:85:33:ef:8d:
18:55:6d:fa:9e:ee:4c:1a:29:b6:13:7d:06:14:c9:
12:a7:91:93:a4:34:a3:c5:5b:ad:cb:6f:dc:ec:d6:
37:02:ae:58:5c:38:49:c3:a3:1c:ad:b6:9c:58:8a:
3d:71:f5:d9:ea:7e:c9:77:00:3b:28:c3:21:76:98:
cc:45:fe:7c:57:de:19:06:07:80:5a:b1:c4:f2:da:
e6:d2:86:86:43:36:8b:09:d9:40:01:24:2c:9a:77:
0d:ab:67:23:91:20:51:47:06:5f:6d:9f:d4:c9:93:
c9:d7:bb:53:a9:77:45:0b:aa:3a:d9:af:c2:6c:16:
55:74:47:46:ae:14:30:3e:f7:e3:16:f6:33:ae:2c:
eb:c4:b3:f6:dc:93:5d:68:79:ae:be:8e:b1:7d:10:
b6:fd:be:2d:8d:20:db:1c:43:82:9f:05:ba:bf:79:
0d:7a:4d:93:b7:0f:7d:69:cb:31:c9:60:0a:22:9b:
05:6a:af:74:36:9d:b6:5c:73:ed:b9:74:8e:a8:3d:
4a:19:bb:89:18:44:08:85:0a:bf:df:9b:25:62:83:
2c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:4A:F0:05:71:8D:DE:38:2F:9D:E4:AF:50:BC:C7:E7:16:B2:C2:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6000::/40
Signature Algorithm: sha256WithRSAEncryption
01:a6:c7:5b:45:b3:4a:13:5e:e7:41:dd:b7:b7:3c:47:af:e2:
18:0e:91:2b:16:c5:a7:8b:50:d0:ca:96:24:20:25:36:0f:0f:
c9:65:7e:49:b8:15:5f:a8:16:37:a4:a0:a3:cd:4a:8e:d6:1c:
f0:e2:ce:6d:15:96:aa:ac:22:3b:28:00:c3:42:c3:31:e6:7b:
93:11:d1:b3:98:55:90:45:30:6c:84:58:98:1f:36:f4:25:3f:
54:6e:5d:cb:be:8a:07:a7:2e:68:f5:51:03:7c:47:5c:06:d8:
fd:cd:9b:2d:98:fa:25:60:39:be:9f:80:b0:5c:e7:c4:bb:9b:
9a:a4:0e:37:f3:0c:71:b0:0c:60:58:cc:4c:ca:4c:84:d5:de:
2a:b6:b5:8a:da:3a:d0:d3:d2:dd:8f:97:a7:28:6a:b0:72:3b:
b6:c8:2d:db:cc:84:fd:da:da:59:a0:72:21:6d:fb:f0:fd:8e:
87:ba:ea:a2:f9:a8:08:4f:bd:ce:f6:cd:42:1c:62:35:57:24:
e6:12:01:fc:a4:c7:e5:94:7f:f9:4d:38:2a:79:b4:46:5d:81:
9a:7f:8c:54:f0:5c:03:3a:63:e0:3a:6c:0a:60:21:af:af:ac:
5a:3f:e3:66:74:25:27:30:41:0c:e1:ea:88:d6:cf:62:b0:2d:
74:51:cd:ab
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYBPGN7WlCh5zqpZb2+uS1cdvWmEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIxNDFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMjk3MDA4NzVhZTM1MTJiMjNhOTc0ODI3NzA5NDRiYzc3ZTRkZTQ1ZTZh
ZDFkMThiNDg5ZGNiZjQ3ZDM1YzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMtUMDsa6VUtYRRPjRMjBqBKiqFlrmH3yaI/i8pZh1p08ygelrods0KFM++N
GFVt+p7uTBopthN9BhTJEqeRk6Q0o8Vbrctv3OzWNwKuWFw4ScOjHK22nFiKPXH1
2ep+yXcAOyjDIXaYzEX+fFfeGQYHgFqxxPLa5tKGhkM2iwnZQAEkLJp3DatnI5Eg
UUcGX22f1MmTyde7U6l3RQuqOtmvwmwWVXRHRq4UMD734xb2M64s68Sz9tyTXWh5
rr6OsX0Qtv2+LY0g2xxDgp8Fur95DXpNk7cPfWnLMclgCiKbBWqvdDadtlxz7bl0
jqg9Shm7iRhECIUKv9+bJWKDLGcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRTSvAF
cY3eOC+d5K9QvMfnFrLCaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmIwZGUxMmEtZWMxZC00NjViLThmMzgtNjhhMmRkNmExOWRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABg
MA0GCSqGSIb3DQEBCwUAA4IBAQABpsdbRbNKE17nQd23tzxHr+IYDpErFsWni1DQ
ypYkICU2Dw/JZX5JuBVfqBY3pKCjzUqO1hzw4s5tFZaqrCI7KADDQsMx5nuTEdGz
mFWQRTBshFiYHzb0JT9Ubl3LvooHpy5o9VEDfEdcBtj9zZstmPolYDm+n4CwXOfE
u5uapA438wxxsAxgWMxMykyE1d4qtrWK2jrQ09Ldj5enKGqwcju2yC3bzIT92tpZ
oHIhbfvw/Y6Huuqi+agIT73O9s1CHGI1VyTmEgH8pMfllH/5TTgqebRGXYGaf4xU
8FwDOmPgOmwKYCGvr6xaP+NmdCUnMEEM4eqI1s9isC10Uc2r
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:51 2025 by rpki-client