Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa
File: 31246558-533e-42f5-8c90-dc91729aa7fa.roa (raw, json)
Hash identifier: bSaRrEieBJE0/6foPcieXqYI5IUr0ypBsNkEh0uKH14=
Subject key identifier: A0:6B:0E:B2:3D:8F:C8:99:3B:79:F2:E5:FE:B0:2C:AF:CC:E3:F4:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 206A13AA405D471E20B8045A8EDD12B2AC85B4B9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa
Signing time: Thu 22 May 2025 01:22:10 +0000
ROA not before: Thu 22 May 2025 01:22:10 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:6a:13:aa:40:5d:47:1e:20:b8:04:5a:8e:dd:12:b2:ac:85:b4:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:22:10 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=ea32a158e806f77da2b0957af140250f1bc222e52b75021c6991657cd36a5916, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f0:78:c5:1b:ad:3b:59:5a:f9:3e:05:2d:5e:
46:73:39:fb:f1:a2:06:84:2a:c0:bb:fb:d6:cd:8c:
ea:e5:f4:88:e9:3c:f8:0b:9b:7d:77:87:7a:22:1b:
e0:d1:43:ac:26:09:52:b3:17:9d:37:d2:d5:69:4d:
a3:79:db:40:17:d3:a1:8e:60:a8:a0:c4:df:ff:5d:
e1:c2:73:7f:6d:7a:c9:b6:f9:75:53:ed:82:14:bc:
0c:f9:ef:90:48:33:be:04:50:2b:c3:5f:6f:90:93:
b4:c9:9d:b9:e0:46:52:33:7f:75:6c:34:a4:cb:16:
6d:75:2e:a5:eb:95:e4:9f:ab:13:74:48:02:d7:9a:
13:4a:09:77:51:2a:e9:e5:12:93:db:da:14:b7:72:
75:a9:f3:15:99:57:75:ef:d8:36:2d:b7:ab:72:9d:
ad:3a:73:6b:e9:15:31:96:9b:ab:1c:95:cd:5e:d5:
09:77:a6:56:6c:6a:5a:1d:31:a5:d0:82:45:55:86:
07:0c:8d:35:e0:a4:ca:61:48:ce:0d:92:7b:ae:b5:
23:67:8b:c1:bf:32:b5:a2:af:a2:cb:1c:bc:59:f9:
36:a7:13:5b:a6:64:0d:18:d6:58:ae:db:3b:b8:65:
b0:75:32:24:cc:32:7d:50:cb:63:c5:28:d2:72:2e:
85:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:6B:0E:B2:3D:8F:C8:99:3B:79:F2:E5:FE:B0:2C:AF:CC:E3:F4:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:1000::/40
Signature Algorithm: sha256WithRSAEncryption
0a:b8:15:86:74:2d:c9:00:c5:9a:b2:2b:92:76:a1:ad:01:a0:
12:bc:ac:e1:fe:3c:80:85:cb:d7:38:3d:06:6f:d9:59:e0:9e:
e6:b1:e4:b1:45:0d:39:1b:3d:84:26:5e:09:f3:f8:56:e2:4d:
ce:6f:89:5a:b7:b9:fe:aa:32:d3:49:20:45:3b:b8:b0:03:06:
00:8f:56:b6:ab:d6:63:5e:6a:0b:84:1b:4b:b1:c8:e5:0d:a6:
4d:a0:b8:b7:ad:d3:2a:f7:22:df:52:8d:7d:31:6e:ca:cd:54:
f9:4a:94:a3:df:39:89:09:b4:a1:86:b2:39:92:5e:a3:d4:0f:
c2:8e:07:06:c8:c4:da:78:25:5d:bb:45:54:c6:a1:90:a7:57:
60:a7:72:3e:96:16:03:90:b1:18:b1:45:21:da:de:6e:91:da:
d2:1b:15:f5:5c:62:9e:cd:39:05:f5:be:99:2b:c2:8c:95:21:
05:fc:f3:47:35:08:52:db:32:54:8e:e2:ca:95:f2:ac:5a:9e:
7f:26:46:be:96:7a:27:6a:27:6a:48:c8:05:2e:22:4d:85:e9:
89:1e:5c:31:16:55:84:07:9c:91:81:86:e7:ac:49:81:51:1c:
e7:61:91:90:76:a1:31:30:d2:db:62:b1:cd:71:0a:88:1a:4b:
6c:fd:18:30
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIGoTqkBdRx4guARajt0SsqyFtLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTIyMTBaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhMzJhMTU4ZTgwNmY3N2RhMmIwOTU3YWYxNDAyNTBmMWJjMjIyZTUyYjc1
MDIxYzY5OTE2NTdjZDM2YTU5MTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJDweMUbrTtZWvk+BS1eRnM5+/GiBoQqwLv71s2M6uX0iOk8+AubfXeHeiIb
4NFDrCYJUrMXnTfS1WlNo3nbQBfToY5gqKDE3/9d4cJzf216ybb5dVPtghS8DPnv
kEgzvgRQK8Nfb5CTtMmdueBGUjN/dWw0pMsWbXUupeuV5J+rE3RIAteaE0oJd1Eq
6eUSk9vaFLdydanzFZlXde/YNi23q3KdrTpza+kVMZabqxyVzV7VCXemVmxqWh0x
pdCCRVWGBwyNNeCkymFIzg2Se661I2eLwb8ytaKvosscvFn5NqcTW6ZkDRjWWK7b
O7hlsHUyJMwyfVDLY8Uo0nIuhesCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgaw6y
PY/ImTt58uX+sCyvzOP0BzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzEyNDY1NTgtNTMzZS00MmY1LThjOTAtZGM5MTcyOWFhN2ZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G0Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAKuBWGdC3JAMWasiuSdqGtAaASvKzh/jyAhcvX
OD0Gb9lZ4J7mseSxRQ05Gz2EJl4J8/hW4k3Ob4lat7n+qjLTSSBFO7iwAwYAj1a2
q9ZjXmoLhBtLscjlDaZNoLi3rdMq9yLfUo19MW7KzVT5SpSj3zmJCbShhrI5kl6j
1A/CjgcGyMTaeCVdu0VUxqGQp1dgp3I+lhYDkLEYsUUh2t5ukdrSGxX1XGKezTkF
9b6ZK8KMlSEF/PNHNQhS2zJUjuLKlfKsWp5/Jka+lnonaidqSMgFLiJNhemJHlwx
FlWEB5yRgYbnrEmBURznYZGQdqExMNLbYrHNcQqIGkts/Rgw
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:46:40 2025 by rpki-client