Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42a2bbbc-4bfd-4172-8004-b90bf9d2de72.roa
File: 42a2bbbc-4bfd-4172-8004-b90bf9d2de72.roa (raw, json)
Hash identifier: a2M/h1uVyNyw/qd/rJUuVN0nh7rDWch2LcM0H/7tTqY=
Subject key identifier: C0:47:92:E9:C9:1E:9D:0A:56:E9:BD:51:76:29:19:20:C5:BF:98:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 60618C89B24A8CB95CE5E899745D9ABCFA633C1A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42a2bbbc-4bfd-4172-8004-b90bf9d2de72.roa
Signing time: Mon 09 Jun 2025 19:20:06 +0000
ROA not before: Mon 09 Jun 2025 19:20:06 +0000
ROA not after: Mon 14 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:61:8c:89:b2:4a:8c:b9:5c:e5:e8:99:74:5d:9a:bc:fa:63:3c:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 9 19:20:06 2025 GMT
Not After : Jul 14 23:59:59 2025 GMT
Subject: serialNumber=cc6d05fb8d8a326a472028c1d83f1f8bc498952b1438fba64f74e2113bfbaec8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a2:25:23:0c:82:4f:56:15:1c:fa:18:9e:15:
c0:6a:c6:40:a7:3f:3a:bf:a0:d2:91:59:ab:eb:32:
d6:cf:6f:97:5c:64:3e:6b:4d:a8:08:88:1e:99:14:
58:5e:cb:28:60:dc:cb:ab:db:41:a0:f4:8d:46:ff:
c0:1d:25:a9:11:8d:ab:75:d8:ac:6f:a2:ac:2d:24:
ce:f3:46:f1:fa:43:ce:1b:e1:bd:56:05:5c:cf:b8:
bd:b2:c7:e9:6a:02:54:7a:34:33:1f:9c:e8:4d:3d:
25:ef:a9:0a:56:4a:b2:6e:a8:bd:47:0b:56:2a:93:
a3:32:fa:1d:0d:b2:a6:7a:84:a7:36:a1:a6:bb:38:
0c:9f:19:e0:d1:45:3e:23:7b:75:9a:d2:1c:0e:dc:
e2:37:12:4c:96:07:ab:a3:d9:0b:4e:a8:82:d5:c5:
2f:79:b1:19:df:c6:79:2b:5b:d9:78:82:f5:88:e5:
f1:32:81:d0:53:25:e4:fa:66:ff:6e:0f:e0:2c:ed:
4e:66:60:90:54:3e:4e:e9:fd:98:97:0e:3d:74:9b:
98:84:72:bf:f2:3b:9b:8c:61:3f:79:61:54:4a:ee:
5f:73:6f:c9:07:f1:51:20:38:55:62:ad:13:a3:41:
7a:6a:7c:51:d8:32:13:9a:0b:0e:02:b0:76:af:24:
b6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:47:92:E9:C9:1E:9D:0A:56:E9:BD:51:76:29:19:20:C5:BF:98:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42a2bbbc-4bfd-4172-8004-b90bf9d2de72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:9000::/48
Signature Algorithm: sha256WithRSAEncryption
14:ee:59:9b:5b:3e:c9:f9:94:26:6b:3a:1a:15:3c:21:8c:a8:
db:38:f7:4b:8a:e2:6b:ec:b7:93:46:60:4c:56:09:82:9c:d5:
a2:63:db:a4:98:c3:2b:21:cd:a2:36:d0:bb:07:f0:6c:0b:43:
60:ef:b8:5d:29:8c:95:48:11:69:45:b5:95:18:f0:c9:2d:00:
0f:63:37:d8:0a:f5:6b:1c:de:19:ad:35:4d:3f:b7:55:39:f9:
31:d3:fd:e6:18:04:d5:c5:54:d2:61:87:91:aa:df:1c:3a:c8:
8d:f1:94:e4:2b:97:8e:c2:8f:1e:31:d0:22:1b:0f:88:e3:05:
ad:8e:cc:d8:05:b9:32:70:bf:27:38:7a:d8:bf:29:6c:b7:89:
f0:fa:a1:a4:f9:d5:09:c9:2a:6d:24:c7:49:74:31:f4:65:b1:
d5:24:d2:64:9c:fd:ee:50:35:4b:29:e8:08:c3:15:68:c2:99:
bd:14:1a:3f:6f:20:a8:b3:98:b4:5e:a6:c7:e8:5c:02:1a:4a:
78:8d:fc:92:6d:23:ca:68:ab:74:69:e3:34:c9:f1:c0:53:70:
49:11:1c:28:7a:f8:09:f8:95:f2:9c:80:33:3d:c0:58:70:1b:
c2:7c:c0:63:d7:17:9a:cc:f4:4e:85:df:d1:8e:b5:de:2f:70:
44:8e:47:2a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYGGMibJKjLlc5eiZdF2avPpjPBowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDkxOTIwMDZaFw0yNTA3MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjNmQwNWZiOGQ4YTMyNmE0NzIwMjhjMWQ4M2YxZjhiYzQ5ODk1MmIxNDM4
ZmJhNjRmNzRlMjExM2JmYmFlYzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALiiJSMMgk9WFRz6GJ4VwGrGQKc/Or+g0pFZq+sy1s9vl1xkPmtNqAiIHpkU
WF7LKGDcy6vbQaD0jUb/wB0lqRGNq3XYrG+irC0kzvNG8fpDzhvhvVYFXM+4vbLH
6WoCVHo0Mx+c6E09Je+pClZKsm6ovUcLViqTozL6HQ2ypnqEpzahprs4DJ8Z4NFF
PiN7dZrSHA7c4jcSTJYHq6PZC06ogtXFL3mxGd/GeStb2XiC9Yjl8TKB0FMl5Ppm
/24P4CztTmZgkFQ+Tun9mJcOPXSbmIRyv/I7m4xhP3lhVEruX3NvyQfxUSA4VWKt
E6NBemp8UdgyE5oLDgKwdq8ktsMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTAR5Lp
yR6dClbpvVF2KRkgxb+YHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDJhMmJiYmMtNGJmZC00MTcyLTgwMDQtYjkwYmY5ZDJkZTcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HaQ
ADANBgkqhkiG9w0BAQsFAAOCAQEAFO5Zm1s+yfmUJms6GhU8IYyo2zj3S4ria+y3
k0ZgTFYJgpzVomPbpJjDKyHNojbQuwfwbAtDYO+4XSmMlUgRaUW1lRjwyS0AD2M3
2Ar1axzeGa01TT+3VTn5MdP95hgE1cVU0mGHkarfHDrIjfGU5CuXjsKPHjHQIhsP
iOMFrY7M2AW5MnC/Jzh62L8pbLeJ8PqhpPnVCckqbSTHSXQx9GWx1STSZJz97lA1
SynoCMMVaMKZvRQaP28gqLOYtF6mx+hcAhpKeI38km0jymirdGnjNMnxwFNwSREc
KHr4CfiV8pyAMz3AWHAbwnzAY9cXmsz0ToXf0Y613i9wRI5HKg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:13 2025 by rpki-client