Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
File: 50b60672-d484-48a0-9016-474bafea8912.roa (raw, json)
Hash identifier: lcMYhmlvEHUYbD2FvMjdlNOABYSlRYeDhGlJgrjG+Ek=
Subject key identifier: 6A:F3:F4:29:B9:B1:25:D1:54:18:56:A8:BD:6F:09:FA:F0:4F:A6:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BB5C66C557280C812A16ACC76D9A2BEEC8D8E56
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
Signing time: Tue 20 May 2025 20:31:28 +0000
ROA not before: Tue 20 May 2025 20:31:28 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:b5:c6:6c:55:72:80:c8:12:a1:6a:cc:76:d9:a2:be:ec:8d:8e:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:31:28 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=2a6078d562b7a271b38e65b369af632973a3d82f5a925b3044917ff06593d7b4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:08:cb:27:87:a0:17:8e:2f:31:68:e8:6c:a3:
fd:b5:f3:91:b5:62:ab:0b:3e:05:38:48:57:f8:61:
ab:9d:85:c5:42:ad:a5:45:58:13:ef:7f:5e:4d:c8:
46:17:74:6c:20:88:24:67:d6:95:0e:b4:7c:6d:a1:
df:80:b8:12:48:62:71:82:e4:84:d0:69:34:03:5a:
8d:04:6e:5d:57:de:d3:ab:23:41:5d:51:7e:65:9f:
10:7c:ca:e3:33:33:ea:36:f4:5f:43:b7:fd:53:69:
4a:92:1c:35:f9:47:9c:ce:4b:03:ba:a0:0f:d2:08:
d4:39:34:1e:bf:d0:9e:77:95:01:b5:e0:8d:c3:a3:
f0:6c:c2:53:11:82:ed:0c:58:38:15:d4:55:87:05:
45:ba:5a:e4:c0:62:93:53:72:85:30:4c:38:da:5e:
f2:22:ff:0b:2c:7d:01:b4:2f:15:97:b4:23:f4:4b:
50:55:dd:5f:5b:57:ca:76:4f:14:4a:6a:c7:5c:0e:
af:aa:28:9b:f2:4c:e9:5e:75:99:49:e4:76:c8:b9:
45:59:64:44:6b:08:60:ef:0d:dd:db:5a:32:11:2d:
ce:46:6e:31:e1:19:32:e5:de:69:81:ba:5e:62:f8:
5c:22:6d:9f:ed:61:be:c8:56:7e:35:4c:80:9a:f5:
cd:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F3:F4:29:B9:B1:25:D1:54:18:56:A8:BD:6F:09:FA:F0:4F:A6:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/36
Signature Algorithm: sha256WithRSAEncryption
52:62:ee:7d:cc:72:58:30:3c:91:95:1b:06:fb:f4:ad:1e:ad:
57:eb:bf:84:ed:b9:86:59:b2:d0:1e:52:a9:c2:c6:20:14:4f:
f3:9f:e0:79:e7:e6:d2:b8:23:bc:53:9d:11:a9:3c:95:cc:8a:
b1:0c:a6:f7:cd:fc:7c:54:32:d3:b7:f6:b1:5f:2b:a9:1d:56:
8d:9a:4f:fc:2d:00:19:53:aa:15:08:fb:5c:fb:6d:b5:a4:62:
88:0b:78:5e:16:65:ba:85:ca:cd:89:16:af:33:d3:43:d3:18:
64:b6:9c:66:d1:87:25:0c:23:2e:ff:d2:64:24:bf:19:d2:0f:
34:2d:4f:7a:ab:ac:50:f1:7b:22:9a:50:52:ea:42:19:e6:f9:
4a:11:f7:34:a5:3f:7e:e9:f3:3f:68:88:df:6e:0f:89:91:61:
37:8d:9b:f7:55:70:de:b4:bf:30:f6:a6:d3:61:d7:a2:8f:c1:
9f:99:c2:90:d7:a8:22:bf:8a:9d:c6:08:f6:ee:86:f2:7a:00:
26:22:ac:c9:4e:de:10:7e:ef:9d:57:90:23:80:d3:82:02:a5:
1d:37:e2:89:f8:79:5b:bb:79:76:58:9f:34:5c:c4:0a:c8:27:
32:c3:b2:c7:e1:dc:4c:9f:24:b2:45:aa:40:e2:c3:43:06:bc:
7a:b0:3c:c1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUa7XGbFVygMgSoWrMdtmivuyNjlYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMxMjhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhNjA3OGQ1NjJiN2EyNzFiMzhlNjViMzY5YWY2MzI5NzNhM2Q4MmY1YTky
NWIzMDQ0OTE3ZmYwNjU5M2Q3YjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEIyyeHoBeOLzFo6Gyj/bXzkbViqws+BThIV/hhq52FxUKtpUVYE+9/Xk3I
Rhd0bCCIJGfWlQ60fG2h34C4EkhicYLkhNBpNANajQRuXVfe06sjQV1RfmWfEHzK
4zMz6jb0X0O3/VNpSpIcNflHnM5LA7qgD9II1Dk0Hr/QnneVAbXgjcOj8GzCUxGC
7QxYOBXUVYcFRbpa5MBik1NyhTBMONpe8iL/Cyx9AbQvFZe0I/RLUFXdX1tXynZP
FEpqx1wOr6oom/JM6V51mUnkdsi5RVlkRGsIYO8N3dtaMhEtzkZuMeEZMuXeaYG6
XmL4XCJtn+1hvshWfjVMgJr1zQcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRq8/Qp
ubEl0VQYVqi9bwn68E+mITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTBiNjA2NzItZDQ4NC00OGEwLTkwMTYtNDc0YmFmZWE4OTEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQBSYu59zHJYMDyRlRsG+/StHq1X67+E7bmGWbLQ
HlKpwsYgFE/zn+B55+bSuCO8U50RqTyVzIqxDKb3zfx8VDLTt/axXyupHVaNmk/8
LQAZU6oVCPtc+221pGKIC3heFmW6hcrNiRavM9ND0xhktpxm0YclDCMu/9JkJL8Z
0g80LU96q6xQ8XsimlBS6kIZ5vlKEfc0pT9+6fM/aIjfbg+JkWE3jZv3VXDetL8w
9qbTYdeij8GfmcKQ16giv4qdxgj27obyegAmIqzJTt4Qfu+dV5AjgNOCAqUdN+KJ
+Hlbu3l2WJ80XMQKyCcyw7LH4dxMnySyRapA4sNDBrx6sDzB
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:48:33 2025 by rpki-client