Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa
File: 6236cad2-ab49-4574-b740-7b70c27fae87.roa (raw, json)
Hash identifier: BIdsExT+T35oTcnXYa3rww7PATiky42mNkYvInAYOn4=
Subject key identifier: 1E:7E:13:FE:27:31:80:32:47:C7:1E:DF:13:F3:D6:78:36:08:32:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 286E27296B36D44F34E930ED34E2577F9BCF8EB6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa
Signing time: Fri 23 May 2025 00:40:08 +0000
ROA not before: Fri 23 May 2025 00:40:08 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:6e:27:29:6b:36:d4:4f:34:e9:30:ed:34:e2:57:7f:9b:cf:8e:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:08 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=61a741ebc7331f157e816324da56ca1e2af5470e05ac62f7d5404bae4b23c1ad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:00:86:13:83:18:82:6a:82:10:f3:bf:b7:a9:
ce:4e:1e:76:8f:51:9e:56:8a:f0:4b:7f:5f:ae:0d:
e2:11:d7:66:70:db:83:27:89:c1:a3:01:cf:86:1a:
71:47:84:0f:08:9e:95:ca:67:66:bb:e8:87:41:4c:
15:17:9a:18:46:18:8b:09:f0:21:c5:4e:86:e7:fc:
0f:90:42:be:c2:7c:ec:39:85:1c:b7:28:cb:75:af:
8d:60:32:33:81:28:da:76:71:b3:c8:31:26:08:62:
be:c9:11:7e:6f:ba:4b:aa:80:1e:42:a6:0c:ce:55:
5c:da:e7:fc:ee:55:fd:9d:6c:80:3b:50:8c:11:7c:
37:11:13:fc:32:6c:3c:76:be:69:67:3d:d7:d2:fc:
29:ea:0a:f1:cd:b5:86:91:04:b8:eb:c2:a8:96:c0:
1b:ff:59:f1:ff:31:c2:14:93:90:63:3d:3c:e2:cc:
f3:82:94:ce:95:5e:17:dc:82:cd:3d:2a:d5:16:26:
9d:1b:2c:f3:0f:1b:62:aa:a0:47:8a:86:92:17:e5:
16:55:16:79:1c:78:d8:76:ae:90:d4:b4:5a:98:0b:
71:7f:84:ac:8d:ac:27:db:d9:66:71:3a:ec:56:f5:
5d:61:bc:3d:2d:99:2c:19:e3:fd:15:ac:f2:91:30:
ed:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:7E:13:FE:27:31:80:32:47:C7:1E:DF:13:F3:D6:78:36:08:32:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8400::/38
Signature Algorithm: sha256WithRSAEncryption
50:2c:b1:ee:55:86:f3:44:0f:5c:93:c5:18:14:5a:3d:88:b1:
40:a2:91:52:8e:c0:44:eb:93:eb:9e:68:8c:2e:6b:cf:a4:f2:
d6:97:80:85:99:d5:02:5a:19:e9:f5:2c:09:8b:0e:0a:49:c2:
6e:48:cd:33:f3:a3:7a:cd:7b:34:bd:1c:dc:f1:17:ad:b5:9c:
d8:48:52:a7:9a:71:7f:40:c4:52:6d:64:c5:1a:33:7d:0d:66:
13:86:b2:0f:4a:fe:7c:5b:fe:b7:71:dd:0c:8e:1d:f9:72:4c:
04:dc:91:bd:4a:7d:f1:d3:04:00:29:01:f7:76:8b:e2:ef:e9:
cf:a5:76:67:e1:24:61:90:06:9e:db:0a:96:6b:16:77:35:0f:
d8:08:72:6e:83:29:12:2f:1a:b0:68:f6:86:c6:4e:78:7d:84:
01:66:d0:b8:12:1e:0b:d3:6c:ad:3b:3f:a4:48:6f:e4:0e:77:
ee:2a:01:ae:3b:8a:7f:90:d1:d8:cb:5b:57:94:c5:13:91:62:
e5:69:f9:68:52:7c:c8:2f:1c:5a:9c:47:a5:a8:75:c8:51:56:
28:cd:4a:98:a8:45:89:7e:a7:e8:c8:b9:74:21:81:56:a6:53:
fb:04:f2:83:e1:fc:20:e4:d3:ca:7e:5e:af:cb:cf:8d:aa:8d:
07:af:6a:02
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKG4nKWs21E806TDtNOJXf5vPjrYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwMDhaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxYTc0MWViYzczMzFmMTU3ZTgxNjMyNGRhNTZjYTFlMmFmNTQ3MGUwNWFj
NjJmN2Q1NDA0YmFlNGIyM2MxYWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO8AhhODGIJqghDzv7epzk4edo9RnlaK8Et/X64N4hHXZnDbgyeJwaMBz4Ya
cUeEDwielcpnZrvoh0FMFReaGEYYiwnwIcVOhuf8D5BCvsJ87DmFHLcoy3WvjWAy
M4Eo2nZxs8gxJghivskRfm+6S6qAHkKmDM5VXNrn/O5V/Z1sgDtQjBF8NxET/DJs
PHa+aWc919L8KeoK8c21hpEEuOvCqJbAG/9Z8f8xwhSTkGM9POLM84KUzpVeF9yC
zT0q1RYmnRss8w8bYqqgR4qGkhflFlUWeRx42HaukNS0WpgLcX+ErI2sJ9vZZnE6
7Fb1XWG8PS2ZLBnj/RWs8pEw7bcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQefhP+
JzGAMkfHHt8T89Z4NggyMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjIzNmNhZDItYWI0OS00NTc0LWI3NDAtN2I3MGMyN2ZhZTg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCE
MA0GCSqGSIb3DQEBCwUAA4IBAQBQLLHuVYbzRA9ck8UYFFo9iLFAopFSjsBE65Pr
nmiMLmvPpPLWl4CFmdUCWhnp9SwJiw4KScJuSM0z86N6zXs0vRzc8RettZzYSFKn
mnF/QMRSbWTFGjN9DWYThrIPSv58W/63cd0Mjh35ckwE3JG9Sn3x0wQAKQH3dovi
7+nPpXZn4SRhkAae2wqWaxZ3NQ/YCHJugykSLxqwaPaGxk54fYQBZtC4Eh4L02yt
Oz+kSG/kDnfuKgGuO4p/kNHYy1tXlMUTkWLlafloUnzILxxanEelqHXIUVYozUqY
qEWJfqfoyLl0IYFWplP7BPKD4fwg5NPKfl6vy8+Nqo0Hr2oC
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:17 2025 by rpki-client