Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/655038e8-ae62-4d89-86ef-c5f745dc0c17.roa
File: 655038e8-ae62-4d89-86ef-c5f745dc0c17.roa (raw, json)
Hash identifier: nYm3gZP1NPFvnsPzO32palmPvxV2A7X2+dcjof/56jU=
Subject key identifier: FB:FC:CD:A8:FF:05:FB:A8:FB:B6:D3:C2:23:B7:96:AF:83:37:40:D9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 15579019DE3BAABC40DE6F226D80FA9EDD80FDA1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/655038e8-ae62-4d89-86ef-c5f745dc0c17.roa
Signing time: Tue 10 Jun 2025 17:20:22 +0000
ROA not before: Tue 10 Jun 2025 17:20:22 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:57:90:19:de:3b:aa:bc:40:de:6f:22:6d:80:fa:9e:dd:80:fd:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:22 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=64c24e0489874a136c3551b6fa4c1a8711bceb20cff059ed8d005c0c230f2dda, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:93:42:be:3b:f2:3c:4d:9d:8e:67:23:05:11:
60:b6:5d:44:63:9e:b7:e8:e4:ec:2c:3e:f4:d9:c5:
2c:23:92:ba:fa:46:53:02:32:ef:ec:25:ce:14:25:
78:50:ff:91:52:59:2f:57:3c:74:9e:4a:52:f4:9a:
f8:d6:60:dd:bb:be:1c:25:bd:75:21:cd:e5:b1:72:
03:78:e1:f6:f5:e4:fe:b3:f3:1f:8e:0e:d5:19:cc:
29:5b:c5:fa:b7:cf:e3:02:9c:97:71:b5:a5:b7:e3:
43:93:40:06:50:16:0a:d2:cd:c4:01:a2:1f:a5:01:
3d:2c:fe:c8:5b:04:1a:4c:c6:83:d7:e7:44:b0:18:
71:e6:17:87:7e:84:ab:49:e6:80:0c:a5:a9:a3:0b:
51:dc:a1:65:de:24:ad:7b:4e:4c:dc:5e:70:76:a5:
ef:8f:91:8b:8f:c7:4e:21:bb:63:31:0a:ec:ca:27:
db:32:52:a4:62:68:95:c8:65:54:d8:77:c3:1e:c6:
4a:e2:e1:82:2d:97:58:62:cc:4e:6a:e1:1d:c5:a6:
74:97:a3:1e:82:dc:92:ab:25:8f:91:97:f5:a7:14:
0c:5b:36:46:37:30:c6:76:ce:9d:f6:01:e5:95:e3:
d6:f7:61:07:71:f5:6d:87:04:4d:8e:df:92:cd:b1:
0a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:FC:CD:A8:FF:05:FB:A8:FB:B6:D3:C2:23:B7:96:AF:83:37:40:D9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/655038e8-ae62-4d89-86ef-c5f745dc0c17.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:840::/48
Signature Algorithm: sha256WithRSAEncryption
6b:a2:cb:30:2b:a5:c6:e7:ec:81:4f:ed:ac:77:c3:19:43:06:
23:a8:17:4d:63:14:56:cd:c7:d4:e9:93:87:41:4a:4d:08:4c:
8f:30:11:a3:2e:e8:d2:c3:ed:ed:5a:51:3f:00:45:ee:6d:d7:
ff:5e:b7:ce:94:6b:73:d7:16:62:6c:ad:51:17:96:9a:f5:bf:
e9:27:f4:14:9e:2d:29:17:c6:01:90:14:73:3b:8f:81:0c:af:
f4:6f:8c:fd:0a:db:41:cf:66:0d:f0:6a:4a:6b:4d:80:42:26:
9c:b5:7a:91:c9:a8:32:25:39:d7:0c:25:bf:32:47:c9:1d:28:
7d:07:d2:e2:39:39:42:a0:fc:e9:a7:6e:71:8c:1d:18:af:d7:
11:a5:94:35:3a:0c:ca:02:07:8b:af:b6:0c:8d:ff:2c:25:de:
ef:59:aa:41:97:45:32:2a:ed:91:e7:58:d2:a6:f8:83:1b:98:
d4:74:41:a7:e5:a7:ab:cd:49:24:8d:49:42:31:75:f7:ca:ce:
b2:98:fb:8c:6e:4e:fd:c6:74:f9:94:03:1d:b0:f4:9b:0e:d0:
21:a0:2e:a6:a1:77:25:32:ab:2b:6b:f2:ca:59:50:de:b0:1b:
44:bb:da:06:63:10:23:ec:4c:17:6b:5a:63:f1:ba:01:fb:ea:
bc:62:17:ab
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFVeQGd47qrxA3m8ibYD6nt2A/aEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwMjJaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0YzI0ZTA0ODk4NzRhMTM2YzM1NTFiNmZhNGMxYTg3MTFiY2ViMjBjZmYw
NTllZDhkMDA1YzBjMjMwZjJkZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJSTQr478jxNnY5nIwURYLZdRGOet+jk7Cw+9NnFLCOSuvpGUwIy7+wlzhQl
eFD/kVJZL1c8dJ5KUvSa+NZg3bu+HCW9dSHN5bFyA3jh9vXk/rPzH44O1RnMKVvF
+rfP4wKcl3G1pbfjQ5NABlAWCtLNxAGiH6UBPSz+yFsEGkzGg9fnRLAYceYXh36E
q0nmgAylqaMLUdyhZd4krXtOTNxecHal74+Ri4/HTiG7YzEK7Mon2zJSpGJolchl
VNh3wx7GSuLhgi2XWGLMTmrhHcWmdJejHoLckqslj5GX9acUDFs2RjcwxnbOnfYB
5ZXj1vdhB3H1bYcETY7fks2xCgECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT7/M2o
/wX7qPu208Ijt5avgzdA2TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjU1MDM4ZTgtYWU2Mi00ZDg5LTg2ZWYtYzVmNzQ1ZGMwYzE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I
QDANBgkqhkiG9w0BAQsFAAOCAQEAa6LLMCulxufsgU/trHfDGUMGI6gXTWMUVs3H
1OmTh0FKTQhMjzARoy7o0sPt7VpRPwBF7m3X/163zpRrc9cWYmytUReWmvW/6Sf0
FJ4tKRfGAZAUczuPgQyv9G+M/QrbQc9mDfBqSmtNgEImnLV6kcmoMiU51wwlvzJH
yR0ofQfS4jk5QqD86aducYwdGK/XEaWUNToMygIHi6+2DI3/LCXe71mqQZdFMirt
kedY0qb4gxuY1HRBp+Wnq81JJI1JQjF198rOspj7jG5O/cZ0+ZQDHbD0mw7QIaAu
pqF3JTKrK2vyyllQ3rAbRLvaBmMQI+xMF2taY/G6AfvqvGIXqw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:14 2025 by rpki-client