Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
File: 6a2f7401-8559-4633-8579-cca77d6fa971.roa (raw, json)
Hash identifier: PbREP42s4euZo9qJp4IqlSAC7qPvqspoNk9bB9vLIMQ=
Subject key identifier: CF:D8:8D:B4:D1:17:E0:8E:A3:F5:E4:E2:DA:D9:20:1A:CF:8F:4F:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1AB8F320A25C50051C8F080CF75A1C8BB51B336E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
Signing time: Tue 20 May 2025 20:30:45 +0000
ROA not before: Tue 20 May 2025 20:30:45 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:b8:f3:20:a2:5c:50:05:1c:8f:08:0c:f7:5a:1c:8b:b5:1b:33:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:30:45 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=e0dfe18c71db1c4fba02e040e9193fb166444fd3b7a8f584c50ad96457aa8ec5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ad:5c:fd:56:c5:6a:dc:f9:2c:e0:19:c4:03:
9c:a6:c9:83:4a:28:73:19:71:b4:c8:6b:72:58:a7:
7a:29:4d:63:df:9a:7b:ed:8e:61:1e:b7:4c:2d:01:
61:0d:57:6f:01:2b:d2:b1:d7:7b:d9:f5:5e:e5:14:
4c:97:ff:dc:3e:25:f4:43:aa:a8:bb:a2:02:ca:4d:
b3:f1:a3:e1:89:ba:e9:44:a0:e6:ab:db:8a:e6:19:
fc:da:8f:69:d0:19:bb:d9:24:aa:d5:39:a9:01:47:
73:b1:b1:df:e3:19:94:da:22:2a:fb:ef:d4:df:74:
ce:38:aa:6c:59:99:e9:34:e4:51:13:1c:a0:24:db:
83:d4:04:01:97:a9:e9:f8:7a:ed:e2:40:3f:6e:eb:
08:c8:1e:5e:86:3c:06:24:9a:60:83:93:ec:e5:6b:
0b:86:fe:e8:3b:50:da:4c:0c:04:3e:e4:34:1d:33:
46:c7:0c:26:07:96:60:92:ac:c0:d5:29:a6:f9:c1:
d4:dd:31:19:65:63:c2:d1:37:26:80:ab:c2:6b:09:
f8:4c:30:89:33:3c:cb:e9:cd:1b:a3:60:c7:70:91:
b3:64:a7:6b:e6:e4:6b:09:bb:8f:db:bc:84:a6:a0:
c2:37:3f:94:01:06:ba:81:e4:d6:15:0c:78:6b:a8:
3b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:D8:8D:B4:D1:17:E0:8E:A3:F5:E4:E2:DA:D9:20:1A:CF:8F:4F:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a::/36
Signature Algorithm: sha256WithRSAEncryption
6c:b5:a6:6a:2b:42:7a:4d:56:a1:d6:89:1e:e0:1f:db:94:a7:
53:ef:2a:83:e5:ef:7d:27:19:c4:d9:7e:19:80:e7:0f:97:d6:
59:3c:8d:c2:d5:01:8c:76:35:03:a9:e9:c8:9a:af:42:e8:98:
ee:17:fc:f5:bd:e6:84:dd:09:e8:a4:75:09:e5:47:ac:19:fe:
ca:32:b1:da:a6:49:03:bc:7d:8b:33:7f:c5:35:ed:41:d6:6b:
70:e3:1b:86:42:ba:14:d8:35:3d:00:47:f7:45:d0:ec:cc:fb:
0b:c1:22:19:4e:9d:2f:ae:d0:6a:f3:75:46:51:aa:3e:08:e4:
21:3c:05:86:db:90:47:ff:10:9c:d5:e4:c8:89:28:c6:3b:bd:
5c:cd:ab:17:20:2d:50:13:b7:12:15:04:3c:f8:75:fe:e0:ca:
da:ff:c3:7b:fa:4e:74:5b:e4:b2:ae:bf:af:1d:d9:c8:ce:23:
10:a8:74:82:64:07:56:97:d5:58:8d:9f:49:0f:16:45:c3:01:
9c:a7:b1:37:43:46:4b:0d:70:b9:62:9b:23:43:3a:d4:de:e3:
80:e0:d6:45:b4:a0:e8:4a:d7:86:6a:33:f7:e3:b0:4d:92:13:
7f:c2:db:67:5b:8f:a3:58:05:8e:bf:0b:0f:fa:20:04:08:26:
a0:35:36:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGrjzIKJcUAUcjwgM91oci7UbM24wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMwNDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwZGZlMThjNzFkYjFjNGZiYTAyZTA0MGU5MTkzZmIxNjY0NDRmZDNiN2E4
ZjU4NGM1MGFkOTY0NTdhYThlYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALitXP1WxWrc+SzgGcQDnKbJg0oocxlxtMhrclineilNY9+ae+2OYR63TC0B
YQ1XbwEr0rHXe9n1XuUUTJf/3D4l9EOqqLuiAspNs/Gj4Ym66USg5qvbiuYZ/NqP
adAZu9kkqtU5qQFHc7Gx3+MZlNoiKvvv1N90zjiqbFmZ6TTkURMcoCTbg9QEAZep
6fh67eJAP27rCMgeXoY8BiSaYIOT7OVrC4b+6DtQ2kwMBD7kNB0zRscMJgeWYJKs
wNUppvnB1N0xGWVjwtE3JoCrwmsJ+EwwiTM8y+nNG6Ngx3CRs2Sna+bkawm7j9u8
hKagwjc/lAEGuoHk1hUMeGuoO/0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTP2I20
0RfgjqP15OLa2SAaz49PGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmEyZjc0MDEtODU1OS00NjMzLTg1NzktY2NhNzdkNmZhOTcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BoA
MA0GCSqGSIb3DQEBCwUAA4IBAQBstaZqK0J6TVah1oke4B/blKdT7yqD5e99JxnE
2X4ZgOcPl9ZZPI3C1QGMdjUDqenImq9C6JjuF/z1veaE3QnopHUJ5UesGf7KMrHa
pkkDvH2LM3/FNe1B1mtw4xuGQroU2DU9AEf3RdDszPsLwSIZTp0vrtBq83VGUao+
COQhPAWG25BH/xCc1eTIiSjGO71czasXIC1QE7cSFQQ8+HX+4Mra/8N7+k50W+Sy
rr+vHdnIziMQqHSCZAdWl9VYjZ9JDxZFwwGcp7E3Q0ZLDXC5YpsjQzrU3uOA4NZF
tKDoSteGajP347BNkhN/wttnW4+jWAWOvwsP+iAECCagNTaG
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:47:31 2025 by rpki-client