Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
File: 6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa (raw, json)
Hash identifier: vctqszU257iDLfH3/ItyglP2uOT2n6KZ5A+jrD8u3d8=
Subject key identifier: A3:C6:B1:C5:B1:C3:46:6C:1D:27:07:F7:1E:44:FC:CA:7A:35:50:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72FE4F87934373EA4AE89976433A8E047F89F3D0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
Signing time: Tue 20 May 2025 18:51:23 +0000
ROA not before: Tue 20 May 2025 18:51:23 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:fe:4f:87:93:43:73:ea:4a:e8:99:76:43:3a:8e:04:7f:89:f3:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:51:23 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b260ccbf290476f89c86fe7825cb943cfc5520f661ee574e34435f08852d1534, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:14:1e:66:39:f3:9c:52:9f:43:41:12:84:9b:
af:fc:9a:a4:09:c4:09:36:3b:09:e2:bc:ec:4d:e8:
b4:a4:4b:c6:fb:27:f6:96:e9:8c:be:70:9b:fc:4e:
75:0c:29:67:f3:92:bf:63:0d:a8:1f:b8:89:17:74:
52:48:22:ea:cb:26:d0:eb:c1:02:2a:b1:d5:e8:41:
e8:e3:98:d3:2c:2c:44:7a:fa:ce:55:cd:b9:d1:77:
d3:50:07:78:fc:91:8e:11:76:6a:33:a3:a0:29:e0:
1e:30:80:12:5b:42:52:2a:4c:88:19:b1:96:bf:c9:
84:db:23:23:ef:53:27:a7:7d:f8:69:7b:49:d7:c6:
45:6a:42:81:66:4f:74:34:ac:e1:64:ec:4c:34:83:
71:7c:c1:2e:da:d5:e9:7d:b8:7d:aa:9c:a3:07:ad:
d7:20:09:ba:50:87:26:24:85:6a:a6:c3:7d:74:33:
2b:a7:4c:2c:3a:2d:00:f0:19:2c:fb:52:36:04:86:
0c:0c:7c:49:56:88:ef:c9:8b:a3:e6:f9:d2:40:1f:
61:53:53:7e:13:a1:38:c3:f9:f7:45:bd:80:4d:8d:
d1:15:4b:06:38:35:6b:5c:91:ff:41:45:fd:1f:94:
11:ae:08:74:0b:e5:13:da:e9:e0:7b:f0:13:91:a1:
c1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C6:B1:C5:B1:C3:46:6C:1D:27:07:F7:1E:44:FC:CA:7A:35:50:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2080::/48
Signature Algorithm: sha256WithRSAEncryption
5d:3d:98:a4:f6:d5:88:6e:ec:6b:6c:c4:f9:ae:26:ce:37:79:
23:7d:46:df:bd:1f:84:73:fa:d2:a3:9c:22:12:75:d1:12:8f:
18:21:12:c0:52:92:aa:a4:0a:07:79:22:12:cf:8f:27:87:e7:
a2:8c:bd:13:df:69:d4:57:b8:61:6f:50:0e:c5:c3:44:9b:18:
cb:4d:c5:ee:77:4a:7b:93:26:da:2d:7f:5d:20:09:12:3f:a1:
f1:e5:f7:1c:0f:d9:24:a6:45:ea:ed:44:bf:c7:e5:3e:e3:05:
30:1d:7a:e0:45:51:3e:f2:0f:e7:15:d4:ce:9d:98:a6:3a:26:
7b:79:33:47:3e:66:08:b1:03:91:10:f1:5a:c8:4a:75:6f:e0:
81:a2:56:e1:ee:a0:79:cd:7d:fe:ce:9d:48:91:fb:12:77:ba:
eb:2c:f8:87:29:1c:d4:22:2e:34:a5:3a:38:10:5e:e6:58:e2:
f7:d2:30:ed:b1:d6:28:32:88:be:05:4f:3c:d9:f7:29:07:d2:
85:4f:2f:82:68:52:c8:4f:83:58:a9:9d:36:a9:a9:de:4d:ec:
b3:af:71:07:5e:fe:ab:31:97:13:89:60:7d:07:e8:5f:eb:4e:
d7:b0:9b:aa:23:42:9b:cb:cf:6b:a5:bf:6d:c9:28:34:35:e0:
94:ef:c7:b6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcv5Ph5NDc+pK6Jl2QzqOBH+J89AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUxMjNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyNjBjY2JmMjkwNDc2Zjg5Yzg2ZmU3ODI1Y2I5NDNjZmM1NTIwZjY2MWVl
NTc0ZTM0NDM1ZjA4ODUyZDE1MzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKEUHmY585xSn0NBEoSbr/yapAnECTY7CeK87E3otKRLxvsn9pbpjL5wm/xO
dQwpZ/OSv2MNqB+4iRd0Ukgi6ssm0OvBAiqx1ehB6OOY0ywsRHr6zlXNudF301AH
ePyRjhF2ajOjoCngHjCAEltCUipMiBmxlr/JhNsjI+9TJ6d9+Gl7SdfGRWpCgWZP
dDSs4WTsTDSDcXzBLtrV6X24faqcowet1yAJulCHJiSFaqbDfXQzK6dMLDotAPAZ
LPtSNgSGDAx8SVaI78mLo+b50kAfYVNTfhOhOMP590W9gE2N0RVLBjg1a1yR/0FF
/R+UEa4IdAvlE9rp4HvwE5GhwfMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSjxrHF
scNGbB0nB/ceRPzKejVQkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmI0ZjViMDYtZWJkOS00NjczLThkYjEtOGU3MmRmOTljOTk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
gDANBgkqhkiG9w0BAQsFAAOCAQEAXT2YpPbViG7sa2zE+a4mzjd5I31G370fhHP6
0qOcIhJ10RKPGCESwFKSqqQKB3kiEs+PJ4fnooy9E99p1Fe4YW9QDsXDRJsYy03F
7ndKe5Mm2i1/XSAJEj+h8eX3HA/ZJKZF6u1Ev8flPuMFMB164EVRPvIP5xXUzp2Y
pjome3kzRz5mCLEDkRDxWshKdW/ggaJW4e6gec19/s6dSJH7Ene66yz4hykc1CIu
NKU6OBBe5lji99Iw7bHWKDKIvgVPPNn3KQfShU8vgmhSyE+DWKmdNqmp3k3ss69x
B17+qzGXE4lgfQfoX+tO17CbqiNCm8vPa6W/bckoNDXglO/Htg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:50:34 2025 by rpki-client