Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
File: 6bd3f603-c189-489c-bdf5-631b47b2cd39.roa (raw, json)
Hash identifier: wDIpoiLsWyhnsvTHEgOnL12IL22fMQ82S/23tFpuWDo=
Subject key identifier: 5C:79:68:09:E9:81:82:78:27:DE:B9:F3:4C:02:5E:80:F3:A4:9C:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55840D6FB60DA21E3050BCB8430A12DA608308BB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
Signing time: Tue 20 May 2025 18:20:09 +0000
ROA not before: Tue 20 May 2025 18:20:09 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:84:0d:6f:b6:0d:a2:1e:30:50:bc:b8:43:0a:12:da:60:83:08:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:20:09 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=dfa630e56933c0d9f172b858677af55927b2bc2d74832ccc0fd033f51e7acac9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:83:27:7b:7f:7a:2e:0b:48:56:77:e0:f4:e4:
b2:d6:44:0b:42:cc:1d:ee:e4:33:06:e9:69:d7:73:
71:da:bb:a5:aa:9e:e0:b4:89:ac:39:e1:0e:38:47:
52:7b:c4:86:56:1a:17:9b:96:7b:7a:7b:75:31:44:
8b:f8:3b:7d:97:a0:1c:18:83:86:ac:a5:82:96:92:
8a:4e:9a:c7:37:bd:ba:93:bf:0e:24:34:2c:48:e3:
62:0f:1b:bb:a6:3c:fb:e4:d5:ad:2b:df:33:1d:3c:
ec:a8:84:cc:ff:c5:35:40:97:38:fd:ac:0e:7a:04:
ef:fd:bc:35:11:45:b4:25:4c:18:c7:4a:67:b6:7f:
46:84:72:ff:47:60:72:19:39:0a:b2:1a:bc:c7:58:
75:4c:a9:e1:9a:dc:7f:bf:c6:af:d3:af:87:19:ed:
d6:d6:ac:35:e1:74:65:63:3e:51:3e:1e:f7:9c:ed:
4c:43:fe:d8:dc:29:33:30:93:a2:e5:54:b7:61:65:
8f:95:7f:8d:cd:39:21:e8:65:07:14:bf:e6:2d:f5:
4a:42:a5:35:26:52:c7:3e:a9:dc:2d:5e:14:e0:af:
6b:df:af:c3:21:2a:fc:83:06:d8:f0:e8:d3:6e:cf:
52:6c:d5:09:65:1d:94:79:eb:37:46:5d:0a:b1:cf:
49:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:79:68:09:E9:81:82:78:27:DE:B9:F3:4C:02:5E:80:F3:A4:9C:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
33:e2:80:f1:fc:92:70:63:24:72:7d:44:c7:10:0e:7c:76:54:
63:fe:d0:10:5c:20:80:f0:a5:a8:3d:32:6f:05:2a:28:2f:df:
68:85:82:1c:41:e6:09:6c:5e:d9:43:4a:17:20:b4:0c:c5:76:
72:35:6c:d7:38:60:ad:57:55:b7:2f:e4:b1:3a:75:5c:d2:27:
79:7e:dd:7c:85:09:94:07:45:6d:47:64:81:b7:76:1d:80:dd:
82:c6:ce:c1:74:01:f7:a9:9f:09:4e:83:56:44:f4:a7:d4:af:
dd:17:63:52:a8:25:03:c6:fd:06:9d:a9:47:d5:b5:ff:00:67:
07:bd:83:9e:66:2c:01:65:a9:11:94:21:c4:7f:78:b6:13:80:
6b:6f:1b:81:a9:1b:ae:6f:b4:9e:ac:6e:43:b2:42:a6:f2:da:
4b:3b:b4:6a:79:ff:5e:ff:49:46:89:6d:eb:de:f0:68:79:96:
c2:a9:cb:2a:8e:d4:d3:0c:a3:ae:33:b5:9a:4e:c4:e9:7c:17:
c0:e6:50:84:79:4c:56:96:85:7e:81:53:d9:07:a0:96:4a:53:
da:6b:65:a3:12:08:6f:ce:b4:6c:44:d7:51:ce:c3:80:b5:65:
ba:47:47:aa:84:74:11:6e:d5:0c:e5:7d:3b:a7:d5:87:9c:cf:
38:41:9e:ea
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVYQNb7YNoh4wULy4QwoS2mCDCLswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIwMDlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmYTYzMGU1NjkzM2MwZDlmMTcyYjg1ODY3N2FmNTU5MjdiMmJjMmQ3NDgz
MmNjYzBmZDAzM2Y1MWU3YWNhYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO2DJ3t/ei4LSFZ34PTkstZEC0LMHe7kMwbpaddzcdq7paqe4LSJrDnhDjhH
UnvEhlYaF5uWe3p7dTFEi/g7fZegHBiDhqylgpaSik6axze9upO/DiQ0LEjjYg8b
u6Y8++TVrSvfMx087KiEzP/FNUCXOP2sDnoE7/28NRFFtCVMGMdKZ7Z/RoRy/0dg
chk5CrIavMdYdUyp4Zrcf7/Gr9Ovhxnt1tasNeF0ZWM+UT4e95ztTEP+2NwpMzCT
ouVUt2Flj5V/jc05IehlBxS/5i31SkKlNSZSxz6p3C1eFOCva9+vwyEq/IMG2PDo
027PUmzVCWUdlHnrN0ZdCrHPSY8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRceWgJ
6YGCeCfeufNMAl6A86ScXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmJkM2Y2MDMtYzE4OS00ODljLWJkZjUtNjMxYjQ3YjJjZDM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
wDANBgkqhkiG9w0BAQsFAAOCAQEAM+KA8fyScGMkcn1ExxAOfHZUY/7QEFwggPCl
qD0ybwUqKC/faIWCHEHmCWxe2UNKFyC0DMV2cjVs1zhgrVdVty/ksTp1XNIneX7d
fIUJlAdFbUdkgbd2HYDdgsbOwXQB96mfCU6DVkT0p9Sv3RdjUqglA8b9Bp2pR9W1
/wBnB72DnmYsAWWpEZQhxH94thOAa28bgakbrm+0nqxuQ7JCpvLaSzu0ann/Xv9J
Rolt697waHmWwqnLKo7U0wyjrjO1mk7E6XwXwOZQhHlMVpaFfoFT2QeglkpT2mtl
oxIIb860bETXUc7DgLVlukdHqoR0EW7VDOV9O6fVh5zPOEGe6g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:46 2025 by rpki-client