Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
File: 6e236a15-c957-4409-8a2a-3a19150d1b43.roa (raw, json)
Hash identifier: xKwuvfiruqUurikalikq4hQpJdBHayI8KDvdzzZR46I=
Subject key identifier: 38:D1:86:18:A3:85:9E:D3:64:13:F7:6F:FE:D5:A7:CE:62:C4:8E:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52FA3D1BF089AD7E7B5B0A372DEA4979C0537820
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
Signing time: Fri 06 Jun 2025 15:10:12 +0000
ROA not before: Fri 06 Jun 2025 15:10:12 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:fa:3d:1b:f0:89:ad:7e:7b:5b:0a:37:2d:ea:49:79:c0:53:78:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:12 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=7cacd095b8b0dcad048c6872ef6d4594229a8a7a4522bfb46eacfd9d4c7e9a59, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:37:73:14:db:bb:bb:cb:13:c1:c4:5e:6f:d8:
db:33:6e:35:95:3d:4b:3f:c8:89:2f:ac:de:e7:a6:
f3:08:39:8d:b1:5b:bb:d1:bb:25:fd:6e:a3:93:8b:
07:66:af:44:94:62:ef:77:08:6e:0c:a2:1a:7f:d8:
41:cb:29:ec:b3:27:44:63:3f:b3:c6:3b:cc:e4:82:
d2:7b:33:7a:d1:f3:b5:61:33:32:a2:87:f9:c8:60:
d5:55:cc:f0:ce:9a:e3:39:b2:9e:e8:92:97:2d:57:
18:88:db:db:dd:4d:8c:b8:9b:b9:ca:cf:9a:df:52:
5c:94:c0:be:b4:16:70:e1:57:2d:fb:78:24:5a:84:
bf:2b:af:14:9f:ce:88:6e:71:31:16:34:13:fa:52:
fd:2a:45:57:5b:ff:c7:da:d3:c4:83:68:a9:94:a8:
13:16:c8:0e:56:cd:7e:ba:2c:76:bc:21:3b:d7:92:
d0:cd:a7:d5:f4:66:6f:d3:e1:51:0d:0f:3d:b4:36:
16:a8:c2:18:79:8d:56:fa:47:c5:c5:55:cb:c6:e2:
12:68:df:95:b8:a8:d0:76:7e:0b:89:03:55:ec:ae:
bd:a8:42:33:f6:13:87:54:d4:44:f7:fb:9f:5f:f6:
e4:42:c8:fe:d4:ed:cd:d6:be:7b:f3:fc:41:49:18:
60:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D1:86:18:A3:85:9E:D3:64:13:F7:6F:FE:D5:A7:CE:62:C4:8E:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:9000::/40
Signature Algorithm: sha256WithRSAEncryption
61:a2:27:3f:08:9c:46:20:91:4a:8e:6a:bd:41:05:b4:94:71:
a7:75:39:c1:b4:14:b5:cd:64:87:71:21:c6:e7:b2:4d:cb:e9:
fc:c9:bd:e6:8d:e6:4e:70:6e:29:2c:24:64:f7:7a:cc:1b:28:
20:f2:4a:a4:45:64:08:11:dc:f8:1e:e1:28:4e:62:e6:d6:b1:
12:35:41:3e:a8:79:d4:32:33:1f:eb:3e:69:c3:63:07:0b:49:
03:a8:cb:a4:00:36:76:9e:97:30:b6:4f:96:49:72:80:eb:ce:
86:d6:38:df:ae:5e:80:f9:a1:b5:c4:ef:26:0e:ef:99:d8:21:
42:2d:97:41:16:8a:09:ac:1c:7e:5f:a7:0a:17:af:e8:7f:46:
0d:d3:c3:bc:29:71:a1:4a:4e:95:3f:f7:b9:13:a7:92:2c:be:
96:ce:e3:70:6b:20:a2:30:c4:33:a9:77:40:60:e8:80:9c:b7:
ed:58:61:e7:d8:88:e9:c5:da:31:82:84:de:43:60:b2:24:9d:
d0:09:9f:f6:71:d4:70:11:9f:52:2d:49:f7:a4:6b:03:c7:f1:
36:65:45:1b:9e:c0:2b:29:8a:93:cc:8b:d5:0e:6a:6c:fc:7a:
72:d3:be:4a:a8:8f:f4:2d:d3:1e:ab:8a:f7:99:c8:fb:47:25:
46:14:0d:80
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUvo9G/CJrX57Wwo3LepJecBTeCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwMTJaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjYWNkMDk1YjhiMGRjYWQwNDhjNjg3MmVmNmQ0NTk0MjI5YThhN2E0NTIy
YmZiNDZlYWNmZDlkNGM3ZTlhNTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKY3cxTbu7vLE8HEXm/Y2zNuNZU9Sz/IiS+s3uem8wg5jbFbu9G7Jf1uo5OL
B2avRJRi73cIbgyiGn/YQcsp7LMnRGM/s8Y7zOSC0nszetHztWEzMqKH+chg1VXM
8M6a4zmynuiSly1XGIjb291NjLibucrPmt9SXJTAvrQWcOFXLft4JFqEvyuvFJ/O
iG5xMRY0E/pS/SpFV1v/x9rTxINoqZSoExbIDlbNfrosdrwhO9eS0M2n1fRmb9Ph
UQ0PPbQ2FqjCGHmNVvpHxcVVy8biEmjflbio0HZ+C4kDVeyuvahCM/YTh1TURPf7
n1/25ELI/tTtzda+e/P8QUkYYC8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ40YYY
o4We02QT92/+1afOYsSObzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmUyMzZhMTUtYzk1Ny00NDA5LThhMmEtM2ExOTE1MGQxYjQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBhoic/CJxGIJFKjmq9QQW0lHGndTnBtBS1zWSH
cSHG57JNy+n8yb3mjeZOcG4pLCRk93rMGygg8kqkRWQIEdz4HuEoTmLm1rESNUE+
qHnUMjMf6z5pw2MHC0kDqMukADZ2npcwtk+WSXKA686G1jjfrl6A+aG1xO8mDu+Z
2CFCLZdBFooJrBx+X6cKF6/of0YN08O8KXGhSk6VP/e5E6eSLL6WzuNwayCiMMQz
qXdAYOiAnLftWGHn2IjpxdoxgoTeQ2CyJJ3QCZ/2cdRwEZ9SLUn3pGsDx/E2ZUUb
nsArKYqTzIvVDmps/Hpy075KqI/0LdMeq4r3mcj7RyVGFA2A
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:42 2025 by rpki-client