Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
File: 6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa (raw, json)
Hash identifier: 7meSnkK8rpNl17nLwro/yf2Yi+W6zmBAqEKaEuMdCuU=
Subject key identifier: B7:83:50:76:BB:94:31:AB:BF:FF:F0:C4:EC:23:50:0A:FC:6C:C9:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2AC06FF196DA8B647EB35F53B8C7EA20726257C4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
Signing time: Tue 20 May 2025 18:40:15 +0000
ROA not before: Tue 20 May 2025 18:40:15 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:c0:6f:f1:96:da:8b:64:7e:b3:5f:53:b8:c7:ea:20:72:62:57:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:40:15 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=901cc2f0eb5293ef197d12080f3b60087ba05f800c858ca6143a492b4a125568, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:68:3b:c4:dd:6b:b4:db:29:b5:b5:da:3f:e0:
ba:73:52:05:f4:9a:39:2c:e9:e5:80:2b:8e:c8:06:
04:89:5e:ed:e1:7d:79:66:c1:6a:75:2c:52:70:21:
e7:a2:a5:95:9a:ab:da:c8:0d:37:3f:25:53:01:e8:
9d:8d:71:82:9f:08:33:ac:18:c7:d6:eb:18:68:e5:
55:8e:3b:83:6a:ff:ca:c6:46:2e:15:b0:ff:0a:9c:
37:4c:44:02:fa:1b:65:8c:68:0c:d7:6e:f3:36:41:
8c:cc:3c:43:e1:87:4d:f5:83:d0:0a:20:0c:ee:95:
ef:bb:de:5c:64:4d:e8:9c:e0:54:86:86:bd:8a:4b:
c1:0a:75:3e:ed:78:cf:97:14:df:e0:ca:42:e3:01:
55:cc:76:d5:b3:8e:5c:be:ca:81:6b:b1:13:7e:3c:
ff:77:67:75:82:05:d8:54:fe:fd:66:4a:12:53:2f:
0a:bb:c2:2f:26:fa:26:1e:b9:eb:e6:9b:7e:d4:dd:
01:69:90:6e:e2:2c:c2:32:ee:51:8e:76:1f:43:ec:
4d:82:c0:09:47:80:1d:cd:9a:43:29:ba:62:e0:ce:
03:d7:6c:38:36:0b:c8:f0:36:1c:d3:07:f6:59:11:
7c:79:72:b1:e0:cc:c0:d9:d3:3c:8e:a0:40:6a:f3:
ed:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:83:50:76:BB:94:31:AB:BF:FF:F0:C4:EC:23:50:0A:FC:6C:C9:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4040::/48
Signature Algorithm: sha256WithRSAEncryption
6a:9c:79:e6:94:4b:b5:f8:77:19:4e:63:f1:74:84:ac:b6:06:
63:ac:11:86:1e:ad:90:97:9b:5b:2c:0d:9f:b6:ea:36:3a:a7:
26:44:e7:b3:da:b6:dd:5f:9c:6e:c7:a0:4e:ac:da:9a:b0:1e:
b3:9f:1a:95:00:3d:52:e8:77:e8:df:6d:8a:d6:46:df:0e:25:
bf:ee:2a:49:90:e9:f1:b8:ca:70:da:02:5e:52:54:d3:82:53:
a9:a1:38:62:aa:66:2d:8e:86:c5:33:1f:80:b0:76:ba:6b:c3:
0a:d4:b9:64:72:56:0b:51:cf:e5:cb:0e:55:c1:b5:ef:6e:51:
eb:49:31:61:b0:3b:f2:9d:79:cd:a0:3e:15:dd:e2:4d:18:c4:
00:93:f2:3e:b2:93:ec:f3:d2:a6:f1:c8:6f:88:20:b8:8a:91:
66:0c:92:90:2c:4d:23:24:4b:22:17:95:61:d5:f0:3c:2b:a2:
4f:e2:f9:f4:bc:92:4a:ac:c1:75:de:69:e3:10:62:f9:7d:0a:
91:fc:9c:95:75:e6:8b:c0:6a:d7:64:da:09:9c:a4:7e:da:c0:
e9:e9:de:a1:d1:0a:b4:bc:73:f2:23:c8:62:ce:9b:ee:49:c6:
2c:e1:8c:6c:12:ef:99:e1:11:10:53:9e:57:2e:f6:37:f5:ce:
0e:28:a6:4b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKsBv8Zbai2R+s19TuMfqIHJiV8QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQwMTVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwMWNjMmYwZWI1MjkzZWYxOTdkMTIwODBmM2I2MDA4N2JhMDVmODAwYzg1
OGNhNjE0M2E0OTJiNGExMjU1NjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhoO8Tda7TbKbW12j/gunNSBfSaOSzp5YArjsgGBIle7eF9eWbBanUsUnAh
56KllZqr2sgNNz8lUwHonY1xgp8IM6wYx9brGGjlVY47g2r/ysZGLhWw/wqcN0xE
AvobZYxoDNdu8zZBjMw8Q+GHTfWD0AogDO6V77veXGRN6JzgVIaGvYpLwQp1Pu14
z5cU3+DKQuMBVcx21bOOXL7KgWuxE348/3dndYIF2FT+/WZKElMvCrvCLyb6Jh65
6+abftTdAWmQbuIswjLuUY52H0PsTYLACUeAHc2aQym6YuDOA9dsODYLyPA2HNMH
9lkRfHlyseDMwNnTPI6gQGrz7YMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS3g1B2
u5Qxq7//8MTsI1AK/GzJgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU0ZDk4OTAtYjRmNC00YjllLWE3MzQtYjYzZjUxNTM2MGUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
QDANBgkqhkiG9w0BAQsFAAOCAQEAapx55pRLtfh3GU5j8XSErLYGY6wRhh6tkJeb
WywNn7bqNjqnJkTns9q23V+cbsegTqzamrAes58alQA9Uuh36N9titZG3w4lv+4q
SZDp8bjKcNoCXlJU04JTqaE4YqpmLY6GxTMfgLB2umvDCtS5ZHJWC1HP5csOVcG1
725R60kxYbA78p15zaA+Fd3iTRjEAJPyPrKT7PPSpvHIb4gguIqRZgySkCxNIyRL
IheVYdXwPCuiT+L59LySSqzBdd5p4xBi+X0KkfyclXXmi8Bq12TaCZykftrA6ene
odEKtLxz8iPIYs6b7knGLOGMbBLvmeEREFOeVy72N/XODiimSw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:21 2025 by rpki-client