Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6fbb7303-c6a4-43da-bcdb-d26ab78c366e.roa
File: 6fbb7303-c6a4-43da-bcdb-d26ab78c366e.roa (raw, json)
Hash identifier: 27VYBNyLe5HfJ6ds9pbgvZdrcgDuXJSHIMfHIPbwexA=
Subject key identifier: B0:DF:61:B6:7C:E2:A9:A9:B5:F5:AC:43:FF:8D:8C:6F:AD:5D:66:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07981AFD20E65507CDB9C63BB76150936D17B287
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6fbb7303-c6a4-43da-bcdb-d26ab78c366e.roa
Signing time: Tue 20 May 2025 19:21:26 +0000
ROA not before: Tue 20 May 2025 19:21:26 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:98:1a:fd:20:e6:55:07:cd:b9:c6:3b:b7:61:50:93:6d:17:b2:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:21:26 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=dd18f482880a5136c7d3667f99858f88c5be499742b92fe301a857a1e91ab1e8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:89:69:1f:c0:b2:8c:1e:20:19:31:46:bf:9b:
fd:2d:85:e9:f6:49:e2:6f:54:ff:aa:5d:9b:11:d3:
11:93:b1:17:fa:a6:22:98:a9:b5:6a:b3:09:77:55:
cf:76:e6:d8:e1:37:99:7f:fc:7a:4d:9a:75:f8:93:
2f:a5:d9:ef:0c:c3:98:24:58:b7:aa:95:8f:a9:e7:
88:30:50:10:90:75:e0:34:1c:f8:23:02:c7:f6:e7:
8a:65:99:8f:30:6a:f4:0b:c0:df:50:63:e8:ff:b2:
94:df:68:0b:a8:30:f3:2b:aa:44:a8:dd:58:00:ca:
d5:59:40:29:c1:15:00:d2:db:1b:86:b9:b0:4c:d5:
b5:1f:53:10:11:7d:0d:f9:d6:b2:d1:aa:86:10:b3:
83:37:55:6c:39:fc:fd:59:f4:44:12:c9:b0:8f:62:
25:72:34:a5:7d:f0:f9:41:24:ab:3b:27:9b:b2:54:
9a:58:92:1e:9d:94:52:e8:fc:c2:eb:79:73:16:77:
d4:63:e0:23:59:87:7e:fd:61:69:c0:f8:71:bb:0a:
b4:46:13:7b:81:52:3a:0c:47:f5:51:e4:8e:c6:06:
35:ea:19:a5:32:fe:0c:70:30:e0:7e:22:28:23:ba:
b1:6e:2d:c3:3d:a2:51:6f:89:71:ca:da:f2:2a:f5:
86:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:DF:61:B6:7C:E2:A9:A9:B5:F5:AC:43:FF:8D:8C:6F:AD:5D:66:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6fbb7303-c6a4-43da-bcdb-d26ab78c366e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2040::/48
Signature Algorithm: sha256WithRSAEncryption
4c:13:84:c5:8b:d6:9e:96:0a:f4:3a:90:0b:e2:1a:be:35:81:
72:9b:cc:ab:dd:46:08:1c:15:fc:11:cf:ff:ce:28:bb:1f:8a:
fc:78:9f:7e:3c:3a:d2:48:e7:30:b1:35:7f:d1:cb:42:b8:2d:
35:b8:02:ef:21:77:32:5a:a9:da:2c:53:91:4a:24:88:b7:92:
2f:eb:ff:1c:2a:68:77:09:04:d5:d0:e3:a8:25:07:3a:77:3f:
38:cd:40:bd:5c:a1:16:2c:f6:36:42:7c:c8:f1:80:6f:9c:58:
e3:fa:cc:1d:8a:7a:1d:25:ec:6b:43:e4:9d:d7:a5:18:d4:06:
f2:92:bc:d7:03:cd:f1:80:bf:ae:b0:29:5e:9f:2e:a0:4c:91:
2a:49:37:2d:81:92:eb:d7:f8:1c:cf:fd:04:09:c2:13:56:25:
4c:20:5d:72:08:00:3c:60:07:3c:e7:c1:a6:a4:59:af:30:66:
e7:02:10:29:b7:fc:c8:57:25:90:8b:b8:aa:f3:c7:29:e2:54:
5c:e6:b0:f2:db:d6:28:2c:cf:5d:f6:b2:7b:4f:ce:6b:03:f5:
d0:44:7b:4b:48:82:31:d5:27:f9:12:f7:9d:e7:aa:cf:44:3a:
e0:10:2a:b2:6b:10:c1:53:a4:d9:f9:41:f1:e2:2f:22:08:70:
91:a1:13:e9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUB5ga/SDmVQfNucY7t2FQk20XsocwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIxMjZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkMThmNDgyODgwYTUxMzZjN2QzNjY3Zjk5ODU4Zjg4YzViZTQ5OTc0MmI5
MmZlMzAxYTg1N2ExZTkxYWIxZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6JaR/AsoweIBkxRr+b/S2F6fZJ4m9U/6pdmxHTEZOxF/qmIpiptWqzCXdV
z3bm2OE3mX/8ek2adfiTL6XZ7wzDmCRYt6qVj6nniDBQEJB14DQc+CMCx/bnimWZ
jzBq9AvA31Bj6P+ylN9oC6gw8yuqRKjdWADK1VlAKcEVANLbG4a5sEzVtR9TEBF9
DfnWstGqhhCzgzdVbDn8/Vn0RBLJsI9iJXI0pX3w+UEkqzsnm7JUmliSHp2UUuj8
wut5cxZ31GPgI1mHfv1hacD4cbsKtEYTe4FSOgxH9VHkjsYGNeoZpTL+DHAw4H4i
KCO6sW4twz2iUW+Jccra8ir1hmsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSw32G2
fOKpqbX1rEP/jYxvrV1mAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmZiYjczMDMtYzZhNC00M2RhLWJjZGItZDI2YWI3OGMzNjZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
QDANBgkqhkiG9w0BAQsFAAOCAQEATBOExYvWnpYK9DqQC+IavjWBcpvMq91GCBwV
/BHP/84oux+K/Hiffjw60kjnMLE1f9HLQrgtNbgC7yF3Mlqp2ixTkUokiLeSL+v/
HCpodwkE1dDjqCUHOnc/OM1AvVyhFiz2NkJ8yPGAb5xY4/rMHYp6HSXsa0Pkndel
GNQG8pK81wPN8YC/rrApXp8uoEyRKkk3LYGS69f4HM/9BAnCE1YlTCBdcggAPGAH
POfBpqRZrzBm5wIQKbf8yFclkIu4qvPHKeJUXOaw8tvWKCzPXfaye0/OawP10ER7
S0iCMdUn+RL3neeqz0Q64BAqsmsQwVOk2flB8eIvIghwkaET6Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:36 2025 by rpki-client