Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
File: 74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa (raw, json)
Hash identifier: 6w4zlpSQvN1Y37Sf+Sig69bglUSFmQ8e3AYoy1bNQq0=
Subject key identifier: 6C:3C:F4:0A:35:F8:9D:D2:D1:91:48:73:09:C3:36:8C:0D:BB:A4:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6855FC6E87214B6D4CF845162B44BEB1E14DBB58
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
Signing time: Tue 10 Jun 2025 17:20:18 +0000
ROA not before: Tue 10 Jun 2025 17:20:18 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:55:fc:6e:87:21:4b:6d:4c:f8:45:16:2b:44:be:b1:e1:4d:bb:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:18 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=78e08d46d68913737e15f94bd6bee8f49584b67c37e8e748bc349226e7ab02f6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:24:4d:24:55:e8:2f:01:ef:b1:ae:40:6f:9a:
4d:10:2c:8d:92:35:ce:bf:09:14:21:89:c8:c3:41:
25:c0:a5:6b:79:c2:83:78:96:f8:b3:cc:2b:8e:11:
f5:95:27:ab:4f:69:24:5a:39:cb:37:ec:9c:3c:f6:
41:5c:79:c9:aa:6e:ad:73:5d:e4:b3:db:4f:c3:da:
80:59:cc:0e:a8:c0:4d:be:76:96:23:d1:b8:a0:6c:
65:21:6b:94:e6:1b:2d:7b:ec:42:31:a8:f2:18:9e:
31:c6:1c:94:8c:62:1e:63:3d:4c:27:0f:73:40:76:
4a:06:a0:aa:c9:ad:63:3a:df:2a:e2:da:26:44:71:
d3:6e:bf:92:1d:38:b6:ce:9c:5f:c8:74:ea:90:53:
7b:03:ea:05:07:59:45:5c:94:59:bd:5e:13:b7:68:
4d:b1:11:92:44:78:0e:32:83:01:cb:e4:bd:7b:94:
d1:98:a6:1a:65:a0:97:f3:3a:6f:b2:66:27:e5:a8:
a6:2f:88:e7:8f:01:a0:74:08:60:55:5f:e5:7c:fa:
7a:f1:07:e5:7b:2a:df:5d:d1:db:27:85:2c:59:f4:
0f:33:6e:82:5c:1d:d0:e3:ab:9f:12:a7:43:55:82:
98:65:1e:5b:12:9a:85:25:00:3f:83:1d:a0:69:27:
23:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:3C:F4:0A:35:F8:9D:D2:D1:91:48:73:09:C3:36:8C:0D:BB:A4:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:880::/48
Signature Algorithm: sha256WithRSAEncryption
a3:cc:d6:9a:c4:fa:3e:d5:eb:80:4d:a3:28:c6:15:41:61:0c:
b3:4f:ba:63:71:2f:a1:d5:f0:b8:17:af:de:c9:78:50:15:27:
0b:1f:0a:af:5a:28:50:0a:10:2d:14:85:f1:d6:b1:ca:c7:84:
71:72:15:ea:03:71:a5:6b:b3:17:cd:9c:cb:7c:ce:86:35:8a:
f5:dc:3f:93:b9:4d:9f:b3:4a:25:81:e6:35:15:0e:28:9c:d4:
55:6b:4f:cb:7a:5a:0a:63:97:40:7e:15:58:cf:f4:f5:7c:08:
67:9e:5b:c9:d9:28:51:3b:00:4a:22:c8:ef:68:dd:29:49:7b:
25:9c:d2:b2:5b:91:f5:ea:a6:d2:fe:10:63:83:80:86:7b:79:
d3:e4:29:5b:61:07:b9:fe:99:5c:3e:d6:3c:69:1f:7c:cf:a8:
79:af:ed:5e:e6:71:2d:0d:0a:9a:c7:34:70:0d:80:01:2f:b0:
b4:e6:d8:f7:59:6a:67:59:d5:00:91:63:b4:96:c0:45:c4:7e:
d4:b6:e0:47:e1:ee:16:a2:0f:2f:1a:57:e5:06:d3:77:35:b3:
2c:58:15:27:bc:08:a9:2c:99:cc:4d:a8:29:eb:05:6e:bb:8d:
f5:7e:37:f7:ae:c2:b7:b5:c9:44:af:22:04:29:a3:16:c6:4f:
7c:55:42:c1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaFX8bochS21M+EUWK0S+seFNu1gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwMThaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4ZTA4ZDQ2ZDY4OTEzNzM3ZTE1Zjk0YmQ2YmVlOGY0OTU4NGI2N2MzN2U4
ZTc0OGJjMzQ5MjI2ZTdhYjAyZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkkTSRV6C8B77GuQG+aTRAsjZI1zr8JFCGJyMNBJcCla3nCg3iW+LPMK44R
9ZUnq09pJFo5yzfsnDz2QVx5yapurXNd5LPbT8PagFnMDqjATb52liPRuKBsZSFr
lOYbLXvsQjGo8hieMcYclIxiHmM9TCcPc0B2SgagqsmtYzrfKuLaJkRx026/kh04
ts6cX8h06pBTewPqBQdZRVyUWb1eE7doTbERkkR4DjKDAcvkvXuU0ZimGmWgl/M6
b7JmJ+Wopi+I548BoHQIYFVf5Xz6evEH5Xsq313R2yeFLFn0DzNuglwd0OOrnxKn
Q1WCmGUeWxKahSUAP4MdoGknI+sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRsPPQK
Nfid0tGRSHMJwzaMDbuk1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzRmNDFjYzktYmEwZS00NmQ5LWE3NzQtNDVmNmEwMzBhM2Y0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DgI
gDANBgkqhkiG9w0BAQsFAAOCAQEAo8zWmsT6PtXrgE2jKMYVQWEMs0+6Y3EvodXw
uBev3sl4UBUnCx8Kr1ooUAoQLRSF8daxyseEcXIV6gNxpWuzF82cy3zOhjWK9dw/
k7lNn7NKJYHmNRUOKJzUVWtPy3paCmOXQH4VWM/09XwIZ55bydkoUTsASiLI72jd
KUl7JZzSsluR9eqm0v4QY4OAhnt50+QpW2EHuf6ZXD7WPGkffM+oea/tXuZxLQ0K
msc0cA2AAS+wtObY91lqZ1nVAJFjtJbARcR+1LbgR+HuFqIPLxpX5QbTdzWzLFgV
J7wIqSyZzE2oKesFbruN9X43967Ct7XJRK8iBCmjFsZPfFVCwQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:39 2025 by rpki-client