Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
File: 99ffa238-9133-4fa5-ad84-49e67d34854a.roa (raw, json)
Hash identifier: /B16PiW9ybeqj9WENGkjW3v7Qt3X3Od8Vwkn6BW7Euw=
Subject key identifier: 0A:71:81:36:1A:56:E7:FB:94:C8:73:91:2A:E6:24:59:7D:EA:69:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F602250BBB0E782932436CF95006D8711C904F7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
Signing time: Tue 20 May 2025 20:30:20 +0000
ROA not before: Tue 20 May 2025 20:30:20 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02a::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:60:22:50:bb:b0:e7:82:93:24:36:cf:95:00:6d:87:11:c9:04:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:30:20 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=11695d50c95a4c5b7e71234fac1865c35c9ec4461b326374d601ab8dcbe1c030, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:06:75:0f:e3:1b:03:e7:bb:e2:9f:66:0b:bd:
3f:e2:54:10:69:53:39:1c:36:6c:77:58:65:7d:71:
79:f2:8a:22:d4:a8:09:0d:2f:4c:50:ac:88:c4:0e:
2d:3a:43:fa:2e:60:2b:c7:ff:55:a2:99:b5:31:3a:
f3:7b:8e:2f:16:cf:79:78:84:e0:e9:de:9c:56:9a:
22:8d:84:c6:3c:67:bb:a3:64:62:55:b4:d0:fe:84:
22:ee:65:76:e6:6f:c5:a0:1d:6f:85:b5:1b:5c:9f:
33:d3:2e:6f:53:27:f5:d3:e5:61:53:cc:dd:32:47:
5a:ef:75:3f:37:5f:fa:d6:e7:bb:e0:d7:75:f5:75:
cd:83:af:82:40:f8:14:30:4d:51:b4:dd:85:c1:10:
0d:96:98:39:ca:4c:b1:5a:00:e9:d6:3c:0b:08:84:
e6:01:14:d1:31:41:20:0a:5a:c8:56:61:42:e8:95:
2b:69:8a:5d:9c:9b:7d:fe:6d:b8:82:3d:47:b2:05:
c0:7b:69:90:8a:75:bf:b3:8c:06:e7:03:40:45:86:
16:e9:15:94:7e:5c:c2:02:d0:66:68:e3:ad:e8:00:
9b:b7:48:27:7c:75:25:49:1c:49:3c:68:e1:8b:44:
51:27:01:c5:c3:a8:14:bf:3f:9c:75:47:74:09:52:
c8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:71:81:36:1A:56:E7:FB:94:C8:73:91:2A:E6:24:59:7D:EA:69:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02a::/36
Signature Algorithm: sha256WithRSAEncryption
4e:82:74:f3:16:33:d9:8c:a8:e2:6b:04:a3:17:0e:a3:77:48:
83:52:48:eb:a3:db:03:f1:15:f9:52:7b:00:6e:a9:01:a8:d8:
03:38:cc:4d:1a:54:98:7f:7e:8b:79:59:72:0d:a5:b3:05:33:
46:64:50:fe:eb:39:fe:61:e1:1b:25:ce:d9:78:b3:03:d9:a6:
97:16:48:ad:61:39:79:ba:06:1f:49:88:b4:5d:8b:35:27:26:
43:27:b0:3d:7f:a4:d1:de:d3:64:91:e1:0d:76:d4:30:0c:ee:
5a:13:b9:5f:22:6d:9e:04:c2:47:f5:98:93:69:a6:3c:58:00:
87:70:a5:cc:bc:94:97:d3:f3:e7:55:1f:97:eb:42:a7:99:31:
09:9e:ce:7f:d6:26:88:47:e7:cc:8a:d3:02:b5:21:4e:71:2b:
79:78:71:59:b9:c0:e3:30:52:71:2e:55:8f:b7:d3:09:00:c7:
24:7e:f9:c4:ca:d2:48:bb:ae:35:e2:8b:18:bf:4c:16:3c:57:
da:4b:0e:0b:83:b9:73:e5:d1:b0:10:79:ee:7d:a8:b9:4f:6a:
de:43:88:91:d8:62:0a:36:02:09:84:96:b2:79:01:49:7a:99:
83:25:5e:5c:7a:ae:b8:71:b5:1f:67:39:69:6c:6d:c3:e6:9e:
53:55:3e:95
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb2AiULuw54KTJDbPlQBthxHJBPcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMwMjBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDExNjk1ZDUwYzk1YTRjNWI3ZTcxMjM0ZmFjMTg2NWMzNWM5ZWM0NDYxYjMy
NjM3NGQ2MDFhYjhkY2JlMWMwMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUGdQ/jGwPnu+KfZgu9P+JUEGlTORw2bHdYZX1xefKKItSoCQ0vTFCsiMQO
LTpD+i5gK8f/VaKZtTE683uOLxbPeXiE4OnenFaaIo2Exjxnu6NkYlW00P6EIu5l
duZvxaAdb4W1G1yfM9Mub1Mn9dPlYVPM3TJHWu91Pzdf+tbnu+DXdfV1zYOvgkD4
FDBNUbTdhcEQDZaYOcpMsVoA6dY8CwiE5gEU0TFBIApayFZhQuiVK2mKXZybff5t
uII9R7IFwHtpkIp1v7OMBucDQEWGFukVlH5cwgLQZmjjregAm7dIJ3x1JUkcSTxo
4YtEUScBxcOoFL8/nHVHdAlSyNECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQKcYE2
Glbn+5TIc5Eq5iRZfeppdTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTlmZmEyMzgtOTEzMy00ZmE1LWFkODQtNDllNjdkMzQ4NTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CoA
MA0GCSqGSIb3DQEBCwUAA4IBAQBOgnTzFjPZjKjiawSjFw6jd0iDUkjro9sD8RX5
UnsAbqkBqNgDOMxNGlSYf36LeVlyDaWzBTNGZFD+6zn+YeEbJc7ZeLMD2aaXFkit
YTl5ugYfSYi0XYs1JyZDJ7A9f6TR3tNkkeENdtQwDO5aE7lfIm2eBMJH9ZiTaaY8
WACHcKXMvJSX0/PnVR+X60KnmTEJns5/1iaIR+fMitMCtSFOcSt5eHFZucDjMFJx
LlWPt9MJAMckfvnEytJIu6414osYv0wWPFfaSw4Lg7lz5dGwEHnufai5T2reQ4iR
2GIKNgIJhJayeQFJepmDJV5ceq64cbUfZzlpbG3D5p5TVT6V
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:14 2025 by rpki-client