Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
File: 9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa (raw, json)
Hash identifier: trWQj7lBw+xEBDpqvBlXgYTol0bhmrykFXRJ+UDyGqc=
Subject key identifier: 6C:84:2A:4B:66:2A:18:4D:91:05:ED:6B:B7:3A:95:30:B9:84:8D:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E6A36B022D4AAE7DA6113B85A23316D5D6E7006
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
Signing time: Tue 20 May 2025 19:10:18 +0000
ROA not before: Tue 20 May 2025 19:10:18 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:6a:36:b0:22:d4:aa:e7:da:61:13:b8:5a:23:31:6d:5d:6e:70:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:10:18 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=fddb9b1f7ba179c684bc0ce479027c3023245265ff99858b19db4ff15d8d4ede, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:15:3d:eb:3f:d1:4e:7a:66:d1:e3:97:41:bb:
e1:38:4b:b6:af:51:77:91:de:9d:21:30:64:97:16:
03:c8:0f:95:b1:c6:f6:69:1e:60:3d:d4:19:41:48:
ca:7f:b4:9e:56:e9:53:f3:0c:fe:7d:93:ee:b7:32:
2e:94:9a:db:f6:db:45:c0:ab:4e:70:80:9d:3b:b8:
88:6c:1f:a9:56:99:41:a8:b5:68:55:f1:42:db:18:
e6:84:4f:71:46:df:e9:5b:ac:58:d8:f1:b5:98:63:
ea:af:09:d7:31:43:43:1a:65:44:ce:ce:db:4c:c0:
de:c6:46:ea:36:14:10:cc:dc:d1:f6:96:55:af:cc:
8d:ee:04:30:60:5d:b5:00:00:db:5e:22:e0:dd:5b:
7a:b3:19:1c:76:90:65:29:1f:7b:68:d5:82:51:cb:
0f:44:75:23:72:10:ec:93:45:e2:e5:2e:1b:9c:c6:
d7:c0:78:0f:0d:e9:99:62:73:96:70:e9:ca:33:65:
07:2d:98:6c:12:a6:aa:d0:e1:11:cf:dd:1c:b7:92:
8d:c0:12:4b:db:19:98:f9:48:e0:34:26:41:43:49:
88:18:57:8d:10:b0:dc:cd:c6:5b:56:6f:43:44:ca:
db:6c:1d:b1:d2:80:0c:65:a2:d0:fe:70:a9:84:5e:
c5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:84:2A:4B:66:2A:18:4D:91:05:ED:6B:B7:3A:95:30:B9:84:8D:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a000::/40
Signature Algorithm: sha256WithRSAEncryption
01:09:cc:be:c4:e6:85:bb:df:38:96:62:74:f5:c2:9b:cb:67:
0e:4b:5b:bb:c9:37:a9:52:3d:7b:7c:5c:d5:8a:91:e5:15:b5:
de:15:e6:d3:4e:3e:62:f6:cb:38:e6:19:d4:48:f0:32:79:6c:
65:b3:8b:43:a2:f1:65:a2:4f:34:1a:97:84:60:42:b0:dd:42:
67:4a:54:12:d0:0a:74:75:7d:63:ce:6e:fb:c3:d4:2d:6f:ad:
fa:72:97:68:98:71:7a:32:50:e3:06:2d:95:2d:f1:c3:eb:5f:
cf:97:7d:3b:b1:b5:57:33:eb:bb:e1:ab:bc:c7:86:c4:bf:68:
e9:53:b7:c1:34:c8:67:4c:d7:00:37:40:cc:b5:44:c7:f6:f4:
4c:d0:3c:ff:7c:8f:e9:d4:f9:b9:36:0a:50:7e:ff:58:ab:f6:
07:9b:b3:65:aa:57:bd:e6:bd:b4:55:1f:d5:54:c2:56:d2:1a:
40:4f:e9:0d:e4:bc:b2:7b:41:ae:42:0f:3c:99:d4:af:e0:88:
20:ff:48:0c:93:f7:5c:a3:42:ce:00:86:4e:51:a8:30:06:c7:
e9:f1:45:19:08:3f:c5:63:06:f5:76:89:84:36:66:27:c3:bb:
97:31:0f:8a:27:6c:24:aa:f5:75:dd:43:df:b9:72:05:95:db:
fc:76:76:76
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbmo2sCLUqufaYRO4WiMxbV1ucAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTEwMThaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkZGI5YjFmN2JhMTc5YzY4NGJjMGNlNDc5MDI3YzMwMjMyNDUyNjVmZjk5
ODU4YjE5ZGI0ZmYxNWQ4ZDRlZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAVPes/0U56ZtHjl0G74ThLtq9Rd5HenSEwZJcWA8gPlbHG9mkeYD3UGUFI
yn+0nlbpU/MM/n2T7rcyLpSa2/bbRcCrTnCAnTu4iGwfqVaZQai1aFXxQtsY5oRP
cUbf6VusWNjxtZhj6q8J1zFDQxplRM7O20zA3sZG6jYUEMzc0faWVa/Mje4EMGBd
tQAA214i4N1berMZHHaQZSkfe2jVglHLD0R1I3IQ7JNF4uUuG5zG18B4Dw3pmWJz
lnDpyjNlBy2YbBKmqtDhEc/dHLeSjcASS9sZmPlI4DQmQUNJiBhXjRCw3M3GW1Zv
Q0TK22wdsdKADGWi0P5wqYRexSsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRshCpL
ZioYTZEF7Wu3OpUwuYSNtDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZkOTg3ZmEtMzBlOC00MGJjLTg5YzItZDg5NzA1ZDVmYjgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACg
MA0GCSqGSIb3DQEBCwUAA4IBAQABCcy+xOaFu984lmJ09cKby2cOS1u7yTepUj17
fFzVipHlFbXeFebTTj5i9ss45hnUSPAyeWxls4tDovFlok80GpeEYEKw3UJnSlQS
0Ap0dX1jzm77w9Qtb636cpdomHF6MlDjBi2VLfHD61/Pl307sbVXM+u74au8x4bE
v2jpU7fBNMhnTNcAN0DMtUTH9vRM0Dz/fI/p1Pm5NgpQfv9Yq/YHm7Nlqle95r20
VR/VVMJW0hpAT+kN5Lyye0GuQg88mdSv4Igg/0gMk/dco0LOAIZOUagwBsfp8UUZ
CD/FYwb1domENmYnw7uXMQ+KJ2wkqvV13UPfuXIFldv8dnZ2
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:13 2025 by rpki-client