Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
File: a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa (raw, json)
Hash identifier: NIykWy9GJ9Hw3LiD+BmXbEAsi9gc/fIhsCYJppt7aJk=
Subject key identifier: DB:74:C6:FA:8E:78:15:20:23:4A:AB:4E:FA:AB:79:DB:4A:EB:69:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 31062DB60070D8E2351314026AAEEB4BC4FB42D9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
Signing time: Tue 20 May 2025 20:00:58 +0000
ROA not before: Tue 20 May 2025 20:00:58 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:06:2d:b6:00:70:d8:e2:35:13:14:02:6a:ae:eb:4b:c4:fb:42:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:00:58 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=96aa2ab5b5d940b8e78df228b3aa62d9ec85696bfac3cad105404377e7c2b20e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:71:7a:7d:b6:8c:f2:b9:32:ce:71:1f:3c:19:
6c:c4:ab:33:e4:f7:f0:56:1e:2a:63:51:49:8f:0e:
79:95:52:08:fe:90:93:62:a9:17:aa:77:a0:73:0f:
05:33:e9:77:a3:49:da:c8:fe:9f:77:e5:00:28:8b:
b7:04:dd:8e:d1:96:ac:8d:3b:11:94:fa:22:36:1d:
d7:5e:b1:f8:56:56:93:37:cd:47:d2:c8:42:54:71:
83:a5:b6:48:d9:3d:61:d3:0d:45:ab:8b:a2:1b:54:
f9:53:f0:06:f6:f6:97:f1:89:17:6e:43:e4:80:28:
2d:58:02:ca:49:07:50:c3:66:92:6c:f0:07:1c:21:
af:89:50:32:4a:c5:7b:99:24:ca:80:60:e2:72:82:
a6:ec:2d:dc:09:aa:e2:98:57:2d:6a:73:89:5a:02:
bb:c9:ce:7c:cf:ad:3b:2d:e8:90:c3:68:2e:72:3e:
56:dc:88:5c:aa:07:49:ae:28:d7:64:98:35:c8:63:
c8:80:7c:6b:90:0d:b8:52:44:41:28:04:11:ae:66:
60:b8:34:eb:c4:9f:f0:60:13:66:85:4a:87:86:8c:
9d:c2:82:9f:fc:a5:5a:93:47:4c:f7:2c:d3:63:c3:
f4:94:03:b8:94:50:f4:58:9b:c4:0a:dd:41:11:60:
cb:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:74:C6:FA:8E:78:15:20:23:4A:AB:4E:FA:AB:79:DB:4A:EB:69:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:9000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:96:3e:0e:93:52:ba:4c:aa:ce:bf:76:65:fa:57:1e:23:cd:
d4:50:09:20:82:5d:7d:04:5b:06:53:a2:93:5d:d8:05:66:25:
da:a0:e7:37:78:e0:17:87:db:c1:6a:a4:95:3a:a0:a2:29:76:
e4:cf:73:5f:86:a3:a6:7e:d8:3b:26:ee:88:d6:ec:e1:10:a8:
0c:0b:ff:32:25:c1:a3:62:c6:b3:e2:cb:35:94:f4:8c:4c:29:
ef:b6:e7:6f:1e:b6:98:48:5b:ad:46:ba:88:7c:30:66:97:dd:
a7:ec:7c:d9:9e:e3:b0:3c:55:1a:70:4b:cf:b0:82:dd:69:5b:
a3:52:61:52:c4:47:6e:f4:13:f7:fb:e7:33:17:50:12:ae:15:
6f:f8:a6:d7:23:af:a7:95:3f:d9:59:92:4c:5c:1d:60:be:71:
8b:cf:70:fa:cb:b7:4e:5a:4b:44:d8:ef:76:d9:cb:bf:e0:8e:
cc:1f:37:be:fb:ae:4e:37:91:aa:cd:84:61:67:f2:e6:ba:3e:
44:35:80:9c:ab:ce:5a:c4:98:1a:30:c3:88:9a:59:c4:48:0f:
4f:cf:97:ee:dd:5f:30:6c:72:58:22:1f:b9:6a:a4:b9:c0:a7:
8c:e5:95:17:67:1b:aa:fb:12:5d:a3:01:80:88:46:9e:1d:77:
cd:1a:90:a8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMQYttgBw2OI1ExQCaq7rS8T7QtkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAwNThaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2YWEyYWI1YjVkOTQwYjhlNzhkZjIyOGIzYWE2MmQ5ZWM4NTY5NmJmYWMz
Y2FkMTA1NDA0Mzc3ZTdjMmIyMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1xen22jPK5Ms5xHzwZbMSrM+T38FYeKmNRSY8OeZVSCP6Qk2KpF6p3oHMP
BTPpd6NJ2sj+n3flACiLtwTdjtGWrI07EZT6IjYd116x+FZWkzfNR9LIQlRxg6W2
SNk9YdMNRauLohtU+VPwBvb2l/GJF25D5IAoLVgCykkHUMNmkmzwBxwhr4lQMkrF
e5kkyoBg4nKCpuwt3Amq4phXLWpziVoCu8nOfM+tOy3okMNoLnI+VtyIXKoHSa4o
12SYNchjyIB8a5ANuFJEQSgEEa5mYLg068Sf8GATZoVKh4aMncKCn/ylWpNHTPcs
02PD9JQDuJRQ9FibxArdQRFgy20CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTbdMb6
jngVICNKq076q3nbSutpCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZiZDg3ZDUtYzExZS00NTA4LWFkYTUtZWY1OGE0OTVkM2Y2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC7lj4Ok1K6TKrOv3Zl+lceI83UUAkggl19BFsG
U6KTXdgFZiXaoOc3eOAXh9vBaqSVOqCiKXbkz3NfhqOmftg7Ju6I1uzhEKgMC/8y
JcGjYsaz4ss1lPSMTCnvtudvHraYSFutRrqIfDBml92n7HzZnuOwPFUacEvPsILd
aVujUmFSxEdu9BP3++czF1ASrhVv+KbXI6+nlT/ZWZJMXB1gvnGLz3D6y7dOWktE
2O922cu/4I7MHze++65ON5GqzYRhZ/Lmuj5ENYCcq85axJgaMMOImlnESA9Pz5fu
3V8wbHJYIh+5aqS5wKeM5ZUXZxuq+xJdowGAiEaeHXfNGpCo
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:48 2025 by rpki-client