Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6ca14a4-0087-442a-b673-75cc23375cdf.roa
File: a6ca14a4-0087-442a-b673-75cc23375cdf.roa (raw, json)
Hash identifier: r3gXwCCBNrtpeF1jRNBbPEKj3v6wrDxZJKWV3FYskk4=
Subject key identifier: 39:10:84:56:3C:48:C8:4D:AA:D4:0B:0C:6E:13:79:4A:34:FC:D5:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C6828F21A91C1FE5089AE3EB3D1B8B4051132EA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6ca14a4-0087-442a-b673-75cc23375cdf.roa
Signing time: Tue 20 May 2025 19:31:42 +0000
ROA not before: Tue 20 May 2025 19:31:42 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:9080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:68:28:f2:1a:91:c1:fe:50:89:ae:3e:b3:d1:b8:b4:05:11:32:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:31:42 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=2dfb91d6dd3782c76f8efbfa78a15132235eaa19283eab6313ba5b763be592dc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0e:02:f3:90:8c:2c:c3:bd:08:db:52:af:b6:
14:d6:17:cd:d6:cb:f5:67:e4:ea:a5:b8:87:1b:4b:
e5:da:0c:ad:56:97:db:c8:04:6b:1d:49:69:ef:6b:
6d:18:f2:82:28:ff:27:8e:55:74:2f:49:8b:1d:2c:
c9:a3:e0:21:ed:2b:ca:60:ec:d5:72:b4:6a:99:f6:
af:61:8e:61:ae:5f:d1:57:0d:39:aa:c6:35:35:84:
c7:04:7c:0a:21:7c:1c:1c:21:b7:18:db:8f:eb:14:
55:46:bb:96:42:ac:15:63:c9:2f:09:28:7b:73:72:
ca:b8:58:b2:79:2d:5f:ae:7e:db:f4:b7:50:09:4e:
4b:60:1f:a0:63:f8:b8:89:4b:f0:9e:7b:7a:f5:cb:
66:22:64:f8:ea:bd:e5:f6:bb:d5:ce:0e:cf:70:ab:
2e:79:08:8d:9a:46:aa:84:e6:4d:48:74:a5:71:45:
78:d5:de:ea:63:bf:dd:26:31:4e:d0:3b:e2:28:98:
13:4c:bc:40:31:d3:cc:f8:15:51:1a:78:92:f3:a4:
91:56:b7:8a:8d:d9:87:93:5d:f7:e8:6f:df:ea:81:
8a:0c:b2:8e:ed:cf:d6:6b:96:c3:3b:30:15:55:1f:
86:4d:a4:56:32:ea:ed:7f:2b:17:47:9b:01:df:fb:
10:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:10:84:56:3C:48:C8:4D:AA:D4:0B:0C:6E:13:79:4A:34:FC:D5:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6ca14a4-0087-442a-b673-75cc23375cdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:9080::/46
Signature Algorithm: sha256WithRSAEncryption
7a:48:09:60:d2:51:f5:d5:76:db:26:67:ee:a7:a3:46:11:cf:
c3:2e:92:9c:36:f9:a6:92:2d:18:f6:29:ff:fb:7f:a7:56:7f:
3a:87:51:f5:6f:04:5f:53:57:1d:14:2f:63:ca:fe:0f:f8:86:
82:d6:23:b2:6d:23:7a:b6:4e:41:68:55:d1:89:29:99:2b:c4:
05:c9:8b:de:87:16:76:02:98:8b:08:cd:45:8a:c8:1b:c6:41:
b8:7e:e3:7c:b6:75:cc:b0:e0:43:73:a3:58:28:97:7a:99:b5:
59:58:31:83:42:3e:f2:b6:1a:1a:a1:42:f8:62:0e:fe:3a:a6:
d4:a1:cd:2f:e0:2c:f8:d0:7a:e8:50:eb:03:eb:dd:57:11:01:
6c:52:e5:e4:38:ad:0a:a2:b7:4c:98:fe:bb:e2:ca:49:59:b5:
08:4c:d2:fa:ad:a1:c9:15:53:64:79:12:27:06:86:38:a7:37:
ea:f8:99:71:b7:fc:f6:2c:d4:71:b0:cc:f3:95:7b:4a:ae:cf:
54:ad:5d:b8:98:91:5a:cc:a0:c4:65:be:a7:d1:40:12:68:d6:
3a:7b:71:f3:7f:08:a0:28:4b:36:bb:b2:9e:f7:bf:35:d0:49:
e1:73:a0:52:83:3e:15:e1:83:22:e8:6e:89:34:0f:2c:6c:eb:
91:cd:86:4b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDGgo8hqRwf5Qia4+s9G4tAURMuowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTMxNDJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkZmI5MWQ2ZGQzNzgyYzc2ZjhlZmJmYTc4YTE1MTMyMjM1ZWFhMTkyODNl
YWI2MzEzYmE1Yjc2M2JlNTkyZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgOAvOQjCzDvQjbUq+2FNYXzdbL9Wfk6qW4hxtL5doMrVaX28gEax1Jae9r
bRjygij/J45VdC9Jix0syaPgIe0rymDs1XK0apn2r2GOYa5f0VcNOarGNTWExwR8
CiF8HBwhtxjbj+sUVUa7lkKsFWPJLwkoe3NyyrhYsnktX65+2/S3UAlOS2AfoGP4
uIlL8J57evXLZiJk+Oq95fa71c4Oz3CrLnkIjZpGqoTmTUh0pXFFeNXe6mO/3SYx
TtA74iiYE0y8QDHTzPgVURp4kvOkkVa3io3Zh5Nd9+hv3+qBigyyju3P1muWwzsw
FVUfhk2kVjLq7X8rF0ebAd/7EO8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ5EIRW
PEjITarUCwxuE3lKNPzVhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZjYTE0YTQtMDA4Ny00NDJhLWI2NzMtNzVjYzIzMzc1Y2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAekgJYNJR9dV22yZn7qejRhHPwy6SnDb5ppIt
GPYp//t/p1Z/OodR9W8EX1NXHRQvY8r+D/iGgtYjsm0jerZOQWhV0YkpmSvEBcmL
3ocWdgKYiwjNRYrIG8ZBuH7jfLZ1zLDgQ3OjWCiXepm1WVgxg0I+8rYaGqFC+GIO
/jqm1KHNL+As+NB66FDrA+vdVxEBbFLl5DitCqK3TJj+u+LKSVm1CEzS+q2hyRVT
ZHkSJwaGOKc36viZcbf89izUcbDM85V7Sq7PVK1duJiRWsygxGW+p9FAEmjWOntx
838IoChLNruynve/NdBJ4XOgUoM+FeGDIuhuiTQPLGzrkc2GSw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:46:41 2025 by rpki-client