Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
File: a84526d7-5029-439b-9e16-14cd601eb5a1.roa (raw, json)
Hash identifier: 13TtjqucOA3gTMKpsEk8fSPFnZTFPXAAGv9jnqb44V0=
Subject key identifier: 83:37:C7:98:C1:76:8E:2E:D3:9A:A2:9A:F5:B7:7A:2E:0C:04:21:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6AE945D6D3A16BB3155B6985D028F50D4646F97E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
Signing time: Tue 20 May 2025 19:21:41 +0000
ROA not before: Tue 20 May 2025 19:21:41 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:e9:45:d6:d3:a1:6b:b3:15:5b:69:85:d0:28:f5:0d:46:46:f9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:21:41 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ce2aaebf632fe6e6960fd8562f1d4f4b23feae2fc9a68676e9d80d241471a43f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:19:ca:36:50:f9:fb:65:ea:24:34:fa:a9:39:
54:28:ac:17:3a:02:2f:1c:ea:89:12:3f:7f:af:80:
a0:06:d2:59:14:01:c3:41:8c:88:7c:1e:12:06:b5:
4e:69:59:c9:77:44:76:b8:5a:41:ff:eb:04:66:ee:
c4:4c:cc:06:c7:0b:7f:f6:f7:8e:26:cd:51:ad:28:
4a:6d:48:e9:30:54:4a:23:bf:3a:87:32:8f:4e:17:
48:95:74:06:4b:d1:24:37:7f:6b:ef:d8:9a:c4:29:
ec:cb:ca:6d:ec:0f:6c:37:c8:dc:9a:e1:f9:8f:19:
d5:d0:a3:30:a8:d8:e3:de:d9:55:5e:6f:8a:e9:38:
0e:ce:96:bb:19:fe:54:43:22:f9:cf:0c:61:ee:c9:
0a:c4:7b:c5:02:6d:60:07:87:cc:69:e9:61:c3:d1:
22:4f:52:68:e1:00:e2:6e:ad:52:c7:5d:79:05:76:
41:4d:84:8a:7b:82:60:a8:da:e7:d5:02:cc:97:ac:
fb:c7:96:f5:63:d2:61:2f:f9:e9:9b:13:d4:6f:80:
c5:36:e1:d1:95:f6:1a:29:e9:08:66:ed:7a:74:48:
4f:a1:57:aa:18:06:dd:d2:24:f9:61:46:93:52:28:
61:d3:74:7d:62:a4:13:09:36:72:4a:fe:83:ab:90:
80:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:37:C7:98:C1:76:8E:2E:D3:9A:A2:9A:F5:B7:7A:2E:0C:04:21:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6080::/48
Signature Algorithm: sha256WithRSAEncryption
6e:cc:dc:12:99:78:ea:f1:2c:a3:ca:b5:9d:35:51:9f:75:98:
46:f6:d7:1f:a0:15:7e:22:7c:e4:15:f7:20:1f:49:6c:75:b0:
17:8f:c6:43:f2:57:3b:65:30:98:2e:60:bf:59:b7:0c:7c:6b:
f4:cd:f0:4e:67:82:c9:00:5a:f1:af:9c:de:db:99:63:68:43:
09:d5:21:95:82:e7:b8:df:40:af:d4:1e:f3:f6:d3:7f:74:02:
85:35:77:f1:5b:1e:77:d8:5a:41:24:c9:46:91:08:aa:a9:16:
d6:e3:9f:11:5e:77:11:67:37:c8:9b:d0:68:2f:64:74:23:3c:
db:3f:db:95:f3:36:76:9b:54:08:56:04:43:8a:f3:a4:45:b6:
ab:17:78:7a:61:9a:9a:4d:f9:e6:0b:46:ea:1f:55:6e:3a:19:
62:e3:00:fb:33:5a:8b:f4:f5:c7:ef:1e:d2:1a:c8:54:4c:49:
d2:b1:3e:60:48:62:37:89:38:aa:0e:6d:4b:db:94:a2:8d:82:
6a:ce:5a:ae:c6:4c:d7:0f:5d:fc:af:54:68:3a:b4:08:74:cc:
92:be:d8:f4:ba:b9:a2:41:16:dc:27:8f:4a:c3:4c:de:ef:e0:
9f:a5:1e:e7:45:fe:6d:52:86:05:30:6f:7c:92:2d:e4:90:4f:
38:7c:3d:ae
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaulF1tOha7MVW2mF0Cj1DUZG+X4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIxNDFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlMmFhZWJmNjMyZmU2ZTY5NjBmZDg1NjJmMWQ0ZjRiMjNmZWFlMmZjOWE2
ODY3NmU5ZDgwZDI0MTQ3MWE0M2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYZyjZQ+ftl6iQ0+qk5VCisFzoCLxzqiRI/f6+AoAbSWRQBw0GMiHweEga1
TmlZyXdEdrhaQf/rBGbuxEzMBscLf/b3jibNUa0oSm1I6TBUSiO/Oocyj04XSJV0
BkvRJDd/a+/YmsQp7MvKbewPbDfI3Jrh+Y8Z1dCjMKjY497ZVV5viuk4Ds6Wuxn+
VEMi+c8MYe7JCsR7xQJtYAeHzGnpYcPRIk9SaOEA4m6tUsddeQV2QU2EinuCYKja
59UCzJes+8eW9WPSYS/56ZsT1G+AxTbh0ZX2GinpCGbtenRIT6FXqhgG3dIk+WFG
k1IoYdN0fWKkEwk2ckr+g6uQgOsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSDN8eY
wXaOLtOaopr1t3ouDAQhxTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTg0NTI2ZDctNTAyOS00MzliLTllMTYtMTRjZDYwMWViNWExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
gDANBgkqhkiG9w0BAQsFAAOCAQEAbszcEpl46vEso8q1nTVRn3WYRvbXH6AVfiJ8
5BX3IB9JbHWwF4/GQ/JXO2UwmC5gv1m3DHxr9M3wTmeCyQBa8a+c3tuZY2hDCdUh
lYLnuN9Ar9Qe8/bTf3QChTV38Vsed9haQSTJRpEIqqkW1uOfEV53EWc3yJvQaC9k
dCM82z/blfM2dptUCFYEQ4rzpEW2qxd4emGamk355gtG6h9VbjoZYuMA+zNai/T1
x+8e0hrIVExJ0rE+YEhiN4k4qg5tS9uUoo2Cas5arsZM1w9d/K9UaDq0CHTMkr7Y
9Lq5okEW3CePSsNM3u/gn6Ue50X+bVKGBTBvfJIt5JBPOHw9rg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:29 2025 by rpki-client