Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
File: c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa (raw, json)
Hash identifier: gyzrsUPtkdDLrkb5/Xu/4/xwtHkBlIjCRmmrmpuYrY0=
Subject key identifier: 5F:88:A3:71:8E:9E:C7:23:96:15:87:5A:2B:05:25:58:D5:0D:52:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3608DA4D9641D092ED4E2D988CBF615807846376
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
Signing time: Tue 20 May 2025 20:11:02 +0000
ROA not before: Tue 20 May 2025 20:11:02 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:08:da:4d:96:41:d0:92:ed:4e:2d:98:8c:bf:61:58:07:84:63:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:02 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=012e4971e7e0f296303536cec68038abdc4c57bcf885f26fe3cfdc4086aa7f4f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7d:dd:31:d5:41:2a:07:14:5b:c8:d8:76:75:
a7:40:2e:3d:7f:55:4a:2b:81:d5:e2:0d:ff:5a:d8:
da:74:a7:fd:bb:1f:1d:5e:02:b0:eb:7e:78:31:d8:
f4:3b:cc:6d:c6:ad:b3:81:04:39:2e:16:1d:e9:1f:
d2:fe:6a:82:78:98:d6:8a:4a:00:69:f3:f7:28:be:
c1:1a:a3:32:6a:ce:f9:d2:5e:56:20:04:0c:e2:51:
12:25:35:28:ce:46:53:7c:fd:b2:eb:57:99:25:09:
2f:92:58:96:8e:c7:e0:80:f1:f4:44:0e:82:99:ef:
3d:4c:42:69:bb:01:18:8f:01:99:d4:f3:ec:4e:98:
ff:f5:bc:c1:5c:3a:83:5c:7f:16:0e:8e:6f:4c:ee:
8e:8d:12:ff:b4:d5:d9:27:54:7e:e3:57:47:70:c3:
4b:1b:e5:d6:3d:74:fe:a2:13:7f:c7:ba:29:08:b6:
bd:31:f4:ff:c4:e7:aa:c3:a9:68:90:d3:ec:31:9b:
d7:cc:d5:e6:06:7f:fa:1b:a0:2c:2f:a7:fe:04:cb:
c2:1f:37:f3:75:16:dc:3e:df:22:b6:14:e2:89:f5:
33:24:e6:38:e5:73:55:65:28:51:66:05:86:4c:e7:
4f:fe:ef:cf:9b:af:63:37:aa:cf:f6:f9:de:93:5d:
0f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:88:A3:71:8E:9E:C7:23:96:15:87:5A:2B:05:25:58:D5:0D:52:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:2000::/40
Signature Algorithm: sha256WithRSAEncryption
b4:b7:d9:95:62:4b:6a:8b:42:2e:3d:e6:cf:b2:ab:a5:c9:ae:
f0:ff:c2:b9:56:39:98:d4:25:c5:d7:aa:34:9b:6f:9e:5d:e8:
9b:e3:d1:6e:a9:95:f6:5b:d3:c2:38:14:eb:5e:b0:43:d8:ca:
2c:e1:8d:03:af:0f:f1:e6:14:fd:91:55:cf:94:67:10:1d:60:
a1:a4:be:96:0c:5f:20:2b:89:6e:6c:a2:06:18:40:56:ad:0d:
c5:b7:3a:a0:6d:2f:81:4e:6f:30:89:39:84:44:0d:56:f3:37:
68:e8:a7:e5:7d:15:a5:5d:dd:b4:73:b6:ec:a6:8e:9b:a6:3b:
36:35:69:52:01:91:00:48:c3:45:53:b0:68:99:c7:f3:2c:1e:
98:56:09:76:9a:e6:45:55:89:ae:ce:2f:03:46:a7:fa:08:8a:
f9:df:73:ba:91:d0:ad:e2:fe:c2:28:57:8c:96:e1:de:6e:ec:
ce:68:d1:d5:de:34:f0:9f:63:85:ea:52:04:72:24:08:e4:7a:
d9:bd:c8:5b:ee:4f:ad:75:c1:38:33:b1:2b:ea:24:cb:fd:76:
a6:24:c0:b4:8b:6a:d2:7c:61:51:6e:74:72:14:ec:3e:82:8a:
19:f1:e2:d8:da:fb:f5:ae:af:24:fa:5d:ad:e5:51:50:ed:68:
37:89:49:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNgjaTZZB0JLtTi2YjL9hWAeEY3YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMDJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxMmU0OTcxZTdlMGYyOTYzMDM1MzZjZWM2ODAzOGFiZGM0YzU3YmNmODg1
ZjI2ZmUzY2ZkYzQwODZhYTdmNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAId93THVQSoHFFvI2HZ1p0AuPX9VSiuB1eIN/1rY2nSn/bsfHV4CsOt+eDHY
9DvMbcats4EEOS4WHekf0v5qgniY1opKAGnz9yi+wRqjMmrO+dJeViAEDOJREiU1
KM5GU3z9sutXmSUJL5JYlo7H4IDx9EQOgpnvPUxCabsBGI8BmdTz7E6Y//W8wVw6
g1x/Fg6Ob0zujo0S/7TV2SdUfuNXR3DDSxvl1j10/qITf8e6KQi2vTH0/8TnqsOp
aJDT7DGb18zV5gZ/+hugLC+n/gTLwh8383UW3D7fIrYU4on1MyTmOOVzVWUoUWYF
hkznT/7vz5uvYzeqz/b53pNdD1ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRfiKNx
jp7HI5YVh1orBSVY1Q1SxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzZhNWFjZmYtYjVkOC00YzgwLTllY2MtOTQxNTQwNjU3NmYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUg
MA0GCSqGSIb3DQEBCwUAA4IBAQC0t9mVYktqi0IuPebPsqulya7w/8K5VjmY1CXF
16o0m2+eXeib49FuqZX2W9PCOBTrXrBD2Mos4Y0Drw/x5hT9kVXPlGcQHWChpL6W
DF8gK4lubKIGGEBWrQ3FtzqgbS+BTm8wiTmERA1W8zdo6KflfRWlXd20c7bspo6b
pjs2NWlSAZEASMNFU7BomcfzLB6YVgl2muZFVYmuzi8DRqf6CIr533O6kdCt4v7C
KFeMluHebuzOaNHV3jTwn2OF6lIEciQI5HrZvchb7k+tdcE4M7Er6iTL/XamJMC0
i2rSfGFRbnRyFOw+gooZ8eLY2vv1rq8k+l2t5VFQ7Wg3iUls
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:25 2025 by rpki-client