Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
File: c6b4bacc-5824-4f9c-a10d-49f145db8549.roa (raw, json)
Hash identifier: wCVONCvE3ZC5ovTgLhotibOB2HTV0n+nSBhfI5MOgFc=
Subject key identifier: 67:33:CD:6F:C6:56:06:B2:A0:E6:98:06:4B:B5:E3:15:18:DE:8B:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20FEA50B41A91565242A80507F00741A59FEF59B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
Signing time: Mon 26 May 2025 15:10:38 +0000
ROA not before: Mon 26 May 2025 15:10:38 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02f::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:fe:a5:0b:41:a9:15:65:24:2a:80:50:7f:00:74:1a:59:fe:f5:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 26 15:10:38 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=9bc6a6ba75325ed197e333161a936e1713a5c80148d3d8f7bcb8b4596ccc8607, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fd:3e:ab:3e:ef:5c:49:ea:c0:13:d4:c0:fa:
6c:b3:c7:d2:18:ff:cc:4a:75:9d:6d:a4:31:dc:56:
d3:83:6c:f3:17:cb:d0:a2:d5:c5:a9:c2:77:3b:3d:
3f:8c:7b:3f:e3:00:a2:d7:36:3b:1c:db:0c:3b:6a:
17:b2:50:d9:1a:87:d8:46:b3:3f:e8:20:ce:b5:03:
90:33:59:7e:8d:c3:df:69:06:2d:39:78:87:03:e4:
a4:5e:64:bd:82:23:19:7f:d5:f3:f4:7d:61:45:04:
e6:18:b7:3b:fd:aa:99:dc:c3:6e:54:7d:e5:2c:80:
b6:1a:48:67:16:fc:d6:4a:07:86:62:13:16:e6:52:
01:0a:59:44:c3:6d:56:1f:c3:a0:6a:90:b6:13:0b:
4b:a0:98:3c:5c:17:bc:05:c1:6b:aa:6f:6c:7b:51:
f4:1f:b5:e1:5c:b9:f4:fb:03:27:f4:54:44:53:47:
18:ec:30:52:18:52:ab:a2:cc:1c:aa:47:ea:76:d5:
59:4f:9c:a1:24:5f:32:5a:b0:c6:2f:c6:e1:9f:b0:
d4:2c:d1:fd:d4:79:50:b5:67:a4:17:02:ba:2d:e9:
a4:d3:5a:40:2e:c6:bf:fc:ac:05:a2:77:06:a9:a1:
79:60:52:96:f1:60:05:9f:b3:4e:b3:63:95:b9:d8:
8f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:33:CD:6F:C6:56:06:B2:A0:E6:98:06:4B:B5:E3:15:18:DE:8B:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02f::/36
Signature Algorithm: sha256WithRSAEncryption
c0:36:c4:69:64:bc:c8:cb:db:ff:f7:d4:d8:90:be:b7:d0:4d:
fb:af:60:56:90:15:21:2e:e1:5a:a1:a2:61:93:5a:28:b4:fe:
78:03:9b:9e:0e:19:95:81:97:9b:df:b9:ab:86:bb:b9:91:a2:
b6:1f:d2:79:8c:e0:86:01:5d:79:ed:ba:5f:28:61:2a:00:4c:
0a:86:db:c5:b9:45:4f:6b:ff:18:b3:dc:fd:f3:1d:21:39:bf:
2f:49:16:a5:34:92:44:c6:c9:01:91:d7:79:ed:50:ec:ee:99:
e3:cf:58:e0:25:95:1a:55:a5:da:1b:dd:f1:05:c7:da:50:5b:
df:fd:15:fb:86:8c:60:2b:13:5c:fa:5c:43:06:67:c0:08:1e:
ed:b5:fb:9b:44:a6:9e:8e:ac:f9:ba:9c:21:65:5a:7f:98:74:
b0:d3:00:b9:86:e0:ab:b6:fd:0b:2c:b1:f5:b3:d0:86:5e:3e:
16:d3:be:ba:ef:a1:35:1d:5a:4f:17:5c:e0:e9:21:00:bc:7f:
03:ac:f2:2b:35:63:cd:6f:c8:ab:e8:c6:4c:ea:b4:0a:43:45:
75:f7:84:90:ee:3e:35:06:3c:39:90:32:e3:f1:b3:9d:7b:a3:
f3:30:4d:98:09:69:28:ff:1c:92:60:a2:9d:b8:4b:78:fa:c5:
45:a5:4c:ef
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIP6lC0GpFWUkKoBQfwB0Gln+9ZswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjYxNTEwMzhaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDliYzZhNmJhNzUzMjVlZDE5N2UzMzMxNjFhOTM2ZTE3MTNhNWM4MDE0OGQz
ZDhmN2JjYjhiNDU5NmNjYzg2MDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJj9Pqs+71xJ6sAT1MD6bLPH0hj/zEp1nW2kMdxW04Ns8xfL0KLVxanCdzs9
P4x7P+MAotc2OxzbDDtqF7JQ2RqH2EazP+ggzrUDkDNZfo3D32kGLTl4hwPkpF5k
vYIjGX/V8/R9YUUE5hi3O/2qmdzDblR95SyAthpIZxb81koHhmITFuZSAQpZRMNt
Vh/DoGqQthMLS6CYPFwXvAXBa6pvbHtR9B+14Vy59PsDJ/RURFNHGOwwUhhSq6LM
HKpH6nbVWU+coSRfMlqwxi/G4Z+w1CzR/dR5ULVnpBcCui3ppNNaQC7Gv/ysBaJ3
BqmheWBSlvFgBZ+zTrNjlbnYj+UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRnM81v
xlYGsqDmmAZLteMVGN6LWTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzZiNGJhY2MtNTgyNC00ZjljLWExMGQtNDlmMTQ1ZGI4NTQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C8A
MA0GCSqGSIb3DQEBCwUAA4IBAQDANsRpZLzIy9v/99TYkL630E37r2BWkBUhLuFa
oaJhk1ootP54A5ueDhmVgZeb37mrhru5kaK2H9J5jOCGAV157bpfKGEqAEwKhtvF
uUVPa/8Ys9z98x0hOb8vSRalNJJExskBkdd57VDs7pnjz1jgJZUaVaXaG93xBcfa
UFvf/RX7hoxgKxNc+lxDBmfACB7ttfubRKaejqz5upwhZVp/mHSw0wC5huCrtv0L
LLH1s9CGXj4W076676E1HVpPF1zg6SEAvH8DrPIrNWPNb8ir6MZM6rQKQ0V194SQ
7j41Bjw5kDLj8bOde6PzME2YCWko/xySYKKduEt4+sVFpUzv
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:47 2025 by rpki-client