Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f53e7156-ca49-453e-98bc-54364e6eb008.roa
File: f53e7156-ca49-453e-98bc-54364e6eb008.roa (raw, json)
Hash identifier: Glzptozyhv3yO3B9DtzZe8PomXz+ayc6SjvG3AdNMqE=
Subject key identifier: 9B:6F:EF:0D:E3:7F:DB:47:AD:59:BB:7B:19:11:10:D2:7A:D0:A0:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 64FCA7C8A587A4EA9CC5EC30496D3EC4ED5BF3DF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f53e7156-ca49-453e-98bc-54364e6eb008.roa
Signing time: Tue 20 May 2025 19:51:06 +0000
ROA not before: Tue 20 May 2025 19:51:06 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:8040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:fc:a7:c8:a5:87:a4:ea:9c:c5:ec:30:49:6d:3e:c4:ed:5b:f3:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:51:06 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=6ac61d1b4d53b7950008e23e456e931bcfa59ad621e031c122343060e75850f1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:03:1b:fc:0d:86:ca:99:cb:81:a4:b3:8c:60:
9f:f4:c9:09:b0:09:83:ec:b0:b3:92:b0:e6:2b:d3:
cc:fa:2e:9d:d7:ea:61:1e:1d:d9:b0:f9:7c:a4:d9:
0f:20:c8:ce:31:5a:e6:3b:4a:dc:2d:a6:a6:d1:4e:
ea:6d:3b:34:b0:fe:63:f1:c6:2e:7e:61:70:61:48:
ff:44:6c:32:d6:4b:7d:64:41:b9:de:56:91:a5:ce:
4d:22:55:35:e6:7d:af:e2:9a:43:52:81:06:b8:0f:
11:88:88:72:1b:e6:ad:83:6e:c3:cf:9b:ba:54:76:
36:8f:39:42:39:43:62:7b:23:f9:91:07:55:9c:15:
53:e5:00:8e:e6:dc:cf:a2:b2:7c:0e:55:e4:8d:a6:
f0:9d:a3:ec:82:46:3c:ce:d7:28:41:04:f0:2f:c7:
d7:42:f2:21:8c:91:e8:14:13:39:5a:a8:2f:4c:9b:
13:a4:5c:74:75:4f:5f:13:e2:22:78:b0:d9:c4:f4:
a3:56:f0:76:03:83:4a:3e:e8:64:4e:5a:ab:9d:b2:
88:e6:49:b8:da:af:0a:e7:77:87:66:0f:a4:01:2b:
d0:fb:53:92:67:bd:8b:25:a1:f3:cf:2f:d3:ef:34:
31:d6:54:6b:81:da:d8:7d:4b:64:67:d2:13:c2:d1:
52:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:6F:EF:0D:E3:7F:DB:47:AD:59:BB:7B:19:11:10:D2:7A:D0:A0:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f53e7156-ca49-453e-98bc-54364e6eb008.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:8040::/46
Signature Algorithm: sha256WithRSAEncryption
bb:24:01:e2:aa:69:70:9e:bc:19:46:d0:53:69:b8:4d:92:db:
00:23:45:6b:90:6b:d3:ee:e6:dc:91:37:31:91:04:cd:56:12:
90:0c:44:b7:f9:6d:a3:e5:39:0e:d8:ae:bf:e1:9b:85:bd:81:
e9:5f:87:0f:3d:36:70:32:86:b0:1b:73:6b:10:97:ba:ec:c7:
95:fd:9e:67:43:05:56:60:28:30:86:a9:c5:53:04:29:ca:00:
2c:6b:3c:ea:38:34:57:5e:9e:60:8e:ea:2a:10:24:50:c1:f9:
4a:fa:bd:f3:bb:4f:b4:e5:bd:b3:ab:e9:c9:d8:62:25:c0:3d:
2e:15:2b:fb:5f:77:d3:70:7f:87:9a:51:7b:eb:54:33:c3:3f:
fe:b6:c5:9d:1e:81:13:0a:2e:89:7b:42:cc:eb:f0:56:13:0b:
f2:ef:0e:f3:8f:d7:cb:9b:86:3b:4f:6c:7d:6d:9a:c8:13:e5:
73:8e:4f:2d:49:9d:02:5f:bd:cc:ca:8a:5a:ee:78:f9:60:76:
c4:48:b5:52:27:41:0a:41:f3:50:59:8f:8e:6e:e4:bd:d7:32:
6b:13:c9:78:fc:44:db:02:48:9d:4f:83:87:a9:3e:1e:d4:40:
6d:2f:75:78:c2:ce:fc:d5:08:ff:06:89:fa:4f:89:f2:2f:87:
07:75:9c:04
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZPynyKWHpOqcxewwSW0+xO1b898wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUxMDZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhYzYxZDFiNGQ1M2I3OTUwMDA4ZTIzZTQ1NmU5MzFiY2ZhNTlhZDYyMWUw
MzFjMTIyMzQzMDYwZTc1ODUwZjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPIDG/wNhsqZy4Gks4xgn/TJCbAJg+yws5Kw5ivTzPoundfqYR4d2bD5fKTZ
DyDIzjFa5jtK3C2mptFO6m07NLD+Y/HGLn5hcGFI/0RsMtZLfWRBud5WkaXOTSJV
NeZ9r+KaQ1KBBrgPEYiIchvmrYNuw8+bulR2No85QjlDYnsj+ZEHVZwVU+UAjubc
z6KyfA5V5I2m8J2j7IJGPM7XKEEE8C/H10LyIYyR6BQTOVqoL0ybE6RcdHVPXxPi
Iniw2cT0o1bwdgODSj7oZE5aq52yiOZJuNqvCud3h2YPpAEr0PtTkme9iyWh888v
0+80MdZUa4Ha2H1LZGfSE8LRUkcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSbb+8N
43/bR61Zu3sZERDSetCg5jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjUzZTcxNTYtY2E0OS00NTNlLTk4YmMtNTQzNjRlNmViMDA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HuA
QDANBgkqhkiG9w0BAQsFAAOCAQEAuyQB4qppcJ68GUbQU2m4TZLbACNFa5Br0+7m
3JE3MZEEzVYSkAxEt/lto+U5Dtiuv+Gbhb2B6V+HDz02cDKGsBtzaxCXuuzHlf2e
Z0MFVmAoMIapxVMEKcoALGs86jg0V16eYI7qKhAkUMH5Svq987tPtOW9s6vpydhi
JcA9LhUr+19303B/h5pRe+tUM8M//rbFnR6BEwouiXtCzOvwVhML8u8O84/Xy5uG
O09sfW2ayBPlc45PLUmdAl+9zMqKWu54+WB2xEi1UidBCkHzUFmPjm7kvdcyaxPJ
ePxE2wJInU+Dh6k+HtRAbS91eMLO/NUI/waJ+k+J8i+HB3WcBA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:23 2025 by rpki-client