Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
File: f6aec084-593c-47be-8e46-9024b5572011.roa (raw, json)
Hash identifier: a2bVaV3zAmmuStV0sjT7PkCE2cuDnQZZlLQbujof5Lc=
Subject key identifier: F6:04:A8:0E:61:C1:5B:66:A9:A4:17:3D:14:C4:70:7C:44:83:8F:A3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E020C777A96A973F74D4203612701900F22705E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
Signing time: Fri 06 Jun 2025 15:10:56 +0000
ROA not before: Fri 06 Jun 2025 15:10:56 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:02:0c:77:7a:96:a9:73:f7:4d:42:03:61:27:01:90:0f:22:70:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:56 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=732213fd4c9779e444b06b586c44751b91459251c0735d89684e653665b0bedb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1b:53:1f:0d:da:61:13:52:c4:22:2b:41:02:
5d:9b:da:2b:93:4f:ae:ca:21:b2:26:c8:38:e6:54:
f5:45:d8:27:70:fe:c7:7f:8d:af:f4:f2:fc:d4:5e:
93:19:7a:e4:ee:74:00:28:0c:a4:95:1e:8d:bc:4e:
57:ef:9b:17:7c:9c:14:90:05:3c:53:c8:d5:53:99:
b9:51:56:80:18:24:8d:bd:c9:f7:36:24:38:05:95:
49:36:c4:4a:2a:f9:75:21:68:85:dd:08:69:82:1e:
5b:a5:56:a3:d4:a8:c8:84:3f:7c:2b:e0:4a:68:24:
16:77:f8:6e:7a:88:c0:ab:05:3c:02:e0:5f:e5:55:
f6:25:a4:c0:59:37:75:b6:58:9c:c9:03:ae:af:77:
dd:83:e1:a3:5c:ef:17:12:03:f4:78:f1:a6:85:85:
54:64:67:7b:eb:24:38:1e:06:af:9c:6c:4f:45:30:
70:6d:86:46:26:4c:84:ab:0a:03:95:8f:3d:95:85:
8a:70:5d:af:9a:b3:86:5a:f1:1b:77:70:bb:64:33:
b6:81:ac:71:e6:3e:51:df:9a:35:3d:e2:98:27:52:
5c:0b:6e:d4:8a:d3:8f:86:78:df:1b:be:18:36:a3:
27:c0:80:5c:72:8a:f7:c8:63:b7:db:a0:95:45:fb:
b4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:04:A8:0E:61:C1:5B:66:A9:A4:17:3D:14:C4:70:7C:44:83:8F:A3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:e000::/40
Signature Algorithm: sha256WithRSAEncryption
7b:98:25:d5:65:8f:bb:5f:9a:da:2d:c9:39:b2:79:41:6f:df:
15:a8:d0:64:1d:22:e2:80:24:fb:37:ca:48:3f:fd:76:4d:72:
55:d8:15:b3:ea:b2:5c:cf:dc:28:da:8d:21:7e:50:64:7b:13:
3a:c7:01:be:da:26:e9:07:76:02:1e:09:c1:10:74:92:ab:90:
37:5b:6a:2b:b5:76:82:67:4c:9e:b5:dd:2a:d0:e0:fc:7e:8a:
98:ff:f8:36:e8:c8:f3:7d:30:a6:f8:c8:f1:65:d3:a8:22:e3:
07:b2:34:ae:e2:30:42:9c:fe:02:52:72:6c:42:6e:50:97:78:
14:5f:55:18:8d:7d:7d:f0:08:9d:1c:61:c9:37:c7:1f:2c:b1:
e1:d9:71:d1:92:38:d3:ea:7f:89:3f:5e:9d:e5:cd:57:77:29:
a4:df:9b:06:01:43:0c:e9:35:1d:a0:2d:c3:20:51:13:4a:a0:
de:f4:bf:55:b0:03:30:6c:36:eb:0b:db:c9:3e:06:22:e5:46:
2f:6d:7b:d4:5b:89:60:c2:a1:6d:c0:c2:0c:8e:d5:23:90:ef:
25:7c:30:01:26:a4:31:65:7a:04:53:cd:c4:15:12:f9:a3:8a:
8e:08:40:86:6c:dd:d1:16:04:5f:63:d8:5e:ec:c3:de:bd:b9:
d7:cc:fa:f2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXgIMd3qWqXP3TUIDYScBkA8icF4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwNTZaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDczMjIxM2ZkNGM5Nzc5ZTQ0NGIwNmI1ODZjNDQ3NTFiOTE0NTkyNTFjMDcz
NWQ4OTY4NGU2NTM2NjViMGJlZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4bUx8N2mETUsQiK0ECXZvaK5NPrsohsibIOOZU9UXYJ3D+x3+Nr/Ty/NRe
kxl65O50ACgMpJUejbxOV++bF3ycFJAFPFPI1VOZuVFWgBgkjb3J9zYkOAWVSTbE
Sir5dSFohd0IaYIeW6VWo9SoyIQ/fCvgSmgkFnf4bnqIwKsFPALgX+VV9iWkwFk3
dbZYnMkDrq933YPho1zvFxID9HjxpoWFVGRne+skOB4Gr5xsT0UwcG2GRiZMhKsK
A5WPPZWFinBdr5qzhlrxG3dwu2QztoGsceY+Ud+aNT3imCdSXAtu1IrTj4Z43xu+
GDajJ8CAXHKK98hjt9uglUX7tJkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT2BKgO
YcFbZqmkFz0UxHB8RIOPozAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjZhZWMwODQtNTkzYy00N2JlLThlNDYtOTAyNGI1NTcyMDExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDg
MA0GCSqGSIb3DQEBCwUAA4IBAQB7mCXVZY+7X5raLck5snlBb98VqNBkHSLigCT7
N8pIP/12TXJV2BWz6rJcz9wo2o0hflBkexM6xwG+2ibpB3YCHgnBEHSSq5A3W2or
tXaCZ0yetd0q0OD8foqY//g26MjzfTCm+MjxZdOoIuMHsjSu4jBCnP4CUnJsQm5Q
l3gUX1UYjX198AidHGHJN8cfLLHh2XHRkjjT6n+JP16d5c1Xdymk35sGAUMM6TUd
oC3DIFETSqDe9L9VsAMwbDbrC9vJPgYi5UYvbXvUW4lgwqFtwMIMjtUjkO8lfDAB
JqQxZXoEU83EFRL5o4qOCECGbN3RFgRfY9he7MPevbnXzPry
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:32 2025 by rpki-client