Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc8b1b19-8868-43a4-8d84-4c0b99202a0d.roa
File: fc8b1b19-8868-43a4-8d84-4c0b99202a0d.roa (raw, json)
Hash identifier: IUtjYElC6f2CSXcJuKFMaOXe3xWAHYNf5g7g0ljWqxM=
Subject key identifier: D4:CA:AA:B0:92:15:6F:AE:14:B2:76:6F:B0:B6:B8:6D:2F:DD:C9:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6EE6A5FFAC0B6D5CA78F8B1CCBFAAD66A1651B89
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc8b1b19-8868-43a4-8d84-4c0b99202a0d.roa
Signing time: Tue 20 May 2025 19:41:13 +0000
ROA not before: Tue 20 May 2025 19:41:13 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:e6:a5:ff:ac:0b:6d:5c:a7:8f:8b:1c:cb:fa:ad:66:a1:65:1b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:41:13 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=10097bfca4dbc977c3646490464079ada87618e8243a416dcdc7f26fff5e2aa2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:97:64:d3:c3:cf:3a:eb:77:18:56:09:21:9e:
fd:b0:8b:24:02:34:1a:b7:28:d8:b3:3c:40:ed:63:
0d:58:8c:8d:c9:fd:3a:14:82:04:46:37:c9:4a:c4:
27:e7:fd:90:a4:fe:8c:be:9f:25:4b:4c:de:f6:fa:
06:3b:44:ee:53:f3:05:c2:36:55:11:78:81:88:51:
b7:10:fb:50:7d:84:3e:47:63:13:a7:e0:06:25:b9:
72:81:98:c3:65:93:24:10:02:1c:e1:a6:ca:5e:77:
e8:48:97:fc:69:1d:cd:1e:d8:4a:14:a7:59:2a:fa:
81:56:01:8a:56:70:64:3a:6c:58:32:bb:52:b7:4d:
d6:d5:34:7e:8a:ee:0c:f8:de:56:ae:ac:d5:d4:fa:
6a:b8:7c:f9:9f:57:a0:50:e9:ba:9a:7a:73:25:d5:
02:8a:dd:e2:48:e8:8a:21:24:f8:c8:0e:8e:5e:c0:
3a:ab:27:40:23:3c:00:29:55:58:11:a1:bf:95:fb:
36:6d:3c:68:67:18:37:04:a5:f0:0b:c4:a5:57:30:
c4:82:c1:a0:07:d7:71:28:5c:24:f8:da:0d:37:21:
43:db:c5:2c:a5:b4:bd:44:5b:ff:53:ac:01:f8:25:
bc:d1:82:5b:2a:e1:66:63:02:b8:67:63:bd:aa:8c:
78:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:CA:AA:B0:92:15:6F:AE:14:B2:76:6F:B0:B6:B8:6D:2F:DD:C9:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc8b1b19-8868-43a4-8d84-4c0b99202a0d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:6000::/40
Signature Algorithm: sha256WithRSAEncryption
11:fe:99:98:8f:e0:1e:77:d1:a4:ba:01:e0:cc:69:de:96:c1:
12:92:08:00:6c:7b:56:24:02:f6:24:1b:7f:3a:1b:c7:31:a7:
4e:09:78:22:99:29:2f:ab:2c:88:c9:a4:02:f0:8c:d5:35:8c:
0b:b7:58:44:61:1a:fb:25:1d:dc:0d:e3:30:57:21:d9:40:14:
16:b7:74:aa:f4:e1:95:2f:46:f1:9b:dc:d3:16:2c:56:7d:6d:
fa:e3:4e:b6:b0:6a:0b:e5:c4:86:e5:71:11:11:bc:88:99:84:
7e:79:85:6e:a4:b5:9a:ce:e7:ae:82:b6:cb:a0:10:97:ee:27:
a0:7f:77:86:92:57:76:ae:01:85:0b:5b:0a:fc:7d:c4:ba:ab:
46:dc:9e:40:3f:b0:e6:c0:96:84:f4:97:34:e7:c7:25:5f:32:
c2:83:c8:1a:c2:d8:b4:43:a9:67:53:b3:13:df:ee:7e:e2:a0:
7f:1c:d1:ff:51:66:ec:1e:0d:f7:2b:70:9b:cd:98:c3:8e:09:
14:21:6c:87:e4:c0:76:36:85:8a:98:1c:1a:2b:88:4a:09:e1:
57:04:21:4a:27:a1:00:80:72:4a:8b:4e:02:83:8f:e6:8e:29:
2c:07:d7:bb:4e:14:be:88:28:e1:7c:ec:ba:bd:41:cc:c6:cb:
1d:45:9a:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbual/6wLbVynj4scy/qtZqFlG4kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQxMTNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwMDk3YmZjYTRkYmM5NzdjMzY0NjQ5MDQ2NDA3OWFkYTg3NjE4ZTgyNDNh
NDE2ZGNkYzdmMjZmZmY1ZTJhYTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmXZNPDzzrrdxhWCSGe/bCLJAI0Grco2LM8QO1jDViMjcn9OhSCBEY3yUrE
J+f9kKT+jL6fJUtM3vb6BjtE7lPzBcI2VRF4gYhRtxD7UH2EPkdjE6fgBiW5coGY
w2WTJBACHOGmyl536EiX/GkdzR7YShSnWSr6gVYBilZwZDpsWDK7UrdN1tU0foru
DPjeVq6s1dT6arh8+Z9XoFDpupp6cyXVAord4kjoiiEk+MgOjl7AOqsnQCM8AClV
WBGhv5X7Nm08aGcYNwSl8AvEpVcwxILBoAfXcShcJPjaDTchQ9vFLKW0vURb/1Os
AfglvNGCWyrhZmMCuGdjvaqMeAMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTUyqqw
khVvrhSydm+wtrhtL93JnjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM4YjFiMTktODg2OC00M2E0LThkODQtNGMwYjk5MjAyYTBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Htg
MA0GCSqGSIb3DQEBCwUAA4IBAQAR/pmYj+Aed9GkugHgzGnelsESkggAbHtWJAL2
JBt/OhvHMadOCXgimSkvqyyIyaQC8IzVNYwLt1hEYRr7JR3cDeMwVyHZQBQWt3Sq
9OGVL0bxm9zTFixWfW364062sGoL5cSG5XEREbyImYR+eYVupLWazueugrbLoBCX
7iegf3eGkld2rgGFC1sK/H3EuqtG3J5AP7DmwJaE9Jc058clXzLCg8gawti0Q6ln
U7MT3+5+4qB/HNH/UWbsHg33K3CbzZjDjgkUIWyH5MB2NoWKmBwaK4hKCeFXBCFK
J6EAgHJKi04Cg4/mjiksB9e7ThS+iCjhfOy6vUHMxssdRZq5
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:16 2025 by rpki-client