Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/00150ff4-0ab9-428f-ae9a-ccd9dc669cb8.roa
File: 00150ff4-0ab9-428f-ae9a-ccd9dc669cb8.roa (raw, json)
Hash identifier: Ihq6x4bkNkuBOMS8rWtRiuvA39BH9fc2sSeS96Mw2QA=
Subject key identifier: FC:AB:B9:B7:82:83:C2:AD:F8:33:66:3B:B4:7D:3B:E0:18:EB:EB:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C5CD4AA4F62A6B87E7190CC6F24B10A799315F8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/00150ff4-0ab9-428f-ae9a-ccd9dc669cb8.roa
Signing time: Tue 17 Jun 2025 00:40:43 +0000
ROA not before: Tue 17 Jun 2025 00:40:43 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:5c:d4:aa:4f:62:a6:b8:7e:71:90:cc:6f:24:b1:0a:79:93:15:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:43 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=f3d02a8490da17f1b13cf7bc740d838efb7a400ccc59973d0e5a1ac824dadc4b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:76:2a:09:e5:6a:7b:a5:75:44:ec:67:6e:52:
35:6e:e1:2d:0b:9e:92:5d:20:79:c5:d4:3f:fd:7a:
fc:4a:4c:98:e0:78:e6:e4:5a:1a:27:d4:ba:63:2c:
7d:fa:9a:22:b6:66:77:45:52:6f:09:35:28:3c:f1:
04:00:2c:65:18:05:f5:b8:4a:fe:cf:56:6c:6f:49:
15:46:67:0f:5b:6f:d2:9e:0e:f7:cb:47:17:f5:33:
5a:f6:32:5f:98:1c:b2:70:d3:3d:91:12:2b:91:63:
85:7c:a8:69:45:9a:27:9b:bb:26:65:8f:02:7e:c8:
35:5b:55:5e:43:9c:0b:90:f2:1e:fc:34:a8:6f:e8:
42:7c:57:5c:b1:d5:b3:56:c5:7a:bc:2a:b2:8a:06:
61:01:39:ba:9d:a4:b2:16:8f:63:e0:ba:28:e2:ee:
66:6b:84:44:8d:60:b5:e4:0c:82:ab:1e:bb:2a:4e:
76:1c:c4:53:a0:44:09:bd:b4:3b:e5:94:a5:e2:ba:
87:7c:3b:73:9c:07:3d:49:98:88:ce:03:6d:df:77:
fd:1d:c8:96:bc:bd:db:e2:81:cd:c8:17:7c:b1:8f:
d0:96:87:42:15:6a:f3:75:28:cc:e1:80:58:09:53:
83:5f:a5:bd:c2:03:44:fe:43:77:d4:2d:54:25:d8:
45:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:AB:B9:B7:82:83:C2:AD:F8:33:66:3B:B4:7D:3B:E0:18:EB:EB:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/00150ff4-0ab9-428f-ae9a-ccd9dc669cb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:6000::/40
Signature Algorithm: sha256WithRSAEncryption
90:2f:9f:e4:38:f6:7d:d5:4e:1b:32:a2:3e:13:b9:3b:fa:14:
22:63:f9:a7:92:5c:e2:3d:96:76:14:b1:a9:2f:6c:a3:85:16:
49:53:ee:58:84:28:f2:e3:59:aa:49:93:77:c8:a9:8c:8f:5c:
ae:9b:ec:c3:4a:bf:e8:1a:57:04:f2:dc:aa:0c:a2:9e:44:c2:
14:b2:bd:db:7a:91:62:37:de:0b:e1:7b:4d:89:58:54:8b:60:
72:bb:fc:fb:fd:87:25:ec:99:44:2b:3d:82:19:3b:ee:40:d3:
8d:77:52:e6:88:04:f4:94:96:47:cb:57:c1:14:69:8a:9d:ba:
13:66:88:de:86:01:1a:da:c6:82:c4:25:b0:9f:88:64:4b:0a:
d9:89:b4:54:76:72:17:be:bf:b7:7c:be:20:01:41:2b:f3:f9:
ec:42:96:0e:bc:af:5a:f6:f7:e7:4a:7a:b3:ea:a8:9f:4e:d1:
ca:a9:27:58:7c:1a:28:b1:3f:8e:71:a9:8c:b9:f7:87:24:0e:
bc:39:2c:5f:a5:82:11:e2:73:ac:d1:ef:b0:5f:95:f4:c0:b8:
43:03:b9:d8:ac:06:da:be:f5:a9:78:a0:76:32:94:d4:35:9c:
32:e9:28:59:d0:2a:15:2b:ea:51:41:1c:40:17:70:1f:5a:31:
b2:86:b5:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPFzUqk9iprh+cZDMbySxCnmTFfgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwNDNaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzZDAyYTg0OTBkYTE3ZjFiMTNjZjdiYzc0MGQ4MzhlZmI3YTQwMGNjYzU5
OTczZDBlNWExYWM4MjRkYWRjNGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK92KgnlanuldUTsZ25SNW7hLQuekl0gecXUP/16/EpMmOB45uRaGifUumMs
ffqaIrZmd0VSbwk1KDzxBAAsZRgF9bhK/s9WbG9JFUZnD1tv0p4O98tHF/UzWvYy
X5gcsnDTPZESK5FjhXyoaUWaJ5u7JmWPAn7INVtVXkOcC5DyHvw0qG/oQnxXXLHV
s1bFerwqsooGYQE5up2kshaPY+C6KOLuZmuERI1gteQMgqseuypOdhzEU6BECb20
O+WUpeK6h3w7c5wHPUmYiM4Dbd93/R3Ilry92+KBzcgXfLGP0JaHQhVq83UozOGA
WAlTg1+lvcIDRP5Dd9QtVCXYRfUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT8q7m3
goPCrfgzZju0fTvgGOvrqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDAxNTBmZjQtMGFiOS00MjhmLWFlOWEtY2NkOWRjNjY5Y2I4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9g
MA0GCSqGSIb3DQEBCwUAA4IBAQCQL5/kOPZ91U4bMqI+E7k7+hQiY/mnklziPZZ2
FLGpL2yjhRZJU+5YhCjy41mqSZN3yKmMj1yum+zDSr/oGlcE8tyqDKKeRMIUsr3b
epFiN94L4XtNiVhUi2Byu/z7/Ycl7JlEKz2CGTvuQNONd1LmiAT0lJZHy1fBFGmK
nboTZojehgEa2saCxCWwn4hkSwrZibRUdnIXvr+3fL4gAUEr8/nsQpYOvK9a9vfn
Snqz6qifTtHKqSdYfBoosT+OcamMufeHJA68OSxfpYIR4nOs0e+wX5X0wLhDA7nY
rAbavvWpeKB2MpTUNZwy6ShZ0CoVK+pRQRxAF3AfWjGyhrVp
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:29:20 2025 by rpki-client