Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
File: 2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa (raw, json)
Hash identifier: TZMlGSPsvLmjHcK3Gpeb868vcC9jll7wuV6wET3r9L8=
Subject key identifier: 78:6F:FB:68:96:47:0F:2A:40:90:12:76:5C:25:47:BF:77:43:FB:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D546B4171E0BF1A65885E89C454400CB5146F22
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
Signing time: Mon 16 Jun 2025 20:30:14 +0000
ROA not before: Mon 16 Jun 2025 20:30:14 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:54:6b:41:71:e0:bf:1a:65:88:5e:89:c4:54:40:0c:b5:14:6f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:30:14 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=0ab54ff7826ecde9257c029b1ce2028614ca821e53e4a5c86012d805e6691f5f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:6c:69:85:9b:20:34:c8:6e:da:50:a3:2d:3b:
8b:8a:4f:14:6b:d5:90:be:f9:98:d0:ea:a3:80:0b:
61:f0:21:ef:7e:03:a5:d8:82:ca:56:75:8c:66:96:
ae:c4:75:ce:34:6c:68:b9:da:c5:2e:0d:96:da:1c:
0b:94:8b:5c:9e:b5:9d:07:06:d2:dc:d4:52:04:10:
a9:51:e8:17:3b:52:d5:8f:14:b6:86:2c:fa:5d:fa:
29:e3:4f:46:e2:71:f0:a9:b9:ab:72:13:d4:a4:c9:
45:40:b3:da:ad:17:d9:0e:32:85:f9:56:88:20:42:
1c:d4:fb:2b:5f:c3:fb:05:fe:60:79:9f:c4:02:34:
07:3b:92:41:5b:66:c8:7c:36:05:2c:9a:a0:03:7c:
32:61:c1:b0:3e:83:67:ba:aa:65:e6:84:ad:f9:1e:
af:21:65:58:80:e5:d6:bb:78:b7:e7:92:b6:37:cb:
a4:8e:3d:65:58:35:6e:72:52:fa:11:51:d6:a8:cf:
17:a1:57:21:a7:5f:83:c8:02:81:0b:01:77:a9:1f:
ec:74:39:1c:42:11:9b:ca:ba:a4:6f:4e:2d:81:66:
11:63:ad:52:53:fa:76:02:01:c5:04:1a:09:26:9d:
45:c6:64:0a:10:eb:78:74:c7:28:25:7a:6b:6a:ee:
e4:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:6F:FB:68:96:47:0F:2A:40:90:12:76:5C:25:47:BF:77:43:FB:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6000::/40
Signature Algorithm: sha256WithRSAEncryption
75:3a:e6:3a:59:cd:24:27:5a:f0:6d:61:71:ae:09:03:e6:a0:
c4:fa:d0:4c:9c:6c:e7:8a:1a:7b:59:57:2b:7f:3b:ae:fa:31:
44:de:77:66:5f:f6:65:c1:ea:3b:a2:2e:e6:08:6b:e2:66:9f:
b2:7b:e6:b4:b0:a0:46:85:fa:7d:d4:92:84:2a:8d:cc:e8:bf:
ba:f2:5d:47:f4:8f:d1:4a:b2:c7:27:9b:68:79:5a:fd:1a:db:
ac:0b:6a:2c:f8:d8:1c:fb:4a:a0:3a:2f:45:df:55:5b:70:a2:
a3:98:ae:66:10:d4:60:43:5b:d8:4e:64:aa:d6:35:1a:ae:f4:
c2:df:3a:4b:85:ee:94:74:50:97:8e:16:71:ba:7b:02:98:a5:
e9:cc:85:15:30:e7:6b:1a:84:f8:da:06:37:09:ec:a4:6d:ed:
a3:0f:26:41:c5:d5:72:c3:c9:59:c9:19:2c:b3:ee:fa:d3:d4:
dc:e8:30:ed:34:c9:fb:ad:5d:35:a1:ec:d3:7a:f2:e8:ca:f3:
2a:f4:39:45:1b:cd:44:0f:cb:ab:e6:c4:85:35:b9:0e:b0:3b:
bf:15:00:30:89:fa:e4:b8:bc:8f:5d:20:85:3f:24:0a:c2:ac:
bc:79:b8:6c:11:17:37:07:19:f4:b5:21:ae:28:6c:55:c6:19:
b0:7f:c6:2b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPVRrQXHgvxpliF6JxFRADLUUbyIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDMwMTRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhYjU0ZmY3ODI2ZWNkZTkyNTdjMDI5YjFjZTIwMjg2MTRjYTgyMWU1M2U0
YTVjODYwMTJkODA1ZTY2OTFmNWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVsaYWbIDTIbtpQoy07i4pPFGvVkL75mNDqo4ALYfAh734DpdiCylZ1jGaW
rsR1zjRsaLnaxS4NltocC5SLXJ61nQcG0tzUUgQQqVHoFztS1Y8UtoYs+l36KeNP
RuJx8Km5q3IT1KTJRUCz2q0X2Q4yhflWiCBCHNT7K1/D+wX+YHmfxAI0BzuSQVtm
yHw2BSyaoAN8MmHBsD6DZ7qqZeaErfkeryFlWIDl1rt4t+eStjfLpI49ZVg1bnJS
+hFR1qjPF6FXIadfg8gCgQsBd6kf7HQ5HEIRm8q6pG9OLYFmEWOtUlP6dgIBxQQa
CSadRcZkChDreHTHKCV6a2ru5K0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR4b/to
lkcPKkCQEnZcJUe/d0P7lzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmIwZGUxMmEtZWMxZC00NjViLThmMzgtNjhhMmRkNmExOWRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABg
MA0GCSqGSIb3DQEBCwUAA4IBAQB1OuY6Wc0kJ1rwbWFxrgkD5qDE+tBMnGznihp7
WVcrfzuu+jFE3ndmX/Zlweo7oi7mCGviZp+ye+a0sKBGhfp91JKEKo3M6L+68l1H
9I/RSrLHJ5toeVr9GtusC2os+Ngc+0qgOi9F31VbcKKjmK5mENRgQ1vYTmSq1jUa
rvTC3zpLhe6UdFCXjhZxunsCmKXpzIUVMOdrGoT42gY3Ceykbe2jDyZBxdVyw8lZ
yRkss+7609Tc6DDtNMn7rV01oezTevLoyvMq9DlFG81ED8ur5sSFNbkOsDu/FQAw
ifrkuLyPXSCFPyQKwqy8ebhsERc3Bxn0tSGuKGxVxhmwf8Yr
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:45 2025 by rpki-client