Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
File: 6bd3f603-c189-489c-bdf5-631b47b2cd39.roa (raw, json)
Hash identifier: 2x6Gb0meeb8Mq1JJubfb+4akvsON1CP16kg6aPY35XM=
Subject key identifier: 65:89:3E:71:C9:3E:A8:E1:F6:F1:75:B7:97:AF:DB:DC:47:E4:B3:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 396A08052161D65F9E7775F99A3518C19868F5B0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
Signing time: Mon 16 Jun 2025 19:30:09 +0000
ROA not before: Mon 16 Jun 2025 19:30:09 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:6a:08:05:21:61:d6:5f:9e:77:75:f9:9a:35:18:c1:98:68:f5:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:30:09 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=0ec88e6866814b13fc4db8edbfc95b8660b2e79c5e47d18d4bd40e9ee410fab8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b2:1d:89:04:66:f4:53:1c:54:06:9d:d6:17:
36:b6:03:e8:af:bf:29:4e:88:c7:a4:0f:50:c5:12:
b3:01:e8:f9:96:ba:b0:c4:32:a8:1a:3a:03:ad:50:
9c:f7:67:da:73:dc:33:f6:14:0d:6b:c4:eb:8c:f0:
fb:5c:69:cb:23:7a:bc:38:9b:a6:1d:26:fd:26:74:
65:b9:c1:7d:16:4d:8c:8d:9e:9a:e5:97:d7:f2:b8:
0d:ad:2e:99:42:34:5b:8d:bc:98:89:04:75:7b:40:
d8:a8:2a:58:5c:ab:45:54:a5:f0:d9:7d:e3:36:21:
f8:f7:a4:09:77:f4:51:84:c3:63:a2:74:1f:c3:dd:
89:26:89:f1:a0:34:d9:57:34:09:c0:26:7b:2c:a0:
2c:4b:7a:b3:51:3d:e2:79:a0:44:6e:aa:0c:70:26:
45:fe:46:fd:44:13:40:a6:8e:ac:05:31:68:40:47:
4e:75:f9:13:94:d9:a9:3f:2f:12:4d:be:67:44:be:
27:d9:57:ec:48:29:b8:d8:18:96:0c:2f:1d:ce:cc:
1b:5b:94:64:20:32:7a:a6:5c:f6:86:64:ca:ae:90:
3f:35:80:ac:03:22:07:4d:48:58:48:39:62:73:e3:
42:4b:b4:fb:89:64:bc:44:72:d2:6a:8b:53:eb:ca:
76:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:89:3E:71:C9:3E:A8:E1:F6:F1:75:B7:97:AF:DB:DC:47:E4:B3:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
2a:c9:ae:5e:23:39:00:8b:c4:52:b7:00:1b:86:01:8a:d5:0f:
e3:6a:50:33:91:ee:95:92:84:ea:44:14:a7:4f:16:32:58:af:
62:d8:b6:96:89:de:b0:d8:92:ec:68:4c:5d:73:49:0d:31:9f:
ff:b1:42:f8:88:e9:9a:37:8b:48:78:4b:26:c8:e7:ca:77:fd:
e5:ac:04:0d:e7:ec:4a:71:06:62:0b:fc:f5:b8:fb:38:02:03:
bf:ad:16:49:97:fe:22:24:30:76:00:0f:38:f4:6a:b5:a9:6c:
c5:1b:6a:8b:5f:f4:fa:ba:7b:dd:c0:64:c8:8f:9e:8b:ef:2f:
fb:ac:31:a9:bf:11:ef:e2:ce:37:e9:a8:0b:ee:00:b3:bd:9a:
d7:bb:97:6f:7b:7c:bf:1b:cc:04:10:9f:a4:cb:78:c5:06:f2:
51:10:45:ba:31:76:ab:dd:9f:b6:b9:a5:ef:23:cc:d0:13:7e:
7e:88:d5:4a:36:b7:89:40:bb:41:f1:6a:cc:85:fa:d1:64:23:
32:67:53:c3:44:b0:c2:5f:de:45:83:39:8c:cd:39:b4:75:c7:
e1:48:30:a8:79:7b:a3:d5:5a:3d:b8:54:90:ad:10:23:b7:40:
3d:70:2c:08:bd:83:09:e1:5a:7f:95:cf:80:63:82:53:1f:55:
8c:7f:67:6f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOWoIBSFh1l+ed3X5mjUYwZho9bAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTMwMDlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlYzg4ZTY4NjY4MTRiMTNmYzRkYjhlZGJmYzk1Yjg2NjBiMmU3OWM1ZTQ3
ZDE4ZDRiZDQwZTllZTQxMGZhYjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJayHYkEZvRTHFQGndYXNrYD6K+/KU6Ix6QPUMUSswHo+Za6sMQyqBo6A61Q
nPdn2nPcM/YUDWvE64zw+1xpyyN6vDibph0m/SZ0ZbnBfRZNjI2emuWX1/K4Da0u
mUI0W428mIkEdXtA2KgqWFyrRVSl8Nl94zYh+PekCXf0UYTDY6J0H8PdiSaJ8aA0
2Vc0CcAmeyygLEt6s1E94nmgRG6qDHAmRf5G/UQTQKaOrAUxaEBHTnX5E5TZqT8v
Ek2+Z0S+J9lX7EgpuNgYlgwvHc7MG1uUZCAyeqZc9oZkyq6QPzWArAMiB01IWEg5
YnPjQku0+4lkvERy0mqLU+vKdhcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRliT5x
yT6o4fbxdbeXr9vcR+SzKjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmJkM2Y2MDMtYzE4OS00ODljLWJkZjUtNjMxYjQ3YjJjZDM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
wDANBgkqhkiG9w0BAQsFAAOCAQEAKsmuXiM5AIvEUrcAG4YBitUP42pQM5HulZKE
6kQUp08WMlivYti2lonesNiS7GhMXXNJDTGf/7FC+IjpmjeLSHhLJsjnynf95awE
DefsSnEGYgv89bj7OAIDv60WSZf+IiQwdgAPOPRqtalsxRtqi1/0+rp73cBkyI+e
i+8v+6wxqb8R7+LON+moC+4As72a17uXb3t8vxvMBBCfpMt4xQbyURBFujF2q92f
trml7yPM0BN+fojVSja3iUC7QfFqzIX60WQjMmdTw0Swwl/eRYM5jM05tHXH4Ugw
qHl7o9VaPbhUkK0QI7dAPXAsCL2DCeFaf5XPgGOCUx9VjH9nbw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:25:52 2025 by rpki-client