Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6cba8379-da94-4697-867f-03730e03e9ac.roa
File: 6cba8379-da94-4697-867f-03730e03e9ac.roa (raw, json)
Hash identifier: yvC21+MtnhJCT/8tk2YLpspqd9XX/qJRId5pHH2DePs=
Subject key identifier: 5F:02:DE:44:F2:91:86:24:8F:95:83:EC:BF:7E:26:E9:B3:D7:40:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A40F3A8F149E3A5E72E102A669867F983AAAA4E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6cba8379-da94-4697-867f-03730e03e9ac.roa
Signing time: Mon 16 Jun 2025 20:50:09 +0000
ROA not before: Mon 16 Jun 2025 20:50:09 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:40:f3:a8:f1:49:e3:a5:e7:2e:10:2a:66:98:67:f9:83:aa:aa:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:50:09 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=306dd5b9b557dd73dece86b3b96819f9f64eb57317157f220196ccc6353c34e8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f5:51:d3:c2:50:4a:f8:42:b0:1e:5a:80:4d:
25:9b:66:b3:dd:18:aa:0a:08:bd:0d:14:03:45:79:
db:f8:d8:40:6f:fa:00:06:47:94:c6:95:d7:fa:49:
23:94:e1:d7:71:b9:0d:76:0a:e9:3e:b9:e2:34:fe:
75:b0:29:e0:5e:c3:68:8b:17:f3:06:cd:8f:46:62:
97:e5:51:89:29:13:cb:6d:e7:c7:2d:17:a6:46:dd:
e5:43:3c:2f:ab:58:88:5a:36:3b:17:ec:26:53:af:
d4:d7:c9:a4:3f:be:09:8b:e3:e1:51:ca:5d:cc:bc:
91:c0:f4:40:54:6a:f9:2a:0d:b8:f9:f8:da:8e:94:
27:c2:a5:63:e9:64:87:58:5c:7e:5d:49:b2:b5:d0:
16:bb:74:b1:92:9f:a3:e3:63:12:4f:b2:b8:ad:2a:
8f:e1:19:dd:eb:1e:d2:05:fe:df:3d:3f:38:2a:be:
e4:ee:0d:4e:12:9e:b6:89:04:6f:92:56:24:a9:da:
65:d9:ee:0e:da:5f:2c:0e:49:36:ac:ab:2d:a1:d8:
2a:08:30:8d:c3:d8:ae:65:0e:f9:da:d5:ff:67:31:
f3:0f:9d:d2:5b:44:a8:bd:d4:84:8c:10:e0:b1:c0:
45:ca:35:a8:02:b8:bc:9a:25:2f:e9:d2:7c:44:21:
d0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:02:DE:44:F2:91:86:24:8F:95:83:EC:BF:7E:26:E9:B3:D7:40:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6cba8379-da94-4697-867f-03730e03e9ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8000::/40
Signature Algorithm: sha256WithRSAEncryption
a8:9b:2f:05:ea:ed:1c:7c:d8:d1:dc:52:b7:6e:51:4a:ff:41:
42:50:2a:14:0d:74:32:df:9d:49:d4:53:4d:65:fe:62:74:1e:
9a:12:d0:d6:e2:92:e1:b3:82:87:0b:56:88:5f:82:53:0c:7e:
56:4e:56:d9:43:60:91:29:8a:d0:04:c6:73:66:96:d0:a7:48:
64:ae:98:e9:66:db:11:70:bd:a2:b9:3c:db:0e:fc:ea:a1:d1:
62:40:ba:9a:53:d3:45:32:63:a5:03:91:db:09:66:f4:e4:3b:
5c:9b:b3:ea:9a:03:95:23:c7:9a:d3:4f:62:24:66:d9:c4:6b:
38:75:bb:72:6f:0b:ef:d7:fa:a6:e5:c8:fd:20:85:41:53:13:
fe:47:d7:22:7d:ac:bc:ad:b6:96:6a:1f:49:6a:83:b7:a5:8e:
54:09:18:60:8a:39:4d:c5:d6:b1:ba:75:e2:2f:c0:bf:78:f0:
c0:40:b0:4d:4d:de:27:3e:64:bf:ce:5c:2a:0c:ae:e9:20:bc:
4c:df:79:8e:7e:92:74:e1:51:d7:65:53:50:55:08:47:dc:22:
69:09:02:db:cb:e6:f0:f3:78:49:a2:6e:58:17:3c:df:e8:3b:
cc:ff:1f:c5:6b:c8:23:be:9b:0f:c1:1d:01:13:f0:75:9d:e9:
f9:16:39:f6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKkDzqPFJ46XnLhAqZphn+YOqqk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDUwMDlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwNmRkNWI5YjU1N2RkNzNkZWNlODZiM2I5NjgxOWY5ZjY0ZWI1NzMxNzE1
N2YyMjAxOTZjY2M2MzUzYzM0ZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMP1UdPCUEr4QrAeWoBNJZtms90YqgoIvQ0UA0V52/jYQG/6AAZHlMaV1/pJ
I5Th13G5DXYK6T654jT+dbAp4F7DaIsX8wbNj0Zil+VRiSkTy23nxy0Xpkbd5UM8
L6tYiFo2OxfsJlOv1NfJpD++CYvj4VHKXcy8kcD0QFRq+SoNuPn42o6UJ8KlY+lk
h1hcfl1JsrXQFrt0sZKfo+NjEk+yuK0qj+EZ3ese0gX+3z0/OCq+5O4NThKetokE
b5JWJKnaZdnuDtpfLA5JNqyrLaHYKggwjcPYrmUO+drV/2cx8w+d0ltEqL3UhIwQ
4LHARco1qAK4vJolL+nSfEQh0PECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRfAt5E
8pGGJI+Vg+y/fibps9dAeTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmNiYTgzNzktZGE5NC00Njk3LTg2N2YtMDM3MzBlMDNlOWFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWA
MA0GCSqGSIb3DQEBCwUAA4IBAQComy8F6u0cfNjR3FK3blFK/0FCUCoUDXQy351J
1FNNZf5idB6aEtDW4pLhs4KHC1aIX4JTDH5WTlbZQ2CRKYrQBMZzZpbQp0hkrpjp
ZtsRcL2iuTzbDvzqodFiQLqaU9NFMmOlA5HbCWb05Dtcm7PqmgOVI8ea009iJGbZ
xGs4dbtybwvv1/qm5cj9IIVBUxP+R9cifay8rbaWah9JaoO3pY5UCRhgijlNxdax
unXiL8C/ePDAQLBNTd4nPmS/zlwqDK7pILxM33mOfpJ04VHXZVNQVQhH3CJpCQLb
y+bw83hJom5YFzzf6DvM/x/Fa8gjvpsPwR0BE/B1nen5Fjn2
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:56:46 2025 by rpki-client