Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa
File: 6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa (raw, json)
Hash identifier: zZYE9KGld6QffkPSYc1MT3XfsxfQOJe0CDNN2RLBoEI=
Subject key identifier: 9C:53:41:3F:8E:C0:B7:9B:66:4D:B7:37:2B:FF:6C:48:21:B6:D6:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 647435278C50850B9D895450EB20E0FB8402D155
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa
Signing time: Mon 16 Jun 2025 21:00:12 +0000
ROA not before: Mon 16 Jun 2025 21:00:12 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:74:35:27:8c:50:85:0b:9d:89:54:50:eb:20:e0:fb:84:02:d1:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:00:12 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=370b22938b0d73894779b8e2ca1893a15a8f58d1260cb261e768389260c4da5a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8f:97:66:3a:b7:18:4a:68:b7:bd:70:9a:4a:
25:50:df:1c:ff:e5:71:de:04:3a:12:4b:77:00:1d:
9e:57:22:b9:70:65:01:9b:28:42:15:16:ca:65:ca:
cb:31:28:33:fb:f2:23:d4:69:10:08:8d:10:1d:8e:
a7:79:87:94:8d:57:e8:33:4d:b7:52:91:7c:fd:e8:
5a:37:4a:61:91:54:3b:0a:6f:1f:15:54:d3:bd:79:
df:32:5c:68:d9:4b:1a:30:e1:78:e4:9b:54:f5:9b:
aa:57:7d:c2:b9:13:a1:7d:f7:a5:28:98:b8:45:52:
44:15:c8:3e:fb:17:ad:37:d5:14:8a:16:c2:68:f8:
24:91:95:ad:cc:fb:28:db:0d:f6:09:e6:df:a5:ec:
2f:ac:76:5c:31:02:0f:c1:76:fd:02:56:7f:d2:3c:
75:64:00:b8:83:97:5d:ab:a0:be:5c:42:20:fc:af:
df:af:8e:bb:1e:e9:7a:10:cd:08:d6:bc:c2:cb:1a:
4e:ce:39:73:f9:f2:d6:6c:98:57:87:a9:7c:2a:cb:
72:df:75:65:4b:11:1e:2a:dd:e0:1e:5f:eb:37:76:
20:d3:43:b8:a7:67:1c:09:66:f3:2d:7c:93:32:9e:
2d:24:3a:ce:98:b8:45:2a:f6:d1:fb:cb:91:ab:3e:
c8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:53:41:3F:8E:C0:B7:9B:66:4D:B7:37:2B:FF:6C:48:21:B6:D6:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:c000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:c4:b7:ea:24:51:23:2c:81:cc:a9:bb:2b:1a:7e:20:c1:19:
b5:17:8b:17:28:03:b5:44:88:a5:27:fb:b3:84:20:7d:f2:ba:
61:29:f2:ed:12:8b:5c:d0:f9:0c:0f:69:38:47:cf:57:4d:5e:
62:2a:fc:63:84:08:8a:55:8b:4e:39:6c:01:29:28:e7:b1:5d:
25:b7:1a:6a:87:0c:1c:57:98:53:b6:c3:46:18:82:90:a4:ca:
3c:04:d7:8d:90:03:40:cf:ec:a4:25:7c:e5:a7:5a:e9:f3:4b:
14:af:66:e1:1c:7c:b0:0a:96:a5:d9:54:b9:59:40:e2:ef:6b:
42:3a:53:5b:bf:7d:6a:f5:4e:bd:94:29:13:47:34:09:91:0e:
8b:c3:20:4d:e0:6b:b3:d6:b6:db:c8:b6:2a:c7:ea:ec:37:83:
0e:67:ab:0c:5b:c4:b5:00:4d:7d:a2:ee:35:89:93:04:bd:f5:
e5:44:e0:96:3d:0a:a7:fb:4c:57:6e:60:2e:dc:29:2f:6f:5b:
9d:8d:7a:4a:85:5c:9f:74:39:37:59:a1:05:7b:a0:82:71:db:
ee:dd:dc:bc:29:7d:fc:f9:7a:ba:46:9d:49:01:02:f7:a0:ec:
c6:bf:27:60:f1:56:9b:f5:6f:14:99:04:6e:db:ec:92:13:2c:
f3:8d:ca:99
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZHQ1J4xQhQudiVRQ6yDg+4QC0VUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAwMTJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3MGIyMjkzOGIwZDczODk0Nzc5YjhlMmNhMTg5M2ExNWE4ZjU4ZDEyNjBj
YjI2MWU3NjgzODkyNjBjNGRhNWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAISPl2Y6txhKaLe9cJpKJVDfHP/lcd4EOhJLdwAdnlciuXBlAZsoQhUWymXK
yzEoM/vyI9RpEAiNEB2Op3mHlI1X6DNNt1KRfP3oWjdKYZFUOwpvHxVU07153zJc
aNlLGjDheOSbVPWbqld9wrkToX33pSiYuEVSRBXIPvsXrTfVFIoWwmj4JJGVrcz7
KNsN9gnm36XsL6x2XDECD8F2/QJWf9I8dWQAuIOXXaugvlxCIPyv36+Oux7pehDN
CNa8wssaTs45c/ny1myYV4epfCrLct91ZUsRHird4B5f6zd2INNDuKdnHAlm8y18
kzKeLSQ6zpi4RSr20fvLkas+yJkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBScU0E/
jsC3m2ZNtzcr/2xIIbbWezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmVlNDI0ZDYtYTA2Ny00ZmI5LWE4MmUtMDU4OTBjZjhhODhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FjA
MA0GCSqGSIb3DQEBCwUAA4IBAQB/xLfqJFEjLIHMqbsrGn4gwRm1F4sXKAO1RIil
J/uzhCB98rphKfLtEotc0PkMD2k4R89XTV5iKvxjhAiKVYtOOWwBKSjnsV0ltxpq
hwwcV5hTtsNGGIKQpMo8BNeNkANAz+ykJXzlp1rp80sUr2bhHHywCpal2VS5WUDi
72tCOlNbv31q9U69lCkTRzQJkQ6LwyBN4Guz1rbbyLYqx+rsN4MOZ6sMW8S1AE19
ou41iZMEvfXlROCWPQqn+0xXbmAu3Ckvb1udjXpKhVyfdDk3WaEFe6CCcdvu3dy8
KX38+Xq6Rp1JAQL3oOzGvydg8Vab9W8UmQRu2+ySEyzzjcqZ
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:05 2025 by rpki-client