Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6fbb7303-c6a4-43da-bcdb-d26ab78c366e.roa
File: 6fbb7303-c6a4-43da-bcdb-d26ab78c366e.roa (raw, json)
Hash identifier: J/oY+ZmSq74ncF9aZ1wGPaJVuaE61xVWmRHGkN9pSrg=
Subject key identifier: AA:37:16:14:1E:2C:4A:37:CA:51:FF:15:93:D9:9A:6C:31:D3:0E:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 044366A0D0C17A00AEB1DAD14E7BF30995885576
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6fbb7303-c6a4-43da-bcdb-d26ab78c366e.roa
Signing time: Mon 16 Jun 2025 20:20:13 +0000
ROA not before: Mon 16 Jun 2025 20:20:13 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:43:66:a0:d0:c1:7a:00:ae:b1:da:d1:4e:7b:f3:09:95:88:55:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:20:13 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=c75595071a29d8c20cee1e2ee923ee5c6276ba7dad2a89732988ba47278f2a27, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:33:7a:c7:4b:f1:6e:96:2b:53:50:f6:b2:bc:
08:6b:39:8a:37:b6:1f:fd:de:2d:c9:ea:5c:08:90:
0b:89:a0:a4:14:64:b7:a1:4f:4e:4a:dd:48:ab:fa:
a6:5a:8b:81:4a:57:10:4e:83:af:d2:8c:c9:a2:56:
c5:b6:af:17:3b:dc:81:52:b8:88:26:bd:a7:04:ee:
14:02:89:51:c1:d0:72:f6:f2:6b:77:53:e1:cc:dc:
89:c1:16:9f:7d:dc:7d:5a:f2:96:46:c2:18:6c:6f:
ee:38:24:bf:2f:4e:40:01:ee:06:35:d2:1e:3f:dc:
5a:df:e1:9a:f6:27:a9:42:93:3b:29:d8:57:ed:2a:
4d:40:f7:b5:5d:77:39:4c:2c:a5:8b:58:76:c9:93:
d0:2c:d4:f4:50:9b:6c:aa:20:c5:f1:df:8c:c0:6d:
6f:47:dc:e9:54:30:0d:83:ca:8b:66:83:a2:f1:c7:
4a:fe:b5:49:1c:60:69:e1:a1:2b:a3:b8:54:89:a9:
d1:48:e1:5b:3a:a7:d9:ed:cf:14:ff:0a:f9:e6:e9:
c0:8d:a6:ba:17:ec:58:3a:e6:67:d7:d5:98:aa:b2:
36:3f:14:ab:0f:5e:b5:86:13:34:5c:16:01:d6:a6:
bb:a8:b4:14:7b:40:81:18:29:27:dd:4d:c8:12:65:
12:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:37:16:14:1E:2C:4A:37:CA:51:FF:15:93:D9:9A:6C:31:D3:0E:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6fbb7303-c6a4-43da-bcdb-d26ab78c366e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2040::/48
Signature Algorithm: sha256WithRSAEncryption
8d:c1:03:cd:9b:ab:72:29:d9:a7:91:05:f0:00:cc:1a:72:a8:
ae:33:2f:e4:60:74:d7:eb:9a:a4:a9:42:7f:66:7f:bc:3b:a6:
8e:e9:d7:b3:7e:21:e8:1a:4f:e2:04:2f:ea:02:85:10:a9:d3:
87:6b:25:d8:72:99:d1:d7:8b:ac:76:24:ff:85:26:d5:b2:e0:
fa:d4:ee:80:4b:cf:2b:d6:6b:e1:01:51:e9:ab:be:dd:12:bc:
6f:5f:e5:54:cf:1a:a9:a1:75:a7:01:36:2b:b9:4b:21:2d:3d:
5a:30:96:f3:97:dc:30:0e:5f:77:a5:1c:de:38:37:41:d1:64:
de:9a:98:23:29:ea:9d:41:bf:85:33:67:f3:e7:9e:c6:43:83:
85:55:70:9c:8e:e0:be:f0:8f:dc:77:a2:c7:10:b8:f5:7d:f3:
12:73:c6:26:c6:16:97:8e:ca:fe:ec:da:c5:47:79:d6:06:b8:
34:4e:2f:1a:d1:b6:34:5f:96:b2:13:5d:54:98:7f:31:7e:c1:
3f:90:cb:e0:18:d3:c6:78:d2:23:a3:c4:45:b2:9d:ad:d6:4e:
1d:f2:dc:7d:be:55:c5:31:71:90:cf:f5:00:07:60:79:f8:c0:
e8:e4:88:e6:78:41:cb:3f:7a:88:31:49:b7:2b:96:84:b5:7a:
e6:cb:4b:3d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBENmoNDBegCusdrRTnvzCZWIVXYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIwMTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3NTU5NTA3MWEyOWQ4YzIwY2VlMWUyZWU5MjNlZTVjNjI3NmJhN2RhZDJh
ODk3MzI5ODhiYTQ3Mjc4ZjJhMjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJQzesdL8W6WK1NQ9rK8CGs5ije2H/3eLcnqXAiQC4mgpBRkt6FPTkrdSKv6
plqLgUpXEE6Dr9KMyaJWxbavFzvcgVK4iCa9pwTuFAKJUcHQcvbya3dT4czcicEW
n33cfVrylkbCGGxv7jgkvy9OQAHuBjXSHj/cWt/hmvYnqUKTOynYV+0qTUD3tV13
OUwspYtYdsmT0CzU9FCbbKogxfHfjMBtb0fc6VQwDYPKi2aDovHHSv61SRxgaeGh
K6O4VImp0UjhWzqn2e3PFP8K+ebpwI2muhfsWDrmZ9fVmKqyNj8Uqw9etYYTNFwW
Adamu6i0FHtAgRgpJ91NyBJlEv0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSqNxYU
HixKN8pR/xWT2ZpsMdMO4TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmZiYjczMDMtYzZhNC00M2RhLWJjZGItZDI2YWI3OGMzNjZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
QDANBgkqhkiG9w0BAQsFAAOCAQEAjcEDzZurcinZp5EF8ADMGnKorjMv5GB01+ua
pKlCf2Z/vDumjunXs34h6BpP4gQv6gKFEKnTh2sl2HKZ0deLrHYk/4Um1bLg+tTu
gEvPK9Zr4QFR6au+3RK8b1/lVM8aqaF1pwE2K7lLIS09WjCW85fcMA5fd6Uc3jg3
QdFk3pqYIynqnUG/hTNn8+eexkODhVVwnI7gvvCP3HeixxC49X3zEnPGJsYWl47K
/uzaxUd51ga4NE4vGtG2NF+WshNdVJh/MX7BP5DL4BjTxnjSI6PERbKdrdZOHfLc
fb5VxTFxkM/1AAdgefjA6OSI5nhByz96iDFJtyuWhLV65stLPQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:17 2025 by rpki-client