Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
File: c6b4bacc-5824-4f9c-a10d-49f145db8549.roa (raw, json)
Hash identifier: RsZ+TtebLZ67sMfJhpGLiJqI+7k5hLrt0uMBArx0AWQ=
Subject key identifier: 77:E7:54:90:4E:EA:A7:24:44:6D:FA:C5:EB:42:C7:81:9D:FE:BC:A1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22B1F051967FA9412148BE79ADC400A96E89DE90
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
Signing time: Fri 20 Jun 2025 00:10:37 +0000
ROA not before: Fri 20 Jun 2025 00:10:37 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02f::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:b1:f0:51:96:7f:a9:41:21:48:be:79:ad:c4:00:a9:6e:89:de:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 20 00:10:37 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=38808293e603cfef0503a96be8bc16a2f1229b50668fcd700c1db88ac58feb43, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:28:6c:2b:d9:be:ca:df:ca:ca:b1:d9:d9:c0:
05:1e:f7:b8:f3:c3:52:c1:57:bd:b1:89:a8:30:09:
b5:19:29:45:37:1c:4c:f9:e9:19:69:56:cc:82:d8:
ca:36:42:04:f3:27:b3:10:cf:e4:c4:34:65:c9:96:
15:0a:3d:29:a9:b9:d0:21:ca:ab:a7:3e:f2:58:d5:
8e:e3:ac:ee:2b:d1:e9:c5:07:66:41:59:e4:1a:cc:
26:c2:e6:41:b5:72:98:c9:fe:c6:6c:e2:12:d5:27:
49:57:80:43:0a:1e:51:86:93:dd:29:de:ef:4a:59:
00:76:d9:5a:41:70:ee:f1:11:04:4e:ee:5a:19:b4:
b7:12:26:40:cd:35:1e:ab:1e:c8:de:8b:f0:37:85:
59:64:4b:6b:d0:57:7f:58:24:78:bf:5a:c1:ac:17:
d5:a8:19:10:aa:f7:12:cb:7c:e7:43:18:9a:60:df:
c6:ad:2d:79:9d:99:f3:73:88:a9:ec:2d:e2:64:e5:
f4:0b:94:24:49:15:d5:9f:07:f8:ee:ed:60:5c:c1:
40:bc:e0:21:b5:0f:94:d7:94:a5:c8:ed:d8:98:2d:
e9:bb:c1:29:64:6f:bf:f6:85:bb:f0:a7:d0:ef:00:
32:ca:1d:92:41:6b:74:03:ab:78:40:b2:3d:49:f0:
55:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:E7:54:90:4E:EA:A7:24:44:6D:FA:C5:EB:42:C7:81:9D:FE:BC:A1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02f::/36
Signature Algorithm: sha256WithRSAEncryption
62:3f:19:be:26:cb:4a:ce:36:1f:e4:ea:08:19:24:5f:3e:88:
9c:64:5c:51:d9:18:04:14:cd:14:88:7e:b8:95:81:4d:4a:95:
fc:23:0e:80:3d:4d:8b:12:dd:16:37:78:2e:d5:9c:5a:1e:6f:
e8:de:15:e0:5e:ea:0a:54:dd:81:b4:15:a4:a1:f1:ef:5c:24:
a8:0c:fc:96:1c:ff:60:e2:5b:7a:3b:be:01:a8:23:70:21:61:
74:49:23:b3:ba:43:5e:51:4d:aa:00:71:89:b4:84:ea:d3:30:
4d:5d:75:8b:c0:b5:4c:d7:9d:01:74:97:23:87:81:d8:0f:20:
89:fc:c6:77:4b:ff:7e:ca:0f:b8:ef:65:86:a0:4a:93:39:55:
cf:e4:02:0a:58:e1:9c:62:40:bb:32:a3:b4:70:e8:ae:56:29:
42:78:dd:0e:bc:1c:5c:cc:b0:78:f7:63:1f:88:9a:71:27:44:
0c:31:5e:4d:49:9f:b4:92:d6:29:0a:3d:70:19:c0:31:ec:7f:
90:99:70:79:1e:d7:19:20:58:fc:db:29:92:c0:a0:b3:9d:b4:
c4:19:0c:d2:9e:b0:70:04:e1:48:99:29:21:07:0b:64:81:96:
82:24:15:17:17:6d:63:76:33:ed:d4:dc:a4:c0:4e:42:1f:a8:
34:26:1d:58
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIrHwUZZ/qUEhSL55rcQAqW6J3pAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjAwMDEwMzdaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4ODA4MjkzZTYwM2NmZWYwNTAzYTk2YmU4YmMxNmEyZjEyMjliNTA2Njhm
Y2Q3MDBjMWRiODhhYzU4ZmViNDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0obCvZvsrfysqx2dnABR73uPPDUsFXvbGJqDAJtRkpRTccTPnpGWlWzILY
yjZCBPMnsxDP5MQ0ZcmWFQo9Kam50CHKq6c+8ljVjuOs7ivR6cUHZkFZ5BrMJsLm
QbVymMn+xmziEtUnSVeAQwoeUYaT3Sne70pZAHbZWkFw7vERBE7uWhm0txImQM01
HqseyN6L8DeFWWRLa9BXf1gkeL9awawX1agZEKr3Est850MYmmDfxq0teZ2Z83OI
qewt4mTl9AuUJEkV1Z8H+O7tYFzBQLzgIbUPlNeUpcjt2Jgt6bvBKWRvv/aFu/Cn
0O8AMsodkkFrdAOreECyPUnwVdECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR351SQ
TuqnJERt+sXrQseBnf68oTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzZiNGJhY2MtNTgyNC00ZjljLWExMGQtNDlmMTQ1ZGI4NTQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C8A
MA0GCSqGSIb3DQEBCwUAA4IBAQBiPxm+JstKzjYf5OoIGSRfPoicZFxR2RgEFM0U
iH64lYFNSpX8Iw6APU2LEt0WN3gu1ZxaHm/o3hXgXuoKVN2BtBWkofHvXCSoDPyW
HP9g4lt6O74BqCNwIWF0SSOzukNeUU2qAHGJtITq0zBNXXWLwLVM150BdJcjh4HY
DyCJ/MZ3S/9+yg+472WGoEqTOVXP5AIKWOGcYkC7MqO0cOiuVilCeN0OvBxczLB4
92MfiJpxJ0QMMV5NSZ+0ktYpCj1wGcAx7H+QmXB5HtcZIFj82ymSwKCznbTEGQzS
nrBwBOFImSkhBwtkgZaCJBUXF21jdjPt1NykwE5CH6g0Jh1Y
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:25:55 2025 by rpki-client