Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
File: fec4786d-f73f-4e64-99a3-0377bdf5c566.roa (raw, json)
Hash identifier: LGGeTbtExlvI6Zu4h6GMxAnIa0NP/bY1Vet0OUjFo+w=
Subject key identifier: 55:38:FC:73:EB:22:6D:46:A1:5A:43:83:FA:CE:69:EF:DC:22:54:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 66B7A582F42E1DF897F6DC3E79953F62B33CE3D9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
Signing time: Mon 16 Jun 2025 21:50:07 +0000
ROA not before: Mon 16 Jun 2025 21:50:07 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02e::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:b7:a5:82:f4:2e:1d:f8:97:f6:dc:3e:79:95:3f:62:b3:3c:e3:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:50:07 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=2e6dda635fa34ea81db14b04b16bb88387d15873cb3e54653d50a36bbb8db568, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:40:23:79:57:73:5d:5b:10:d2:a0:5d:e5:a7:
4a:2a:ec:42:94:e7:38:66:14:06:7c:3f:4e:28:c6:
fb:fa:b4:0b:99:2a:0e:3e:1d:c5:43:a0:69:b7:0f:
cf:fe:19:eb:d1:45:a2:45:2c:d4:9a:04:cd:e6:fd:
42:b6:d3:3d:9d:cb:30:32:0d:44:65:b5:b5:e8:f9:
6d:5b:05:cc:8d:ee:f8:34:01:00:59:8d:76:3a:c3:
ad:6c:24:ea:fb:12:15:ae:2d:84:6c:9c:d9:d9:56:
84:25:e8:01:b5:6e:29:6c:8f:cd:6b:1e:83:ac:34:
83:90:41:ed:c1:02:ed:6b:2e:7c:a6:7c:86:f8:94:
fe:2d:e2:0f:40:7c:0a:03:d2:08:89:1a:9c:bb:e0:
45:d1:ed:dc:c9:77:80:b1:15:63:42:eb:78:86:62:
b9:83:32:e7:e8:7d:4b:65:c7:48:26:f5:f2:4d:49:
65:e2:07:22:28:cd:b2:5a:8a:51:fe:af:8b:9f:1b:
f2:d1:7e:9a:88:7f:ac:fb:89:56:18:05:d9:db:7e:
e1:cb:39:be:ef:37:4a:f0:eb:7d:5d:da:27:65:7f:
e8:51:f1:5a:85:0e:e3:a2:1a:fc:0f:4e:64:e9:79:
5e:2e:04:89:0d:61:eb:2d:f4:60:89:d9:12:88:b2:
7b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:38:FC:73:EB:22:6D:46:A1:5A:43:83:FA:CE:69:EF:DC:22:54:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02e::/36
Signature Algorithm: sha256WithRSAEncryption
59:ef:66:92:b5:fb:92:b1:12:bd:81:21:6b:c9:8e:77:15:e5:
de:68:7d:54:55:0a:c7:29:bd:91:f1:97:b8:2c:d0:d8:84:8a:
91:3d:58:da:34:be:d7:d2:1b:9a:dd:aa:64:60:9d:3a:65:32:
30:8c:3c:e8:15:90:8a:8f:13:74:79:30:a3:7c:6a:89:30:4c:
a8:67:c7:83:63:e8:0e:59:f6:9d:01:0f:66:47:f5:f1:91:95:
b6:a3:f6:2a:21:b1:81:75:6b:56:6e:1d:ab:fd:ca:8f:22:fc:
fb:03:aa:7d:ad:29:bb:32:f7:f1:37:67:b3:59:c3:b0:82:04:
23:94:da:cc:d4:a9:79:35:de:dd:5f:9e:06:f4:69:6c:0a:ae:
b1:35:02:ce:5d:b1:29:12:0a:d2:41:24:9f:1a:ff:da:06:04:
1f:40:0f:38:93:fb:98:bc:f4:1e:cc:66:c5:d8:07:6f:cd:c0:
5d:a9:79:8e:c7:71:06:d4:4a:36:16:d1:21:bf:d1:59:7e:5c:
b1:90:20:98:f0:b7:6c:f3:c9:1f:29:25:ae:5f:c3:8b:0b:70:
c0:65:80:fb:f3:9c:ce:df:3e:e3:bd:fc:20:e2:12:22:2a:68:
66:e7:45:7c:9d:6a:f4:8a:fa:98:fc:e3:54:c8:00:2e:3c:05:
c1:e2:b6:62
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZrelgvQuHfiX9tw+eZU/YrM849kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTUwMDdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlNmRkYTYzNWZhMzRlYTgxZGIxNGIwNGIxNmJiODgzODdkMTU4NzNjYjNl
NTQ2NTNkNTBhMzZiYmI4ZGI1NjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9AI3lXc11bENKgXeWnSirsQpTnOGYUBnw/TijG+/q0C5kqDj4dxUOgabcP
z/4Z69FFokUs1JoEzeb9QrbTPZ3LMDINRGW1tej5bVsFzI3u+DQBAFmNdjrDrWwk
6vsSFa4thGyc2dlWhCXoAbVuKWyPzWseg6w0g5BB7cEC7WsufKZ8hviU/i3iD0B8
CgPSCIkanLvgRdHt3Ml3gLEVY0LreIZiuYMy5+h9S2XHSCb18k1JZeIHIijNslqK
Uf6vi58b8tF+moh/rPuJVhgF2dt+4cs5vu83SvDrfV3aJ2V/6FHxWoUO46Ia/A9O
ZOl5Xi4EiQ1h6y30YInZEoiye/8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRVOPxz
6yJtRqFaQ4P6zmnv3CJU0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmVjNDc4NmQtZjczZi00ZTY0LTk5YTMtMDM3N2JkZjVjNTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C4A
MA0GCSqGSIb3DQEBCwUAA4IBAQBZ72aStfuSsRK9gSFryY53FeXeaH1UVQrHKb2R
8Ze4LNDYhIqRPVjaNL7X0hua3apkYJ06ZTIwjDzoFZCKjxN0eTCjfGqJMEyoZ8eD
Y+gOWfadAQ9mR/XxkZW2o/YqIbGBdWtWbh2r/cqPIvz7A6p9rSm7MvfxN2ezWcOw
ggQjlNrM1Kl5Nd7dX54G9GlsCq6xNQLOXbEpEgrSQSSfGv/aBgQfQA84k/uYvPQe
zGbF2AdvzcBdqXmOx3EG1Eo2FtEhv9FZflyxkCCY8Lds88kfKSWuX8OLC3DAZYD7
85zO3z7jvfwg4hIiKmhm50V8nWr0ivqY/ONUyAAuPAXB4rZi
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:23 2025 by rpki-client