Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ec34216-a73a-4f02-b92a-08993431272e.roa
File: 6ec34216-a73a-4f02-b92a-08993431272e.roa (raw, json)
Hash identifier: fwNRqoZd3/Dhcy8C1Sjhn6G6j/Xfqwt3wt2ZC7lobEU=
Subject key identifier: 06:07:55:CC:25:7E:4D:C3:13:0A:D1:1B:05:1A:93:1C:39:35:BC:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A9D86D7E63A4463E8E3647D84D669B80A80C175
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ec34216-a73a-4f02-b92a-08993431272e.roa
Signing time: Fri 11 Jul 2025 19:50:45 +0000
ROA not before: Fri 11 Jul 2025 19:50:45 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:e080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:9d:86:d7:e6:3a:44:63:e8:e3:64:7d:84:d6:69:b8:0a:80:c1:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:50:45 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=54a2e6e6d34354bc1fa929f1a4a52e02ccc004cd70b45b0fe1d8aafc37a1ad6e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1c:8c:fb:e4:35:19:72:ba:93:e9:0b:38:46:
de:41:a5:12:a3:2a:3f:60:05:8e:3d:18:4a:17:20:
47:67:61:75:af:5a:19:b2:32:9d:b3:13:6f:dc:2c:
06:32:cc:39:59:b7:32:d4:b6:51:90:4f:9d:c5:91:
c1:1d:94:1f:9d:b0:c9:ca:a1:bc:e6:91:f1:c3:78:
ad:22:d4:fa:41:af:fe:9d:4a:d7:47:1a:d7:d0:42:
80:b9:0a:45:ce:69:0c:d2:33:bf:98:f0:90:6d:7b:
0b:0b:74:15:6a:b6:0d:8c:2a:b6:94:2d:49:ec:7b:
b3:1c:a1:b0:69:e8:44:31:71:64:58:b0:12:80:82:
fa:c8:59:1e:b8:51:34:08:f6:03:8b:93:fd:ec:a8:
1d:97:ea:4a:7d:65:8c:c0:4f:dd:e2:b2:12:8c:27:
ae:98:17:77:c0:5f:8f:a0:71:b3:76:6d:ef:31:40:
17:a0:9b:46:9e:56:88:b8:84:e2:63:b8:cd:d0:1b:
33:a7:67:78:c8:37:41:9b:d0:74:f6:a7:90:ae:c4:
05:9d:26:61:c6:44:f8:01:8e:78:18:70:57:ff:9a:
0e:1f:03:68:b4:bc:75:31:13:61:0c:96:37:90:24:
28:16:21:03:10:e2:95:5e:b4:a2:73:7b:4a:0e:24:
3a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:07:55:CC:25:7E:4D:C3:13:0A:D1:1B:05:1A:93:1C:39:35:BC:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ec34216-a73a-4f02-b92a-08993431272e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:e080::/46
Signature Algorithm: sha256WithRSAEncryption
35:ff:bf:8b:30:42:3e:07:08:c9:a0:24:fd:f6:18:4b:c5:6e:
f3:9a:0f:52:a5:a2:76:d8:f5:43:32:e4:61:d8:d7:88:b9:68:
13:bd:e7:be:d3:50:2c:4f:ed:a5:59:ba:c7:ce:20:96:b4:28:
95:c5:7f:65:62:d3:90:47:a1:8a:0e:1d:77:1f:d6:6c:4b:48:
c9:32:fb:aa:b6:b8:92:36:12:bb:0b:a2:51:aa:a3:16:e9:5f:
5d:3a:2d:1a:f1:5a:d5:22:50:f8:0d:82:0d:59:e0:d9:bd:f9:
50:5b:0c:5e:16:ed:51:c2:38:41:03:88:04:ac:0c:49:8a:4c:
62:44:b6:6c:46:91:5d:1a:54:11:ee:d2:68:4a:3f:67:21:0b:
3e:f9:d1:c9:b4:ff:05:44:12:08:c5:53:cb:d7:87:e4:95:c0:
a6:27:68:ff:0e:93:56:f0:74:f1:04:50:3c:0e:36:aa:c3:b6:
f6:1f:68:06:38:05:1d:33:a0:d8:78:3f:bc:82:84:93:27:39:
22:ee:c1:f9:75:dd:27:e3:42:a0:03:d6:43:00:7b:a5:b9:ca:
d5:d0:50:f5:ef:0e:f8:cf:79:39:f5:63:23:78:c1:4e:9a:e4:
bd:d2:0c:8e:f8:8c:ac:e7:17:f1:be:b1:3f:b6:ae:dd:11:32:
90:71:59:45
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUap2G1+Y6RGPo42R9hNZpuAqAwXUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUwNDVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0YTJlNmU2ZDM0MzU0YmMxZmE5MjlmMWE0YTUyZTAyY2NjMDA0Y2Q3MGI0
NWIwZmUxZDhhYWZjMzdhMWFkNmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgcjPvkNRlyupPpCzhG3kGlEqMqP2AFjj0YShcgR2dhda9aGbIynbMTb9ws
BjLMOVm3MtS2UZBPncWRwR2UH52wycqhvOaR8cN4rSLU+kGv/p1K10ca19BCgLkK
Rc5pDNIzv5jwkG17Cwt0FWq2DYwqtpQtSex7sxyhsGnoRDFxZFiwEoCC+shZHrhR
NAj2A4uT/eyoHZfqSn1ljMBP3eKyEownrpgXd8Bfj6Bxs3Zt7zFAF6CbRp5WiLiE
4mO4zdAbM6dneMg3QZvQdPankK7EBZ0mYcZE+AGOeBhwV/+aDh8DaLS8dTETYQyW
N5AkKBYhAxDilV60onN7Sg4kOpMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQGB1XM
JX5NwxMK0RsFGpMcOTW80jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmVjMzQyMTYtYTczYS00ZjAyLWI5MmEtMDg5OTM0MzEyNzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hvg
gDANBgkqhkiG9w0BAQsFAAOCAQEANf+/izBCPgcIyaAk/fYYS8Vu85oPUqWidtj1
QzLkYdjXiLloE73nvtNQLE/tpVm6x84glrQolcV/ZWLTkEehig4ddx/WbEtIyTL7
qra4kjYSuwuiUaqjFulfXTotGvFa1SJQ+A2CDVng2b35UFsMXhbtUcI4QQOIBKwM
SYpMYkS2bEaRXRpUEe7SaEo/ZyELPvnRybT/BUQSCMVTy9eH5JXApido/w6TVvB0
8QRQPA42qsO29h9oBjgFHTOg2Hg/vIKEkyc5Iu7B+XXdJ+NCoAPWQwB7pbnK1dBQ
9e8O+M95OfVjI3jBTprkvdIMjviMrOcX8b6xP7au3REykHFZRQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:27 2025 by rpki-client