Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
File: 6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa (raw, json)
Hash identifier: PTfZMafgZapj3c3yA02wv4y3myYUnSrqU+tb6a74J38=
Subject key identifier: 98:62:07:7F:20:B5:7B:24:68:48:0E:93:BA:6F:68:55:3F:06:00:A3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DB1BEBD70A1448823DCAF7ADEA38520D64C4957
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
Signing time: Tue 20 May 2025 20:30:53 +0000
ROA not before: Tue 20 May 2025 20:30:53 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:b1:be:bd:70:a1:44:88:23:dc:af:7a:de:a3:85:20:d6:4c:49:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:30:53 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=9f6b87ee830d79fa397bde1d7fa916ccae6d44390637f8a9c45390a6ba6cd4bf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9c:7e:af:dc:31:f1:42:ba:0f:9a:bb:56:91:
44:3b:f4:80:47:47:76:4f:0c:30:37:bb:98:8c:3e:
c8:b3:f1:fd:8b:d7:f5:71:5c:9f:1c:f3:3a:de:29:
df:f3:fe:19:03:91:4b:a5:80:e0:06:ff:ed:a9:ef:
9a:63:54:8c:e5:7a:02:f9:7c:09:d0:45:51:56:2c:
a5:e6:b6:33:45:1b:be:59:d2:b3:8a:fc:98:07:01:
a7:5c:e2:3a:33:00:95:e8:6f:9b:f3:29:3b:35:91:
dd:4f:b0:48:7b:41:9b:20:f3:55:aa:3d:4c:6d:ef:
35:f8:50:c4:46:73:3f:47:d0:97:c5:0b:5a:61:7a:
eb:59:f4:4d:a2:f9:f7:e5:38:67:5f:d8:94:22:72:
e1:94:ea:56:47:58:a3:bf:b2:8e:bc:42:5d:52:a3:
9a:33:23:b1:d1:fc:04:a2:76:8c:a1:f1:0d:3b:b3:
87:fd:f7:dd:48:b9:fd:11:00:37:38:10:b9:ea:f7:
f8:37:8d:ad:83:3b:d1:5e:69:7c:68:80:99:6a:47:
80:61:a8:33:c1:32:f0:c9:1f:55:61:07:64:7b:ca:
7e:79:2c:7c:c0:62:05:c7:e9:6d:17:ef:8b:4a:c6:
40:da:51:28:17:05:41:fe:42:a2:fc:14:2f:c5:81:
7a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:62:07:7F:20:B5:7B:24:68:48:0E:93:BA:6F:68:55:3F:06:00:A3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/36
Signature Algorithm: sha256WithRSAEncryption
a8:ea:44:6b:fc:71:5e:42:b3:fe:2a:40:87:0c:3b:8d:e9:24:
3d:3a:9c:78:b0:05:8b:7c:ca:26:69:0f:07:aa:48:b1:d5:79:
d4:02:7a:67:4b:71:92:4d:c1:76:a5:2f:35:7e:2e:cb:67:98:
a3:d8:c8:d3:98:d1:e2:f0:bf:ae:bf:11:06:f2:3a:6e:0a:86:
85:79:bb:08:b9:b1:89:6e:da:b5:b8:1b:71:a0:66:32:44:56:
20:2a:2c:b4:34:90:5a:45:66:0e:ba:09:d9:2c:e4:4c:b9:c4:
b0:99:91:92:91:c7:e1:fb:a8:c6:5a:1b:c8:28:c9:1c:c5:05:
b7:67:e6:17:88:9d:78:2d:d8:5b:05:4a:a0:d2:22:11:eb:b6:
13:b4:02:d0:f5:a6:de:63:42:88:56:a2:86:80:32:72:94:7f:
b5:d9:3d:fa:31:20:0b:ae:8b:2d:59:d4:53:79:3d:ab:f1:20:
6b:a8:88:11:dc:ac:8a:57:99:5c:6e:1b:42:36:55:30:9b:ac:
07:cc:9b:34:2d:ca:be:6b:2f:b9:9a:7d:bd:c0:5b:64:db:f8:
1f:f5:27:fe:47:07:62:19:7b:c3:68:79:71:3e:8a:ad:73:bc:
a9:5b:5f:17:df:0a:26:4a:de:e8:15:1e:46:09:71:94:13:c2:
3b:86:09:b8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULbG+vXChRIgj3K963qOFINZMSVcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMwNTNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmNmI4N2VlODMwZDc5ZmEzOTdiZGUxZDdmYTkxNmNjYWU2ZDQ0MzkwNjM3
ZjhhOWM0NTM5MGE2YmE2Y2Q0YmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKScfq/cMfFCug+au1aRRDv0gEdHdk8MMDe7mIw+yLPx/YvX9XFcnxzzOt4p
3/P+GQORS6WA4Ab/7anvmmNUjOV6Avl8CdBFUVYspea2M0UbvlnSs4r8mAcBp1zi
OjMAlehvm/MpOzWR3U+wSHtBmyDzVao9TG3vNfhQxEZzP0fQl8ULWmF661n0TaL5
9+U4Z1/YlCJy4ZTqVkdYo7+yjrxCXVKjmjMjsdH8BKJ2jKHxDTuzh/333Ui5/REA
NzgQuer3+DeNrYM70V5pfGiAmWpHgGGoM8Ey8MkfVWEHZHvKfnksfMBiBcfpbRfv
i0rGQNpRKBcFQf5CovwUL8WBehcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSYYgd/
ILV7JGhIDpO6b2hVPwYAozAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU1OGZhMTctMGNmYy00YTA2LThkNDgtNDdkOTZjMGQ0OWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQCo6kRr/HFeQrP+KkCHDDuN6SQ9Opx4sAWLfMom
aQ8Hqkix1XnUAnpnS3GSTcF2pS81fi7LZ5ij2MjTmNHi8L+uvxEG8jpuCoaFebsI
ubGJbtq1uBtxoGYyRFYgKiy0NJBaRWYOugnZLORMucSwmZGSkcfh+6jGWhvIKMkc
xQW3Z+YXiJ14LdhbBUqg0iIR67YTtALQ9abeY0KIVqKGgDJylH+12T36MSALrost
WdRTeT2r8SBrqIgR3KyKV5lcbhtCNlUwm6wHzJs0Lcq+ay+5mn29wFtk2/gf9Sf+
RwdiGXvDaHlxPoqtc7ypW18X3womSt7oFR5GCXGUE8I7hgm4
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:21 2025 by rpki-client