Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
File: 6f78d89d-1d32-4176-8f3e-9966f674843e.roa (raw, json)
Hash identifier: qZc22qsWer3GMvlTLSEbg5x4x4jElFK+b20gq+KPa6k=
Subject key identifier: 9E:B3:46:A1:2E:56:1F:14:7A:E7:C2:E6:BB:87:A7:9B:00:DF:7C:66
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03492E780218E01F991F7A9282A44F9157CBD90D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
Signing time: Tue 20 May 2025 20:21:32 +0000
ROA not before: Tue 20 May 2025 20:21:32 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:49:2e:78:02:18:e0:1f:99:1f:7a:92:82:a4:4f:91:57:cb:d9:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:21:32 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=d482582f72e5963b39e07174bab94ce307242f3b876eb6284fbfd97382c4d61c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:dd:34:f1:76:25:29:09:1a:a9:d6:70:b5:c8:
53:11:e7:5e:40:3f:24:04:c0:c9:32:d9:70:42:71:
36:34:3a:47:9b:ea:15:a1:d7:d6:84:7c:7b:90:69:
5d:94:e8:6a:6f:97:cd:a6:1b:7a:0b:b3:87:25:c2:
c7:00:a9:27:0b:16:0f:fc:4b:fd:c2:db:f2:32:03:
90:11:0f:a8:9e:53:5e:90:54:58:aa:da:71:01:60:
ab:f4:50:75:13:71:b5:01:41:72:6b:64:09:ab:12:
39:90:07:83:7c:52:90:c1:b3:b0:cd:41:23:f2:18:
14:41:f3:f4:19:e6:f2:2b:3a:87:34:03:c7:6d:99:
a9:5c:46:8c:6a:3c:25:8c:3e:b4:47:e4:af:48:ec:
b8:9e:63:4c:1a:30:00:94:c6:99:25:bd:9f:bb:18:
32:a9:25:4b:0a:a8:27:a2:21:94:0b:7b:66:46:94:
2e:55:6e:b8:a8:19:5e:85:e4:b0:85:c4:b2:9f:ad:
03:35:0d:d0:51:2d:15:51:26:8f:91:e3:f3:3f:e9:
7f:81:a4:dc:2d:f6:6e:2f:6c:c2:81:6c:ef:75:db:
22:1f:82:52:a9:62:89:d3:70:ae:fa:49:ea:9e:c7:
80:66:09:f5:d5:7d:8c:8e:a3:13:55:c2:9b:af:42:
fd:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B3:46:A1:2E:56:1F:14:7A:E7:C2:E6:BB:87:A7:9B:00:DF:7C:66
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071::/32
Signature Algorithm: sha256WithRSAEncryption
9d:b1:8b:f6:c6:5f:da:c6:13:de:1e:ce:64:41:9d:bc:2d:a1:
a5:32:82:70:76:9d:b8:5b:d2:a7:2f:14:a2:8b:62:36:3f:84:
03:59:39:c1:87:5a:8a:3c:8d:4a:7e:c3:42:51:d4:3e:14:7c:
8c:b2:4b:a8:6b:22:c2:90:ec:0f:c9:c3:aa:68:8c:1f:de:38:
e4:59:dc:b0:52:ff:71:4e:17:83:80:6d:f9:3c:2f:53:3f:48:
82:ae:7b:e6:df:6e:22:4f:6d:1e:b6:3a:75:ea:b6:6f:6c:fb:
1e:4d:d7:52:df:d4:d9:27:03:4b:d0:04:d0:aa:c6:fd:6b:b5:
f6:b9:2c:1f:49:1e:d1:cf:66:db:0f:39:f2:bb:79:da:ef:57:
d3:3a:20:dd:28:13:c5:63:f4:24:47:12:78:26:98:2c:c9:92:
1a:07:d8:5e:3a:24:de:c6:13:81:5e:76:fd:a2:a6:2b:3a:de:
d5:7f:21:8e:ef:24:f7:99:d1:0c:bd:bd:65:c9:d4:d1:c7:10:
8a:7b:51:7a:f6:74:b7:f4:bf:6b:84:c0:0c:be:c6:01:c4:a7:
ab:6a:98:1c:ef:0c:51:e3:b7:87:12:f0:ba:52:e8:62:ce:c7:
e8:c9:6b:ff:24:67:47:6a:0c:7e:03:03:fc:e0:fe:1a:b6:a8:
c5:3c:77:44
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUA0kueAIY4B+ZH3qSgqRPkVfL2Q0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIxMzJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0ODI1ODJmNzJlNTk2M2IzOWUwNzE3NGJhYjk0Y2UzMDcyNDJmM2I4NzZl
YjYyODRmYmZkOTczODJjNGQ2MWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvdNPF2JSkJGqnWcLXIUxHnXkA/JATAyTLZcEJxNjQ6R5vqFaHX1oR8e5Bp
XZToam+XzaYbeguzhyXCxwCpJwsWD/xL/cLb8jIDkBEPqJ5TXpBUWKracQFgq/RQ
dRNxtQFBcmtkCasSOZAHg3xSkMGzsM1BI/IYFEHz9Bnm8is6hzQDx22ZqVxGjGo8
JYw+tEfkr0jsuJ5jTBowAJTGmSW9n7sYMqklSwqoJ6IhlAt7ZkaULlVuuKgZXoXk
sIXEsp+tAzUN0FEtFVEmj5Hj8z/pf4Gk3C32bi9swoFs73XbIh+CUqliidNwrvpJ
6p7HgGYJ9dV9jI6jE1XCm69C/RUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSes0ah
LlYfFHrnwua7h6ebAN98ZjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmY3OGQ4OWQtMWQzMi00MTc2LThmM2UtOTk2NmY2NzQ4NDNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HEw
DQYJKoZIhvcNAQELBQADggEBAJ2xi/bGX9rGE94ezmRBnbwtoaUygnB2nbhb0qcv
FKKLYjY/hANZOcGHWoo8jUp+w0JR1D4UfIyyS6hrIsKQ7A/Jw6pojB/eOORZ3LBS
/3FOF4OAbfk8L1M/SIKue+bfbiJPbR62OnXqtm9s+x5N11Lf1NknA0vQBNCqxv1r
tfa5LB9JHtHPZtsPOfK7edrvV9M6IN0oE8Vj9CRHEngmmCzJkhoH2F46JN7GE4Fe
dv2ipis63tV/IY7vJPeZ0Qy9vWXJ1NHHEIp7UXr2dLf0v2uEwAy+xgHEp6tqmBzv
DFHjt4cS8LpS6GLOx+jJa/8kZ0dqDH4DA/zg/hq2qMU8d0Q=
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:55 2025 by rpki-client