Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a64076-9adb-4301-817c-2be1c1e1d57e.roa
File: 04a64076-9adb-4301-817c-2be1c1e1d57e.roa (raw, json)
Hash identifier: BN72lGwbbiQecFqdf+lUtuKiMRHGIA6CUXoZo9Jwnvo=
Subject key identifier: C3:87:3E:37:BC:DF:51:FB:F6:28:5C:C5:BA:00:9F:BD:10:CE:7F:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4A6180AC0AE5DCA1B9112E88DE11E26B2BDDB301
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a64076-9adb-4301-817c-2be1c1e1d57e.roa
Signing time: Tue 10 Jun 2025 17:21:14 +0000
ROA not before: Tue 10 Jun 2025 17:21:14 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:61:80:ac:0a:e5:dc:a1:b9:11:2e:88:de:11:e2:6b:2b:dd:b3:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:21:14 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=e9ee4ad437123728263aed3ccaf30229d78e17894baedf4e25d65eb1c142bd78, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:64:73:f8:9e:e5:8d:a7:ef:9a:b8:34:49:b4:
2a:b4:2c:b1:83:bf:a5:c7:e6:e4:d0:9e:e5:06:15:
5b:7d:47:df:4f:63:63:dd:26:c7:d4:a8:03:d6:0b:
11:cc:e3:7c:53:f3:32:3f:16:e1:0c:e5:3a:c6:03:
77:f4:0b:82:74:23:1c:28:64:97:54:af:d0:93:2d:
56:dc:55:3d:44:d9:6c:4e:43:7d:79:dc:27:17:8b:
41:3b:72:30:64:97:42:91:2c:f8:a1:3e:14:08:2a:
50:6a:30:ca:4e:0c:a4:2f:fc:2b:44:6b:0e:55:15:
95:4d:2f:0e:c3:4f:a2:43:31:ca:44:d7:de:3f:15:
0a:e2:e0:a1:d0:59:27:da:08:1e:47:97:98:8c:45:
17:24:b3:f2:d6:f0:80:29:a7:82:57:76:64:1e:f5:
da:0a:da:c3:bd:10:1b:f5:4d:ab:9b:11:ff:de:4c:
73:8e:09:0e:88:90:e8:cb:7b:35:4f:7b:61:fb:af:
55:e9:0a:fc:e4:76:05:1d:52:64:2c:1c:ad:af:5b:
48:d0:81:28:9c:aa:8e:35:d4:8e:31:a8:88:34:31:
e8:8b:10:ef:24:8f:b0:b4:18:10:40:2d:7d:1a:a4:
8a:f5:42:b2:53:23:dc:0d:e5:6a:2e:17:d0:75:53:
19:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:87:3E:37:BC:DF:51:FB:F6:28:5C:C5:BA:00:9F:BD:10:CE:7F:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a64076-9adb-4301-817c-2be1c1e1d57e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:800::/40
Signature Algorithm: sha256WithRSAEncryption
5c:e7:a9:51:04:e5:f3:3c:1a:89:49:2a:20:1d:2b:78:27:29:
17:ac:bc:52:40:74:fc:a2:8e:3a:d7:6b:8f:e4:b7:a2:25:5b:
45:24:4b:57:39:04:9d:05:14:70:84:2f:8e:5d:f6:84:60:70:
31:20:ed:e7:7a:fb:a7:00:50:51:48:33:a9:a7:43:9a:6d:4b:
97:67:19:b6:91:32:84:9f:48:f3:c5:97:bb:70:d0:1d:14:cb:
9d:38:d8:d3:f4:5f:54:b5:32:23:c4:de:e7:0c:dc:ce:86:24:
ed:fb:2f:73:d6:ff:48:7c:e4:0e:33:9a:02:1c:7c:2f:2b:2f:
db:98:25:21:fe:ef:ca:f5:21:aa:f4:ae:2d:b5:3d:ea:67:98:
a5:60:35:87:d0:27:32:97:ac:a3:08:84:e8:b9:35:44:af:20:
4b:9a:8c:2c:34:3c:88:64:61:6c:9d:c5:04:81:ae:6f:d9:54:
5a:a9:65:33:15:af:08:bc:2c:45:6c:75:9a:4e:0e:d3:89:12:
65:16:81:cb:b2:a8:89:5a:ab:35:61:bf:f8:5f:bb:89:c5:0c:
95:0b:b5:8c:58:ad:4c:35:ad:fd:f6:5b:9d:a9:2e:7d:d7:61:
3a:8c:29:70:ec:34:19:3d:16:13:7e:f5:11:99:63:7e:23:3d:
bd:d7:37:a3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSmGArArl3KG5ES6I3hHiayvdswEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIxMTRaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5ZWU0YWQ0MzcxMjM3MjgyNjNhZWQzY2NhZjMwMjI5ZDc4ZTE3ODk0YmFl
ZGY0ZTI1ZDY1ZWIxYzE0MmJkNzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFkc/ie5Y2n75q4NEm0KrQssYO/pcfm5NCe5QYVW31H309jY90mx9SoA9YL
EczjfFPzMj8W4QzlOsYDd/QLgnQjHChkl1Sv0JMtVtxVPUTZbE5DfXncJxeLQTty
MGSXQpEs+KE+FAgqUGowyk4MpC/8K0RrDlUVlU0vDsNPokMxykTX3j8VCuLgodBZ
J9oIHkeXmIxFFySz8tbwgCmngld2ZB712graw70QG/VNq5sR/95Mc44JDoiQ6Mt7
NU97YfuvVekK/OR2BR1SZCwcra9bSNCBKJyqjjXUjjGoiDQx6IsQ7ySPsLQYEEAt
fRqkivVCslMj3A3lai4X0HVTGV8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTDhz43
vN9R+/YoXMW6AJ+9EM5/DTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRhNjQwNzYtOWFkYi00MzAxLTgxN2MtMmJlMWMxZTFkNTdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEI
MA0GCSqGSIb3DQEBCwUAA4IBAQBc56lRBOXzPBqJSSogHSt4JykXrLxSQHT8oo46
12uP5LeiJVtFJEtXOQSdBRRwhC+OXfaEYHAxIO3nevunAFBRSDOpp0OabUuXZxm2
kTKEn0jzxZe7cNAdFMudONjT9F9UtTIjxN7nDNzOhiTt+y9z1v9IfOQOM5oCHHwv
Ky/bmCUh/u/K9SGq9K4ttT3qZ5ilYDWH0Ccyl6yjCITouTVEryBLmowsNDyIZGFs
ncUEga5v2VRaqWUzFa8IvCxFbHWaTg7TiRJlFoHLsqiJWqs1Yb/4X7uJxQyVC7WM
WK1MNa399ludqS5912E6jClw7DQZPRYTfvURmWN+Iz291zej
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:27 2025 by rpki-client