Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d7cce47-064e-4ba2-aec5-2acc2ca04a59.roa
File: 0d7cce47-064e-4ba2-aec5-2acc2ca04a59.roa (raw, json)
Hash identifier: gf1a/8k2HaXGt8JGIRNSC3WMuSSqM7wuovyoOGVXPYI=
Subject key identifier: 96:E3:0E:55:E4:33:7C:B4:0B:03:06:26:F4:5E:E8:5B:35:9D:E2:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11515A463AD7573A07ACB23E97A501A6556A1689
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d7cce47-064e-4ba2-aec5-2acc2ca04a59.roa
Signing time: Tue 10 Jun 2025 17:21:07 +0000
ROA not before: Tue 10 Jun 2025 17:21:07 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:51:5a:46:3a:d7:57:3a:07:ac:b2:3e:97:a5:01:a6:55:6a:16:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:21:07 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=7f659ebae2fd1e35bb002d7ed3fa5467142f7028d607bac311d3761bf5a9635e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:85:2f:11:e4:8d:d0:41:7e:3d:aa:a7:8f:2d:
e0:39:bf:ba:87:3a:9d:d0:30:4a:d8:4b:9b:5d:f6:
60:20:9e:75:df:27:08:dc:b0:d9:21:79:a2:04:34:
e1:b0:78:a3:32:a5:f6:36:23:4d:1d:54:d4:56:c7:
02:34:52:8e:19:3d:1d:d0:85:1f:16:2b:9e:6f:fc:
53:f7:4b:fa:9c:88:e9:fd:1a:9c:20:31:86:a3:2d:
56:17:ea:e7:76:99:19:38:54:a0:2a:9d:f3:26:4f:
87:07:a7:0a:8e:20:ee:c1:56:cc:91:d3:2c:c6:25:
6b:5f:58:9d:08:75:f9:b6:72:d9:74:03:45:81:b3:
9a:ba:80:d4:2a:43:2f:fe:af:fc:a2:30:18:e4:cd:
d9:f0:5e:a1:70:13:c4:aa:ae:18:08:db:97:f4:cd:
0d:30:d8:ee:d5:5a:5b:90:24:ba:2f:1e:3a:62:91:
8d:c8:58:58:cb:82:70:8d:40:37:45:7d:a2:95:23:
3f:a6:5a:a7:c0:88:0a:e3:03:a1:7c:8a:11:19:12:
cc:b0:18:2f:34:b1:0f:8b:89:e7:b2:51:8e:5b:55:
29:88:ca:ee:5f:2e:e3:a2:c6:f8:a4:0b:5d:bb:5e:
c0:dc:d4:f8:40:86:1c:51:57:69:e9:4b:9e:6f:7f:
10:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E3:0E:55:E4:33:7C:B4:0B:03:06:26:F4:5E:E8:5B:35:9D:E2:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d7cce47-064e-4ba2-aec5-2acc2ca04a59.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:800::/40
Signature Algorithm: sha256WithRSAEncryption
b6:ff:52:62:72:e8:5f:4c:f8:e6:48:96:ac:4c:2c:81:7a:a8:
b7:63:c6:fb:b0:bb:44:49:4c:bd:f1:b5:7a:bc:2e:f2:02:c4:
a5:dc:0b:a2:07:4d:ee:73:1c:55:66:e3:04:fb:7f:04:ec:01:
1c:71:d5:21:f3:d9:7a:a4:4a:68:8d:df:f3:7e:e0:00:7a:fe:
33:04:77:72:96:5a:8e:03:ad:f6:e7:8f:05:05:3a:b4:98:66:
5b:cf:ac:45:53:86:63:c2:48:d1:f2:09:99:28:dc:bb:be:82:
f7:7f:4d:6c:df:06:22:a3:3d:a4:38:5d:c3:5b:fb:b6:d4:68:
8c:7f:9c:ef:c7:42:b9:8b:b1:f7:04:48:c8:c7:f3:ff:d3:e4:
99:9c:b2:d4:14:01:f0:7d:af:52:be:5e:22:f4:18:9f:c1:84:
49:78:7c:6f:eb:3d:98:f3:27:86:cd:85:cf:29:ea:79:36:cc:
7e:bc:e7:a2:24:2f:65:92:ae:d8:98:ea:4b:93:8e:2b:91:72:
7b:d5:5d:b3:cb:88:fc:53:36:42:9c:fc:86:39:b4:ac:fd:47:
9a:7f:c5:ab:d4:f5:15:4e:a8:26:35:47:8c:72:de:09:0d:c1:
e9:02:95:32:86:f5:f3:56:d6:0e:33:61:ff:05:c7:91:04:2a:
f0:c2:59:4f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEVFaRjrXVzoHrLI+l6UBplVqFokwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIxMDdaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmNjU5ZWJhZTJmZDFlMzViYjAwMmQ3ZWQzZmE1NDY3MTQyZjcwMjhkNjA3
YmFjMzExZDM3NjFiZjVhOTYzNWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmFLxHkjdBBfj2qp48t4Dm/uoc6ndAwSthLm132YCCedd8nCNyw2SF5ogQ0
4bB4ozKl9jYjTR1U1FbHAjRSjhk9HdCFHxYrnm/8U/dL+pyI6f0anCAxhqMtVhfq
53aZGThUoCqd8yZPhwenCo4g7sFWzJHTLMYla19YnQh1+bZy2XQDRYGzmrqA1CpD
L/6v/KIwGOTN2fBeoXATxKquGAjbl/TNDTDY7tVaW5Akui8eOmKRjchYWMuCcI1A
N0V9opUjP6Zap8CICuMDoXyKERkSzLAYLzSxD4uJ57JRjltVKYjK7l8u46LG+KQL
XbtewNzU+ECGHFFXaelLnm9/EJkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSW4w5V
5DN8tAsDBib0XuhbNZ3i9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGQ3Y2NlNDctMDY0ZS00YmEyLWFlYzUtMmFjYzJjYTA0YTU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H4I
MA0GCSqGSIb3DQEBCwUAA4IBAQC2/1JicuhfTPjmSJasTCyBeqi3Y8b7sLtESUy9
8bV6vC7yAsSl3AuiB03ucxxVZuME+38E7AEccdUh89l6pEpojd/zfuAAev4zBHdy
llqOA632548FBTq0mGZbz6xFU4ZjwkjR8gmZKNy7voL3f01s3wYioz2kOF3DW/u2
1GiMf5zvx0K5i7H3BEjIx/P/0+SZnLLUFAHwfa9Svl4i9BifwYRJeHxv6z2Y8yeG
zYXPKep5Nsx+vOeiJC9lkq7YmOpLk44rkXJ71V2zy4j8UzZCnPyGObSs/Ueaf8Wr
1PUVTqgmNUeMct4JDcHpApUyhvXzVtYOM2H/BceRBCrwwllP
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:48 2025 by rpki-client