Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
File: 0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa (raw, json)
Hash identifier: TekNXzfRagfEwCpulhpA9G7DwG4AycqVqBdGm6zsMrw=
Subject key identifier: 2B:E9:DA:C6:46:E0:82:9F:E2:53:92:70:0C:8C:DF:CB:25:4D:08:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 272059E1288027C874931A83F4F19A12883EAA39
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
Signing time: Sat 24 May 2025 00:30:13 +0000
ROA not before: Sat 24 May 2025 00:30:13 +0000
ROA not after: Sat 28 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:20:59:e1:28:80:27:c8:74:93:1a:83:f4:f1:9a:12:88:3e:aa:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 24 00:30:13 2025 GMT
Not After : Jun 28 23:59:59 2025 GMT
Subject: serialNumber=1716a3b9f672eed8400aa36d62deae3e6d99104b5f28b78d0ef6e58fa5109c5c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b6:9b:ba:b2:7c:bb:0c:1b:97:94:b3:a1:76:
45:46:5d:37:9c:b1:29:ac:c0:66:9a:91:b1:d5:9a:
2f:27:02:73:66:58:83:81:cc:92:88:25:cb:ba:cf:
1a:01:05:84:10:d8:77:fa:06:16:7c:0f:d8:82:9b:
48:dd:98:7c:71:99:da:59:fd:6c:d6:a5:2f:1e:ac:
68:86:8a:cd:d3:08:dd:e3:2b:5e:9e:01:c0:6b:08:
e1:1d:e1:c1:20:e7:fd:2c:95:10:94:09:54:fe:00:
ad:40:e2:d0:ed:ef:1a:93:15:ab:92:31:f6:b0:80:
f3:05:ba:1c:fe:39:13:d4:e8:60:bd:65:14:cd:9b:
3e:d7:61:be:61:b0:4b:6e:e6:b5:e0:6d:2c:81:90:
ec:8a:82:8f:66:96:84:ea:b9:85:c3:23:26:2e:41:
5d:ca:c3:f6:28:54:33:87:9a:80:a8:74:79:a7:2e:
bb:e0:bf:3f:47:1d:72:ba:05:59:94:40:e7:4f:ed:
4b:44:09:1b:6a:b4:67:d0:68:06:17:c1:d2:89:03:
30:a1:2c:d9:7c:4c:5f:10:a6:36:11:8c:98:4f:f2:
fc:a8:b4:c4:a3:ac:d9:73:ee:f8:97:59:f7:0e:df:
fd:3e:52:58:3a:91:f2:69:f0:cf:5b:b8:65:38:c2:
6a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E9:DA:C6:46:E0:82:9F:E2:53:92:70:0C:8C:DF:CB:25:4D:08:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1400::/38
Signature Algorithm: sha256WithRSAEncryption
51:59:4b:59:a4:e1:3d:3a:96:90:7a:f3:f0:22:11:e0:a8:73:
fc:35:c7:d2:ad:fd:b0:af:35:7a:1d:5a:3f:52:83:f5:d3:49:
2d:a1:c3:09:65:9d:0f:33:2c:77:bb:b4:56:85:f6:80:fd:d4:
6f:b5:44:a9:d5:60:6c:50:ae:c8:06:0e:7f:16:7a:8f:1b:6b:
ca:7a:17:26:ec:c5:08:5d:36:53:b4:d8:7e:fd:8e:2a:fb:04:
46:48:c7:d0:86:6e:25:5f:4c:2b:c8:a4:f4:a0:0c:99:a1:09:
d4:61:73:df:ad:ca:73:f1:fa:0d:34:57:86:46:e4:5e:32:63:
01:f4:c0:44:d2:5c:7a:1a:40:2e:1b:8b:a7:86:31:fc:20:e2:
d0:5f:2c:27:9d:f4:fe:43:1e:a5:be:4b:5c:77:89:4e:5a:d4:
ca:e2:c3:73:4b:5a:46:b1:13:20:b6:f3:6c:3f:2a:3c:2f:e3:
a5:46:d9:96:3a:86:87:83:a9:0d:8a:08:f8:91:b4:ff:83:d7:
ec:fb:5d:d1:94:5f:59:4b:52:28:2e:47:90:00:95:e1:85:17:
52:07:6c:bc:71:c5:bc:bf:40:8e:00:3c:33:65:34:b9:65:7a:
40:58:9b:ef:08:9b:22:8a:09:0f:35:bd:71:1b:eb:a8:11:83:
d1:1c:8e:35
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJyBZ4SiAJ8h0kxqD9PGaEog+qjkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjQwMDMwMTNaFw0yNTA2MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3MTZhM2I5ZjY3MmVlZDg0MDBhYTM2ZDYyZGVhZTNlNmQ5OTEwNGI1ZjI4
Yjc4ZDBlZjZlNThmYTUxMDljNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+2m7qyfLsMG5eUs6F2RUZdN5yxKazAZpqRsdWaLycCc2ZYg4HMkogly7rP
GgEFhBDYd/oGFnwP2IKbSN2YfHGZ2ln9bNalLx6saIaKzdMI3eMrXp4BwGsI4R3h
wSDn/SyVEJQJVP4ArUDi0O3vGpMVq5Ix9rCA8wW6HP45E9ToYL1lFM2bPtdhvmGw
S27mteBtLIGQ7IqCj2aWhOq5hcMjJi5BXcrD9ihUM4eagKh0eacuu+C/P0cdcroF
WZRA50/tS0QJG2q0Z9BoBhfB0okDMKEs2XxMXxCmNhGMmE/y/Ki0xKOs2XPu+JdZ
9w7f/T5SWDqR8mnwz1u4ZTjCag8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQr6drG
RuCCn+JTknAMjN/LJU0InTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGZlMjc5Y2YtYjU1Zi00ZDk2LTk5NTgtZWMzZWNkNjRiMGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQU
MA0GCSqGSIb3DQEBCwUAA4IBAQBRWUtZpOE9OpaQevPwIhHgqHP8NcfSrf2wrzV6
HVo/UoP100ktocMJZZ0PMyx3u7RWhfaA/dRvtUSp1WBsUK7IBg5/FnqPG2vKehcm
7MUIXTZTtNh+/Y4q+wRGSMfQhm4lX0wryKT0oAyZoQnUYXPfrcpz8foNNFeGRuRe
MmMB9MBE0lx6GkAuG4unhjH8IOLQXywnnfT+Qx6lvktcd4lOWtTK4sNzS1pGsRMg
tvNsPyo8L+OlRtmWOoaHg6kNigj4kbT/g9fs+13RlF9ZS1IoLkeQAJXhhRdSB2y8
ccW8v0COADwzZTS5ZXpAWJvvCJsiigkPNb1xG+uoEYPRHI41
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:04 2025 by rpki-client