Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a31701b-6e08-4967-83cb-76ea10ffab6d.roa
File: 1a31701b-6e08-4967-83cb-76ea10ffab6d.roa (raw, json)
Hash identifier: StHRkraOaMZ3uLCjsWbFWTWZcMLFz8WxRbao3pETlpE=
Subject key identifier: 51:A3:61:03:77:EC:24:A2:BB:D1:65:A6:AD:1D:72:7A:62:C9:9B:23
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 09699BED1BEE80623CF9A886927E43A73EA071BF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a31701b-6e08-4967-83cb-76ea10ffab6d.roa
Signing time: Tue 20 May 2025 19:31:30 +0000
ROA not before: Tue 20 May 2025 19:31:30 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:69:9b:ed:1b:ee:80:62:3c:f9:a8:86:92:7e:43:a7:3e:a0:71:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:31:30 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=5f8395ecf4ab8aab876fff961d60a8a48ad02b6892a0c7c5a1847ca362ae1a91, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:af:d3:18:c7:ae:a2:33:16:56:30:bf:02:bb:
7d:41:15:0d:4a:54:44:c0:dd:b0:b7:2c:3c:a3:50:
ce:bf:6e:a1:d9:f8:a1:81:16:57:b3:59:bb:b0:a8:
1b:c6:dc:8f:9e:a9:59:6c:1c:31:ea:a7:0a:b9:c8:
53:a8:2f:cf:a0:bf:56:17:fe:80:2c:6f:5d:fa:ce:
a3:5d:24:ea:bb:d5:c0:05:ed:b6:da:da:94:95:78:
83:6a:17:1c:49:22:6c:1c:d2:a0:e6:68:83:de:9d:
5c:8f:2b:9a:a7:aa:aa:39:6e:08:97:9f:61:3c:87:
20:eb:e8:db:fc:ac:7f:0a:7b:d5:2b:0d:fb:9f:8f:
df:64:40:70:fa:db:d1:70:94:5e:3d:ca:44:1c:a5:
d9:4c:03:b2:2b:77:9e:46:f2:85:04:8d:a3:f4:10:
39:c9:9b:d5:8f:7c:fe:1b:72:d4:4c:17:82:c0:94:
45:b1:88:62:cb:1f:21:26:26:ec:dc:72:20:d0:49:
a9:0e:84:00:bc:95:fd:75:3b:dc:f1:39:63:7e:eb:
38:08:83:0c:0c:89:48:1b:ea:29:6a:b2:a8:f5:33:
b7:c0:97:1d:24:a8:8c:3c:00:0c:6d:2a:53:cc:7f:
4a:c9:ac:c9:e2:cc:b2:24:db:52:05:76:73:4c:33:
20:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:A3:61:03:77:EC:24:A2:BB:D1:65:A6:AD:1D:72:7A:62:C9:9B:23
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a31701b-6e08-4967-83cb-76ea10ffab6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:a000::/40
Signature Algorithm: sha256WithRSAEncryption
97:b5:04:53:6c:4d:9f:25:1e:16:8e:a5:95:2a:47:be:aa:65:
c8:b5:89:91:c5:6c:02:ff:e2:24:bb:e9:f5:9e:d2:5e:1d:bf:
0a:cb:64:70:66:8f:f6:33:98:fd:67:e9:dd:7d:78:c7:0e:04:
09:bb:7c:b8:48:db:ae:d6:e2:5b:e6:4b:aa:53:eb:73:75:7b:
f5:85:8b:3f:c5:36:44:97:45:51:86:a8:37:d2:01:cb:cb:1c:
40:7b:f2:8e:cd:13:92:dd:40:74:9e:ab:cd:9c:be:3e:c4:24:
2b:91:c4:04:ca:f3:20:8a:d5:bb:2a:aa:28:cd:24:6d:31:17:
30:ca:6a:01:f8:9d:5f:88:3c:c7:0c:17:62:e8:87:e4:34:2d:
53:6e:9c:bf:db:cd:32:1a:79:75:a3:aa:e9:0c:03:13:36:36:
5f:04:7a:b0:c4:48:1c:0c:6d:fe:46:4e:fa:38:74:d5:c2:3f:
be:8c:6e:70:58:ec:24:ca:a0:ec:03:4f:01:b1:16:c3:47:28:
96:d6:5e:07:67:d3:b0:2f:53:6a:d3:ec:9b:80:bd:39:ea:84:
82:dd:8c:b0:bb:2d:42:1f:61:c3:14:1a:56:d9:ab:78:0b:8b:
4b:f2:2d:4f:fc:27:4d:5e:55:5f:68:76:a4:97:b9:e2:30:8b:
36:c7:5e:f1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCWmb7RvugGI8+aiGkn5Dpz6gcb8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTMxMzBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmODM5NWVjZjRhYjhhYWI4NzZmZmY5NjFkNjBhOGE0OGFkMDJiNjg5MmEw
YzdjNWExODQ3Y2EzNjJhZTFhOTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKv0xjHrqIzFlYwvwK7fUEVDUpURMDdsLcsPKNQzr9uodn4oYEWV7NZu7Co
G8bcj56pWWwcMeqnCrnIU6gvz6C/Vhf+gCxvXfrOo10k6rvVwAXtttralJV4g2oX
HEkibBzSoOZog96dXI8rmqeqqjluCJefYTyHIOvo2/ysfwp71SsN+5+P32RAcPrb
0XCUXj3KRByl2UwDsit3nkbyhQSNo/QQOcmb1Y98/hty1EwXgsCURbGIYssfISYm
7NxyINBJqQ6EALyV/XU73PE5Y37rOAiDDAyJSBvqKWqyqPUzt8CXHSSojDwADG0q
U8x/SsmsyeLMsiTbUgV2c0wzILMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRo2ED
d+wkorvRZaatHXJ6YsmbIzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWEzMTcwMWItNmUwOC00OTY3LTgzY2ItNzZlYTEwZmZhYjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWg
MA0GCSqGSIb3DQEBCwUAA4IBAQCXtQRTbE2fJR4WjqWVKke+qmXItYmRxWwC/+Ik
u+n1ntJeHb8Ky2RwZo/2M5j9Z+ndfXjHDgQJu3y4SNuu1uJb5kuqU+tzdXv1hYs/
xTZEl0VRhqg30gHLyxxAe/KOzROS3UB0nqvNnL4+xCQrkcQEyvMgitW7KqoozSRt
MRcwymoB+J1fiDzHDBdi6IfkNC1Tbpy/280yGnl1o6rpDAMTNjZfBHqwxEgcDG3+
Rk76OHTVwj++jG5wWOwkyqDsA08BsRbDRyiW1l4HZ9OwL1Nq0+ybgL056oSC3Yyw
uy1CH2HDFBpW2at4C4tL8i1P/CdNXlVfaHakl7niMIs2x17x
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:59 2025 by rpki-client