Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/207860c2-8f39-42e7-9631-e06b6a545c7d.roa
File: 207860c2-8f39-42e7-9631-e06b6a545c7d.roa (raw, json)
Hash identifier: 0d9hkmAlQB98u4hRo0D7rZqUrD/L1nlb+Lq8ezfSqqk=
Subject key identifier: 5A:95:C5:EC:04:53:81:00:46:D9:F8:A6:F8:19:7F:A3:B3:70:16:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 469CBFE5980DF4AE0F5DA64991DA5759F6C0B965
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/207860c2-8f39-42e7-9631-e06b6a545c7d.roa
Signing time: Tue 20 May 2025 18:51:07 +0000
ROA not before: Tue 20 May 2025 18:51:07 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:9c:bf:e5:98:0d:f4:ae:0f:5d:a6:49:91:da:57:59:f6:c0:b9:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:51:07 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ff8ea59018b2dbd2c889d8abc85db83726496889de31978719b2bac5fb7d8a58, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:38:ba:b9:23:f1:f3:79:92:f0:e0:5c:78:00:
44:2c:cc:ca:6b:00:10:b7:2c:d4:1d:7d:c2:ff:76:
62:87:cd:55:13:62:f0:1f:46:ba:cd:bc:ce:ae:3f:
4f:a7:5c:19:91:0d:41:78:fb:25:44:da:cf:37:03:
94:53:b5:27:41:a0:00:ec:a3:1a:e1:2c:45:11:02:
a8:5b:0a:93:4d:f0:81:05:b1:50:eb:a9:a5:3c:1b:
9d:bc:a5:4f:ff:0d:b0:d7:99:53:08:32:3f:70:1c:
3c:fe:27:76:b7:1c:ab:a0:ea:af:87:75:05:b2:3c:
78:aa:31:20:e5:37:f4:59:fe:06:82:01:56:fa:2f:
8e:5f:a4:d1:38:f6:cc:9d:4f:2a:2a:fb:f2:4b:5a:
bf:3d:ea:e7:b4:a6:08:db:50:5d:42:75:c4:c0:87:
78:a7:dc:54:97:1c:61:af:e0:cc:31:d5:c1:85:3e:
84:31:e8:4d:fe:06:40:2e:aa:72:8e:fb:dd:c7:6d:
05:66:ae:04:f0:70:12:ea:77:0e:2f:23:82:e0:36:
06:72:4f:ca:f5:c8:9e:8c:98:9a:1c:2d:5e:33:be:
78:d0:0e:47:39:f0:2e:74:06:a8:87:d4:44:74:3b:
f9:ea:8e:77:dd:ae:33:a5:6f:b1:e5:f4:65:0e:17:
0a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:95:C5:EC:04:53:81:00:46:D9:F8:A6:F8:19:7F:A3:B3:70:16:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/207860c2-8f39-42e7-9631-e06b6a545c7d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
c5:04:3e:7a:69:40:be:38:62:3a:99:92:4d:a0:94:66:07:4d:
3a:5a:89:48:0e:23:83:57:fc:1d:ce:45:83:88:eb:bf:ea:91:
01:95:d3:10:e3:b8:7d:17:31:8a:4c:c2:65:9d:a6:0e:e3:0d:
3e:fe:73:3d:cf:4a:16:8d:3a:2f:bb:34:16:0c:3e:e1:a7:9c:
aa:6d:19:cc:06:9e:28:36:e0:5d:ea:ef:fe:70:f0:90:86:e6:
c9:a8:8d:19:78:b1:ff:d6:36:b9:24:db:26:fa:f0:3d:46:af:
e7:17:b7:ea:7d:d5:c3:0b:b1:9f:b9:31:d5:05:16:a4:05:f8:
c4:e3:91:d5:33:c0:cb:cc:07:af:cf:5d:e7:9c:a6:f8:a5:45:
c3:07:ad:c9:b1:6e:4c:ea:41:4d:1e:ba:3b:90:45:63:2f:f4:
81:05:e3:85:b7:27:25:0e:d6:12:08:a1:6a:c0:8d:d3:44:03:
8c:47:38:c4:c7:f1:ee:14:98:01:89:91:57:30:18:a0:ca:ff:
6a:5c:7c:5e:5d:d0:c9:1c:8a:2d:7e:ca:5c:2d:e5:ce:2f:37:
d9:35:5e:af:9d:d0:3f:7f:89:d6:b2:49:b4:95:52:21:2f:71:
80:04:7c:b0:29:8c:04:6d:c5:6d:23:8e:4a:ff:ef:30:bd:7e:
7e:21:47:c3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURpy/5ZgN9K4PXaZJkdpXWfbAuWUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUxMDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmOGVhNTkwMThiMmRiZDJjODg5ZDhhYmM4NWRiODM3MjY0OTY4ODlkZTMx
OTc4NzE5YjJiYWM1ZmI3ZDhhNTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALw4urkj8fN5kvDgXHgARCzMymsAELcs1B19wv92YofNVRNi8B9Gus28zq4/
T6dcGZENQXj7JUTazzcDlFO1J0GgAOyjGuEsRRECqFsKk03wgQWxUOuppTwbnbyl
T/8NsNeZUwgyP3AcPP4ndrccq6Dqr4d1BbI8eKoxIOU39Fn+BoIBVvovjl+k0Tj2
zJ1PKir78ktavz3q57SmCNtQXUJ1xMCHeKfcVJccYa/gzDHVwYU+hDHoTf4GQC6q
co773cdtBWauBPBwEup3Di8jguA2BnJPyvXInoyYmhwtXjO+eNAORznwLnQGqIfU
RHQ7+eqOd92uM6VvseX0ZQ4XCnkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRalcXs
BFOBAEbZ+Kb4GX+js3AWwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjA3ODYwYzItOGYzOS00MmU3LTk2MzEtZTA2YjZhNTQ1YzdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg
wDANBgkqhkiG9w0BAQsFAAOCAQEAxQQ+emlAvjhiOpmSTaCUZgdNOlqJSA4jg1f8
Hc5Fg4jrv+qRAZXTEOO4fRcxikzCZZ2mDuMNPv5zPc9KFo06L7s0Fgw+4aecqm0Z
zAaeKDbgXerv/nDwkIbmyaiNGXix/9Y2uSTbJvrwPUav5xe36n3Vwwuxn7kx1QUW
pAX4xOOR1TPAy8wHr89d55ym+KVFwwetybFuTOpBTR66O5BFYy/0gQXjhbcnJQ7W
EgihasCN00QDjEc4xMfx7hSYAYmRVzAYoMr/alx8Xl3QyRyKLX7KXC3lzi832TVe
r53QP3+J1rJJtJVSIS9xgAR8sCmMBG3FbSOOSv/vML1+fiFHww==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:55 2025 by rpki-client