Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/32b74179-db70-4b5e-a9aa-e6ae85392a2e.roa
File: 32b74179-db70-4b5e-a9aa-e6ae85392a2e.roa (raw, json)
Hash identifier: aZe/9/SkvjSH0oAL0JS3g4YtkWHA5TK4WupL3QwrZec=
Subject key identifier: 62:B7:22:76:3D:CF:6B:59:BE:89:C6:DD:28:75:E3:82:03:1D:99:CC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30687DFEC2C0AB680BEA147E0D35DE5393144E85
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/32b74179-db70-4b5e-a9aa-e6ae85392a2e.roa
Signing time: Tue 20 May 2025 19:52:04 +0000
ROA not before: Tue 20 May 2025 19:52:04 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:e080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:68:7d:fe:c2:c0:ab:68:0b:ea:14:7e:0d:35:de:53:93:14:4e:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:52:04 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c9cf3e1049a2162fd9eb6f239438a096f33e710f6f948d68015bdd230925f600, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d7:56:87:51:5e:e3:43:ee:cd:2a:29:f7:f4:
3e:26:c8:2a:2b:1f:f9:3b:51:0b:bf:63:31:2b:05:
ef:80:8a:b9:d2:fe:83:80:6f:cd:02:67:7c:23:a9:
5d:7f:1f:2b:37:94:35:61:0b:ad:73:8e:24:a5:8a:
10:a5:a1:0b:34:13:b8:1d:01:f5:53:27:e0:0f:0a:
79:a7:48:5b:11:7b:57:98:85:d6:e5:4b:95:a4:9b:
e3:0c:12:ce:c3:3c:96:09:e6:7b:87:c3:71:f0:e0:
da:3b:6b:99:c6:a3:22:9d:ae:4b:af:df:48:7b:17:
95:32:ec:9c:b0:1a:e5:bf:9d:34:0a:48:b7:6c:cf:
c6:36:77:b4:08:d1:b9:91:3a:7a:d5:ac:76:d4:5d:
16:63:eb:39:4f:4e:38:90:be:0f:8f:8a:be:7a:36:
e1:c9:9f:6e:98:79:bd:66:96:ec:81:15:30:ef:98:
f7:5f:9b:c2:8b:b9:0d:91:1e:df:f6:57:f5:eb:25:
a2:45:f5:c0:d2:db:78:88:43:7c:0a:ea:a1:19:e9:
d7:69:8b:cd:5f:af:d1:de:90:a6:b6:47:5a:54:d6:
63:0f:97:67:4e:c8:6d:db:82:a6:08:af:7f:da:65:
07:4d:41:d3:0c:4d:af:36:8d:47:79:5e:bb:96:e6:
6d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B7:22:76:3D:CF:6B:59:BE:89:C6:DD:28:75:E3:82:03:1D:99:CC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/32b74179-db70-4b5e-a9aa-e6ae85392a2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:e080::/46
Signature Algorithm: sha256WithRSAEncryption
a3:be:6d:93:0d:3e:67:88:81:69:96:cc:97:7c:d0:3e:45:f5:
65:42:1b:5a:5a:ed:32:44:da:90:ed:80:05:54:ef:38:f3:5e:
91:10:d6:fb:b2:14:9b:33:0b:0b:bc:ef:47:e8:d4:6b:e6:34:
b1:f1:f9:fa:8e:7d:31:cf:53:67:d7:38:34:14:ef:85:0e:1e:
68:d3:ad:d3:99:11:84:98:c9:2c:8b:74:9e:4f:ff:47:37:2b:
2a:3a:41:90:db:54:fc:9f:31:4a:92:27:35:14:b6:81:a9:94:
8f:80:5d:66:59:78:b0:07:b1:19:7e:77:69:d8:62:63:55:c6:
31:e0:56:dc:b7:6e:35:95:4f:37:67:91:5e:12:c3:dc:d0:cc:
45:bf:38:da:cc:49:bc:0a:20:73:4c:83:c4:42:f1:d1:0d:fd:
2b:59:c0:fb:15:2e:cc:00:c2:08:19:69:ee:39:3d:b5:dd:18:
fc:85:af:65:a8:5b:5e:35:a8:81:8c:3e:f0:44:94:af:cf:ce:
23:ed:1e:e6:76:73:f9:6d:1c:6d:57:b7:44:4a:21:06:72:55:
f6:3e:44:ab:6a:bc:44:f2:4b:a6:bf:a0:77:d9:c7:ad:96:ee:
07:07:28:99:24:47:46:ab:88:fc:49:c1:fd:ca:48:ff:a6:7c:
ec:fb:59:d2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMGh9/sLAq2gL6hR+DTXeU5MUToUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUyMDRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5Y2YzZTEwNDlhMjE2MmZkOWViNmYyMzk0MzhhMDk2ZjMzZTcxMGY2Zjk0
OGQ2ODAxNWJkZDIzMDkyNWY2MDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjXVodRXuND7s0qKff0PibIKisf+TtRC79jMSsF74CKudL+g4BvzQJnfCOp
XX8fKzeUNWELrXOOJKWKEKWhCzQTuB0B9VMn4A8KeadIWxF7V5iF1uVLlaSb4wwS
zsM8lgnme4fDcfDg2jtrmcajIp2uS6/fSHsXlTLsnLAa5b+dNApIt2zPxjZ3tAjR
uZE6etWsdtRdFmPrOU9OOJC+D4+Kvno24cmfbph5vWaW7IEVMO+Y91+bwou5DZEe
3/ZX9eslokX1wNLbeIhDfArqoRnp12mLzV+v0d6QprZHWlTWYw+XZ07IbduCpgiv
f9plB01B0wxNrzaNR3leu5bmbcsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRityJ2
Pc9rWb6Jxt0odeOCAx2ZzDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzJiNzQxNzktZGI3MC00YjVlLWE5YWEtZTZhZTg1MzkyYTJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DXg
gDANBgkqhkiG9w0BAQsFAAOCAQEAo75tkw0+Z4iBaZbMl3zQPkX1ZUIbWlrtMkTa
kO2ABVTvOPNekRDW+7IUmzMLC7zvR+jUa+Y0sfH5+o59Mc9TZ9c4NBTvhQ4eaNOt
05kRhJjJLIt0nk//RzcrKjpBkNtU/J8xSpInNRS2gamUj4BdZll4sAexGX53adhi
Y1XGMeBW3LduNZVPN2eRXhLD3NDMRb842sxJvAogc0yDxELx0Q39K1nA+xUuzADC
CBlp7jk9td0Y/IWvZahbXjWogYw+8ESUr8/OI+0e5nZz+W0cbVe3REohBnJV9j5E
q2q8RPJLpr+gd9nHrZbuBwcomSRHRquI/EnB/cpI/6Z87PtZ0g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:32 2025 by rpki-client