Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ca8b07f-9b0c-4146-bf64-26b25078ba32.roa
File: 3ca8b07f-9b0c-4146-bf64-26b25078ba32.roa (raw, json)
Hash identifier: vB4o6zsGv6jxiYnNwzhoJ7GBvZ5D9zudbSBvo2GEwQ4=
Subject key identifier: 1F:0F:D4:C3:AE:12:FF:0D:2A:1D:DB:B4:47:06:23:50:AD:84:2B:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 637518924F9313303405290E3A3BEF804DBFB4D9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ca8b07f-9b0c-4146-bf64-26b25078ba32.roa
Signing time: Tue 20 May 2025 19:51:14 +0000
ROA not before: Tue 20 May 2025 19:51:14 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:1080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:75:18:92:4f:93:13:30:34:05:29:0e:3a:3b:ef:80:4d:bf:b4:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:51:14 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=318a647b1237b574517fca129954f127f22d3a452f1bf97cf5d4c6ed00839de8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:10:3a:8a:5a:90:d0:6e:32:c5:f4:e1:0d:54:
e9:3d:11:51:6f:db:7b:8d:23:34:3b:86:fd:c3:b0:
58:7a:9c:b2:78:25:a1:2a:f5:b9:42:2c:7a:9d:b2:
8e:a5:b4:58:a6:b1:13:ef:aa:80:88:95:63:48:be:
7c:9e:fb:a3:d8:c6:b7:ef:ac:32:cf:3c:98:38:fc:
a5:3c:f7:10:f9:f5:0b:49:b5:4e:38:02:d9:46:7e:
a1:a7:fe:f8:b2:15:ec:8d:4b:79:8f:32:a3:e8:9d:
57:1f:93:7c:42:9f:3a:5e:9a:83:4c:80:62:d9:b3:
11:cc:09:8f:64:c3:8c:00:a9:16:41:38:1b:c5:22:
3d:f2:20:b2:03:31:a7:6e:ce:a4:fa:f0:24:d5:fa:
c1:80:e6:ae:d5:18:fa:9c:36:2b:33:ba:6e:40:de:
6f:d6:e5:77:a6:6f:6c:e0:f1:33:02:29:d7:dc:d0:
f1:44:de:1a:1a:db:47:84:94:6b:ba:8b:aa:39:a8:
b9:2b:8e:d5:33:28:c9:9e:85:50:e2:e9:ee:69:21:
07:78:23:08:d3:de:c6:bc:1b:7a:83:94:03:52:30:
21:32:cd:3d:a1:53:f6:86:21:8f:29:07:f0:c2:37:
91:d6:ca:7a:20:3d:0d:fc:31:bf:77:9d:0d:f8:91:
1d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:0F:D4:C3:AE:12:FF:0D:2A:1D:DB:B4:47:06:23:50:AD:84:2B:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ca8b07f-9b0c-4146-bf64-26b25078ba32.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:1080::/46
Signature Algorithm: sha256WithRSAEncryption
94:ef:5a:c8:f8:20:88:75:ec:6b:08:2a:3a:89:9a:6f:a9:b2:
52:89:87:2e:35:8d:6b:8c:6d:72:74:ed:3e:79:13:4a:21:4f:
2b:c9:07:dc:b4:52:c7:fc:cc:3c:ad:42:61:fd:7c:ae:08:a6:
0d:27:ab:db:5f:41:4f:90:fb:dc:bd:06:ac:22:2f:81:55:50:
2a:38:c5:0d:27:5f:6f:43:29:91:ec:21:c2:23:87:66:83:5f:
4b:fd:3a:a4:60:6f:06:17:f9:69:7d:02:30:b0:40:2d:1d:45:
19:01:9c:48:08:25:98:43:35:77:e8:e6:c2:76:42:f5:ee:64:
2b:5b:8b:ca:50:e3:cb:7f:97:1c:bb:4d:84:bc:b3:ee:d0:19:
d5:28:1a:ca:3d:8f:09:d5:f2:3d:31:c7:b3:7a:4b:5f:4b:c1:
9c:47:39:88:22:6a:31:06:af:6a:b2:6e:05:0c:6c:6b:4d:fa:
b4:77:63:a2:91:67:c8:bd:ec:c6:ff:5d:04:1b:eb:53:3b:ad:
e7:62:0f:ad:ef:a0:42:d6:d3:1e:fc:52:72:bd:22:3f:d0:48:
9a:49:3b:a1:a9:46:c2:a0:0d:f7:e0:2f:ea:2b:93:55:8c:d7:
17:fa:70:6b:90:42:74:28:10:21:f3:89:c8:62:a6:fc:e9:9a:
a8:f1:2a:4a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUY3UYkk+TEzA0BSkOOjvvgE2/tNkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUxMTRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxOGE2NDdiMTIzN2I1NzQ1MTdmY2ExMjk5NTRmMTI3ZjIyZDNhNDUyZjFi
Zjk3Y2Y1ZDRjNmVkMDA4MzlkZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIQOopakNBuMsX04Q1U6T0RUW/be40jNDuG/cOwWHqcsngloSr1uUIsep2y
jqW0WKaxE++qgIiVY0i+fJ77o9jGt++sMs88mDj8pTz3EPn1C0m1TjgC2UZ+oaf+
+LIV7I1LeY8yo+idVx+TfEKfOl6ag0yAYtmzEcwJj2TDjACpFkE4G8UiPfIgsgMx
p27OpPrwJNX6wYDmrtUY+pw2KzO6bkDeb9bld6ZvbODxMwIp19zQ8UTeGhrbR4SU
a7qLqjmouSuO1TMoyZ6FUOLp7mkhB3gjCNPexrwbeoOUA1IwITLNPaFT9oYhjykH
8MI3kdbKeiA9Dfwxv3edDfiRHTMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQfD9TD
rhL/DSod27RHBiNQrYQrqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2NhOGIwN2YtOWIwYy00MTQ2LWJmNjQtMjZiMjUwNzhiYTMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HsQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAlO9ayPggiHXsawgqOomab6myUomHLjWNa4xt
cnTtPnkTSiFPK8kH3LRSx/zMPK1CYf18rgimDSer219BT5D73L0GrCIvgVVQKjjF
DSdfb0MpkewhwiOHZoNfS/06pGBvBhf5aX0CMLBALR1FGQGcSAglmEM1d+jmwnZC
9e5kK1uLylDjy3+XHLtNhLyz7tAZ1Sgayj2PCdXyPTHHs3pLX0vBnEc5iCJqMQav
arJuBQxsa036tHdjopFnyL3sxv9dBBvrUzut52IPre+gQtbTHvxScr0iP9BImkk7
oalGwqAN9+Av6iuTVYzXF/pwa5BCdCgQIfOJyGKm/OmaqPEqSg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:59 2025 by rpki-client