Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
File: 3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa (raw, json)
Hash identifier: gyA/UlFm5V/Zvbkk5PVT3G5VNxX7I0537HwIggHmNiQ=
Subject key identifier: 38:3D:AB:EF:21:14:14:9E:FD:EB:0D:E0:0A:BB:17:E0:C8:B2:5C:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 357A3FA7A2F37A4F8E53DC91970ADA8E4A11B0B9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
Signing time: Tue 20 May 2025 20:31:27 +0000
ROA not before: Tue 20 May 2025 20:31:27 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:7a:3f:a7:a2:f3:7a:4f:8e:53:dc:91:97:0a:da:8e:4a:11:b0:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:31:27 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=1a2e95b6549229508970bd815367eff3bff8ca1d0df8ca6cbaa104fc1022bc06, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:fb:4b:5f:46:a4:da:00:c6:23:9d:b9:ac:f3:
46:dc:3e:70:99:2c:7b:2b:41:c7:e4:72:83:57:5e:
06:e1:c5:d7:b0:ef:31:72:dc:d9:a1:08:7c:42:af:
4d:33:b6:59:3c:54:25:67:d4:31:26:6c:bc:c1:78:
d2:6f:c2:92:c1:3d:0f:40:11:e4:76:fc:05:57:72:
16:d2:01:53:bb:4b:b2:c5:a6:3a:8d:de:a1:ed:36:
c9:08:2b:dd:4e:4b:de:46:92:4a:95:07:03:cd:62:
61:c5:eb:57:e8:2e:63:85:d9:ac:c9:69:e3:92:6e:
89:14:76:3a:2e:7f:09:40:e0:74:b5:f0:83:e1:43:
ca:cb:7c:66:0e:66:71:a7:96:4d:d0:0d:3c:06:06:
0e:12:bd:4e:c4:68:03:d6:a2:aa:7b:cb:e8:ad:7b:
73:c7:3e:1b:36:22:16:5c:a7:97:4b:1f:12:1e:8d:
c2:f2:7d:07:bf:7e:dc:41:f6:06:fe:bc:a4:74:5f:
01:0b:f1:66:51:be:7d:1a:c5:e4:0c:40:58:f5:b7:
da:e0:b6:83:49:ab:cf:96:48:cc:f0:4d:68:52:cc:
ba:e2:b5:c8:5e:4b:73:a9:a3:01:1e:08:1a:ae:ca:
d8:c2:ad:bf:45:24:4e:0b:d1:99:73:21:59:33:22:
de:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:3D:AB:EF:21:14:14:9E:FD:EB:0D:E0:0A:BB:17:E0:C8:B2:5C:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/38
Signature Algorithm: sha256WithRSAEncryption
89:6a:5e:bd:5d:00:9c:77:26:37:20:7c:34:4e:11:cf:fc:fd:
56:92:9c:a1:38:ca:f9:50:56:3f:f7:af:ed:d7:96:54:dc:aa:
ff:c1:3c:0c:35:78:d7:25:01:bb:09:00:2d:19:6c:3b:65:58:
d9:aa:81:85:20:60:d6:20:f4:41:d5:0a:a3:31:0c:e0:f2:69:
f0:c0:a4:f6:fd:c3:38:a5:6f:73:c0:62:20:d4:dd:d6:6d:30:
7f:7f:76:3a:15:54:8f:5a:e9:ae:c8:de:66:fc:21:0d:dd:fb:
6c:5f:47:ee:2f:3d:18:49:49:91:cf:cd:3e:76:06:d2:62:4a:
95:50:10:b0:e4:18:26:60:be:1f:33:e6:79:11:47:49:0b:bf:
2f:60:52:be:11:8b:58:39:5f:15:04:a6:67:6b:b4:1a:b6:1d:
f9:20:ce:37:91:4c:8a:ee:35:99:7c:08:c9:de:6f:9f:b4:4a:
92:f9:bb:6f:40:84:c2:a3:89:fc:d2:53:87:a6:3b:d6:f7:62:
56:30:b0:03:84:67:a2:56:af:64:2c:80:be:37:e4:02:43:dc:
9d:10:62:cf:41:1c:78:39:0a:cd:d9:79:f2:74:f0:16:a9:b7:
c8:54:51:e4:24:fd:99:12:ca:b4:43:25:95:2a:80:37:a8:2c:
73:b2:64:4b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNXo/p6Lzek+OU9yRlwrajkoRsLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMxMjdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhMmU5NWI2NTQ5MjI5NTA4OTcwYmQ4MTUzNjdlZmYzYmZmOGNhMWQwZGY4
Y2E2Y2JhYTEwNGZjMTAyMmJjMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPX7S19GpNoAxiOduazzRtw+cJkseytBx+Ryg1deBuHF17DvMXLc2aEIfEKv
TTO2WTxUJWfUMSZsvMF40m/CksE9D0AR5Hb8BVdyFtIBU7tLssWmOo3eoe02yQgr
3U5L3kaSSpUHA81iYcXrV+guY4XZrMlp45JuiRR2Oi5/CUDgdLXwg+FDyst8Zg5m
caeWTdANPAYGDhK9TsRoA9aiqnvL6K17c8c+GzYiFlynl0sfEh6NwvJ9B79+3EH2
Bv68pHRfAQvxZlG+fRrF5AxAWPW32uC2g0mrz5ZIzPBNaFLMuuK1yF5Lc6mjAR4I
Gq7K2MKtv0UkTgvRmXMhWTMi3jUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ4Pavv
IRQUnv3rDeAKuxfgyLJc1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2NmN2FlOWQtZDg2My00ZGIyLTk2MzUtZmI4NjQ3OWNmMDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQCJal69XQCcdyY3IHw0ThHP/P1WkpyhOMr5UFY/
96/t15ZU3Kr/wTwMNXjXJQG7CQAtGWw7ZVjZqoGFIGDWIPRB1QqjMQzg8mnwwKT2
/cM4pW9zwGIg1N3WbTB/f3Y6FVSPWumuyN5m/CEN3ftsX0fuLz0YSUmRz80+dgbS
YkqVUBCw5BgmYL4fM+Z5EUdJC78vYFK+EYtYOV8VBKZna7Qath35IM43kUyK7jWZ
fAjJ3m+ftEqS+btvQITCo4n80lOHpjvW92JWMLADhGeiVq9kLIC+N+QCQ9ydEGLP
QRx4OQrN2XnydPAWqbfIVFHkJP2ZEsq0QyWVKoA3qCxzsmRL
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:13 2025 by rpki-client