Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dfc02bb-5baf-420b-af1f-f4b8acdce23b.roa
File: 3dfc02bb-5baf-420b-af1f-f4b8acdce23b.roa (raw, json)
Hash identifier: VhKHf7dG0Nrmp/I7jOdVwUDGcj24gdJ+BYfy0vQfLA8=
Subject key identifier: 2E:64:CC:1A:1E:D9:CB:2A:34:22:F2:09:2C:17:89:F7:5E:92:7C:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67FFDD238D88775B27BB4A1C26F45DB76F645749
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dfc02bb-5baf-420b-af1f-f4b8acdce23b.roa
Signing time: Tue 20 May 2025 19:40:23 +0000
ROA not before: Tue 20 May 2025 19:40:23 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:b080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:ff:dd:23:8d:88:77:5b:27:bb:4a:1c:26:f4:5d:b7:6f:64:57:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:40:23 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=a4b60f046c7d6010fe32bdcc70a8e86afa08f5c1f52dc8651d42ed3a4c7e7edc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8b:ba:34:c7:59:51:d5:e6:75:22:8d:8b:38:
76:d0:ed:66:a8:ef:ac:af:7a:bf:8d:e4:31:6e:2c:
b9:32:28:65:3a:8b:62:aa:e8:59:03:54:10:e9:de:
5d:9a:5b:fa:ab:85:0e:35:a1:29:58:3e:15:ac:d2:
00:0d:08:63:57:ab:3e:a7:33:91:6f:a7:35:d6:89:
95:68:be:c8:a7:66:1c:fe:9e:b7:d5:19:75:22:37:
84:fb:06:43:ca:cd:bd:4e:4f:71:6b:5c:db:62:d8:
b3:b0:a0:30:c5:e5:2d:25:db:de:06:6c:79:d7:12:
42:63:28:cf:5a:0b:e1:bd:f7:86:ec:57:49:6c:b3:
26:e7:06:bc:1c:32:6f:c0:9b:c2:b2:1f:34:ad:dd:
3b:28:f3:83:16:fe:71:fc:dd:c2:cf:10:f1:61:20:
46:d2:73:f1:e4:cb:81:dd:66:69:79:42:a1:19:39:
de:06:d3:54:cd:32:27:0d:5b:42:eb:90:16:ae:e4:
dc:6a:d9:85:26:67:e6:8b:69:7e:d2:b0:b3:a0:55:
11:4f:09:42:85:f3:4d:e0:fe:d4:d6:84:9c:72:11:
c4:14:47:b5:c4:a7:1e:4b:1e:39:4b:67:81:66:3f:
69:72:13:a5:16:bf:06:59:e6:76:81:91:49:f6:2d:
5a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:64:CC:1A:1E:D9:CB:2A:34:22:F2:09:2C:17:89:F7:5E:92:7C:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dfc02bb-5baf-420b-af1f-f4b8acdce23b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:b080::/46
Signature Algorithm: sha256WithRSAEncryption
6f:2c:b0:21:55:b0:99:a8:e2:53:dd:45:da:a5:0b:e7:4b:ff:
5e:a9:78:de:fb:96:22:e7:26:01:97:70:37:bc:cd:3c:76:c1:
4e:f0:60:7e:33:f9:e3:31:d3:90:f9:d9:9a:c4:b5:57:ce:49:
41:84:a3:6d:83:07:55:af:92:ce:41:3d:be:4b:52:05:e4:11:
1e:d5:f6:b2:21:d6:73:b7:6c:19:1e:cb:8a:76:cc:c2:8f:75:
1e:a6:89:d7:b1:86:60:20:e8:8b:15:26:f5:90:06:e7:c8:b8:
f2:9e:67:fa:79:41:87:ae:73:f4:61:b8:2a:c1:52:cf:a7:9e:
87:0c:9d:0f:eb:98:e0:fd:ad:92:f6:18:cf:b9:87:0e:63:26:
1e:af:94:05:64:7d:25:e4:cf:8e:c5:2b:bf:ba:fa:6d:23:73:
df:f8:da:74:3d:52:9e:31:9b:ed:30:c8:78:73:02:ec:b0:eb:
cc:15:7a:58:0a:27:80:98:94:6e:ac:1c:64:4e:47:7b:fa:02:
76:8b:cc:aa:1d:21:5e:81:2d:41:13:97:8e:27:6b:23:bb:ea:
c3:7e:6c:23:e7:7e:9e:f9:6c:42:78:49:1a:ae:7e:87:7f:98:
e7:cb:e8:f9:6e:b7:d8:f9:f1:db:b8:80:5d:85:00:e3:a1:f5:
7a:51:3e:88
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZ//dI42Id1snu0ocJvRdt29kV0kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQwMjNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0YjYwZjA0NmM3ZDYwMTBmZTMyYmRjYzcwYThlODZhZmEwOGY1YzFmNTJk
Yzg2NTFkNDJlZDNhNGM3ZTdlZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJKLujTHWVHV5nUijYs4dtDtZqjvrK96v43kMW4suTIoZTqLYqroWQNUEOne
XZpb+quFDjWhKVg+FazSAA0IY1erPqczkW+nNdaJlWi+yKdmHP6et9UZdSI3hPsG
Q8rNvU5PcWtc22LYs7CgMMXlLSXb3gZsedcSQmMoz1oL4b33huxXSWyzJucGvBwy
b8CbwrIfNK3dOyjzgxb+cfzdws8Q8WEgRtJz8eTLgd1maXlCoRk53gbTVM0yJw1b
QuuQFq7k3GrZhSZn5otpftKws6BVEU8JQoXzTeD+1NaEnHIRxBRHtcSnHkseOUtn
gWY/aXITpRa/BlnmdoGRSfYtWscCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQuZMwa
HtnLKjQi8gksF4n3XpJ8RDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2RmYzAyYmItNWJhZi00MjBiLWFmMWYtZjRiOGFjZGNlMjNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Huw
gDANBgkqhkiG9w0BAQsFAAOCAQEAbyywIVWwmajiU91F2qUL50v/Xql43vuWIucm
AZdwN7zNPHbBTvBgfjP54zHTkPnZmsS1V85JQYSjbYMHVa+SzkE9vktSBeQRHtX2
siHWc7dsGR7LinbMwo91HqaJ17GGYCDoixUm9ZAG58i48p5n+nlBh65z9GG4KsFS
z6eehwydD+uY4P2tkvYYz7mHDmMmHq+UBWR9JeTPjsUrv7r6bSNz3/jadD1SnjGb
7TDIeHMC7LDrzBV6WAongJiUbqwcZE5He/oCdovMqh0hXoEtQROXjidrI7vqw35s
I+d+nvlsQnhJGq5+h3+Y58vo+W632Pnx27iAXYUA46H1elE+iA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:06 2025 by rpki-client