Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
File: 3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa (raw, json)
Hash identifier: H7TQISiZPLf4FbJoqkEVHsUjHCZckBLHbQcdLbDcXO0=
Subject key identifier: FE:D6:8F:B4:AC:3C:F4:51:0D:96:E5:25:09:82:52:59:34:BD:B2:53
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7BFE2D29A3BD667CB990FCA3FE78BFCF56CD888F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
Signing time: Tue 20 May 2025 19:11:06 +0000
ROA not before: Tue 20 May 2025 19:11:06 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:fe:2d:29:a3:bd:66:7c:b9:90:fc:a3:fe:78:bf:cf:56:cd:88:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:11:06 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=f9a50f53b51b43f0a508d4f7aba8e67a51fe31512a6f7127388acc024242cb1c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2a:91:27:b5:9b:d4:38:5d:ca:ef:af:aa:64:
99:96:df:16:a9:6c:3b:e9:68:e2:1c:0f:4b:45:92:
69:76:15:2b:51:5a:b6:8d:4d:74:03:0e:da:54:a1:
43:51:5a:84:d7:98:d3:d4:d6:b9:83:c7:98:ea:f2:
cd:b6:38:ab:a7:a5:9c:ba:2f:ce:d4:0f:6e:04:93:
e7:e5:d8:97:0e:39:c7:4d:6d:32:d0:57:6a:a7:0f:
c5:d6:36:7b:04:c2:cc:0f:4f:78:32:89:c6:95:dc:
c5:ff:06:07:14:7a:46:36:4d:ea:ae:6d:18:3e:a3:
e9:6f:42:05:76:4d:b8:4a:90:b6:00:86:70:61:13:
84:2a:8d:a5:c7:c8:98:c9:c1:a4:ff:87:e1:e4:8b:
0d:48:db:f0:4e:67:cb:20:ae:0d:4b:18:4f:56:39:
1c:87:37:51:07:67:e9:6b:9a:c3:ad:e0:4d:f6:3e:
3c:70:ce:4f:68:18:a0:49:5a:9c:13:dc:a3:9a:53:
6d:78:33:7e:9d:46:ec:ee:59:ac:a1:30:4c:4d:1f:
e3:d4:e1:39:4c:78:82:a6:38:7a:51:9e:ec:61:d6:
8a:fa:52:d4:85:7f:f2:65:ae:97:0e:23:56:23:96:
4a:25:6f:b4:c7:6f:56:ec:2b:9b:b4:93:b3:aa:8c:
3b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:D6:8F:B4:AC:3C:F4:51:0D:96:E5:25:09:82:52:59:34:BD:B2:53
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8040::/48
Signature Algorithm: sha256WithRSAEncryption
5d:a4:78:2b:6e:2f:ac:54:27:24:68:ba:f8:72:77:f0:77:c2:
8a:bd:b5:f7:3a:e4:ed:ea:0d:59:9f:2c:fe:42:e1:75:05:59:
f9:38:c2:23:34:c1:0a:5d:85:80:d7:6b:29:45:ab:a2:a8:f6:
d5:9b:6d:25:61:ef:dc:df:5e:d4:0f:9a:c9:f1:dd:a7:d5:e9:
af:67:bb:6e:bc:c0:a5:ba:04:58:f6:66:77:73:58:42:94:98:
da:b0:37:de:63:d6:8a:ad:6e:99:62:a9:7c:97:47:08:bb:c1:
30:ff:65:b9:f8:f9:8e:85:11:64:7c:78:e7:ff:e5:d7:11:c7:
fa:46:1e:11:77:12:fa:23:86:43:a8:7c:d6:d7:67:1a:90:92:
12:db:ba:57:eb:95:6b:88:e1:bd:94:9f:97:c4:c6:31:13:31:
76:28:6c:66:4e:35:e5:17:5e:60:b0:28:3b:14:bc:1e:d2:ba:
a5:11:58:49:62:de:e7:1f:df:a7:2f:fb:c9:87:91:45:0b:10:
3e:33:21:cc:04:a4:de:cd:65:2e:3f:db:1d:08:09:dc:87:67:
ca:b8:a4:eb:42:cb:f1:4a:5f:23:f2:9b:76:20:43:45:da:57:
dc:bd:88:9a:22:08:7a:d4:4d:a9:70:43:ea:52:27:0c:83:9c:
b0:00:4f:31
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe/4tKaO9Zny5kPyj/ni/z1bNiI8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTExMDZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5YTUwZjUzYjUxYjQzZjBhNTA4ZDRmN2FiYThlNjdhNTFmZTMxNTEyYTZm
NzEyNzM4OGFjYzAyNDI0MmNiMWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQqkSe1m9Q4Xcrvr6pkmZbfFqlsO+lo4hwPS0WSaXYVK1Fato1NdAMO2lSh
Q1FahNeY09TWuYPHmOryzbY4q6elnLovztQPbgST5+XYlw45x01tMtBXaqcPxdY2
ewTCzA9PeDKJxpXcxf8GBxR6RjZN6q5tGD6j6W9CBXZNuEqQtgCGcGEThCqNpcfI
mMnBpP+H4eSLDUjb8E5nyyCuDUsYT1Y5HIc3UQdn6Wuaw63gTfY+PHDOT2gYoEla
nBPco5pTbXgzfp1G7O5ZrKEwTE0f49ThOUx4gqY4elGe7GHWivpS1IV/8mWulw4j
ViOWSiVvtMdvVuwrm7STs6qMOysCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT+1o+0
rDz0UQ2W5SUJglJZNL2yUzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Y1Y2MxY2EtMGRiYS00NGE3LThiYjMtZWZlODQ4Y2M3OWJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
QDANBgkqhkiG9w0BAQsFAAOCAQEAXaR4K24vrFQnJGi6+HJ38HfCir219zrk7eoN
WZ8s/kLhdQVZ+TjCIzTBCl2FgNdrKUWroqj21ZttJWHv3N9e1A+ayfHdp9Xpr2e7
brzApboEWPZmd3NYQpSY2rA33mPWiq1umWKpfJdHCLvBMP9lufj5joURZHx45//l
1xHH+kYeEXcS+iOGQ6h81tdnGpCSEtu6V+uVa4jhvZSfl8TGMRMxdihsZk415Rde
YLAoOxS8HtK6pRFYSWLe5x/fpy/7yYeRRQsQPjMhzASk3s1lLj/bHQgJ3Idnyrik
60LL8UpfI/KbdiBDRdpX3L2ImiIIetRNqXBD6lInDIOcsABPMQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:27 2025 by rpki-client