Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/417101f4-2159-4c08-aa5e-b16ba0461450.roa
File: 417101f4-2159-4c08-aa5e-b16ba0461450.roa (raw, json)
Hash identifier: kKWUiyLWvXt2B0Lf92IQwnw0zdwhXbBL7Kyj4Y5bzmI=
Subject key identifier: EF:2F:6C:BE:6D:6A:F7:27:42:6B:70:E0:B1:24:6E:96:53:99:45:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 783F38733219B226508C61BFAE58F997C5E285B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/417101f4-2159-4c08-aa5e-b16ba0461450.roa
Signing time: Tue 20 May 2025 19:40:09 +0000
ROA not before: Tue 20 May 2025 19:40:09 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:3f:38:73:32:19:b2:26:50:8c:61:bf:ae:58:f9:97:c5:e2:85:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:40:09 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=8ca0eaecf53098067db56293236e8df89110de8e21d64d6f63bde0cd48be8881, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e0:86:4e:30:58:8d:1a:24:84:b2:56:d7:82:
8f:0f:d5:87:e4:a2:b6:5b:72:67:d4:5c:2b:ae:99:
6e:82:a9:15:62:bd:75:b4:c7:7f:45:11:d0:85:c3:
27:98:38:bb:1e:e8:a4:64:5f:29:18:53:27:fb:8c:
3e:94:03:72:0a:4d:67:1e:95:fc:dc:9d:c5:69:86:
c5:20:a6:96:3f:47:85:9d:b4:9b:b4:1b:21:e3:0d:
83:1a:f1:f9:86:d1:70:c4:35:c1:59:34:25:f6:25:
fa:01:8b:b9:08:d6:1a:f2:7c:90:5b:70:69:6d:f2:
da:57:af:07:8f:84:80:b3:d2:c5:e5:41:bb:15:6a:
3a:6a:1f:93:e9:1c:57:a6:f3:41:7e:59:65:d7:80:
c1:43:b8:9f:0e:d9:5c:03:c7:48:27:cd:ea:32:49:
36:d6:67:fc:4c:1f:b6:9b:2f:71:41:fd:d8:0d:61:
01:03:9f:a1:22:e5:32:c6:37:8a:bd:b4:b7:b5:f7:
6d:a0:6d:10:95:fe:b9:e2:9a:0b:5b:63:3f:82:da:
5a:5a:ba:02:0a:52:b7:c3:74:83:d1:f1:82:05:5f:
2a:5c:32:1b:25:d0:8d:57:1e:12:62:6b:6f:5c:15:
6e:b2:23:21:ee:50:37:5a:b1:09:59:9d:c0:b7:91:
76:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:2F:6C:BE:6D:6A:F7:27:42:6B:70:E0:B1:24:6E:96:53:99:45:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/417101f4-2159-4c08-aa5e-b16ba0461450.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:2000::/40
Signature Algorithm: sha256WithRSAEncryption
33:8c:2f:41:bf:44:5c:e4:56:cc:f5:d1:46:b5:ab:a6:a8:d8:
4a:ce:45:5b:24:c3:cb:0d:cf:11:83:b8:06:c2:ce:5f:06:24:
6a:a0:e7:0f:b7:d2:a1:f1:43:be:0c:c8:4a:4a:2e:98:16:cf:
de:3c:17:e2:ef:07:ee:3d:c7:e1:f9:bc:57:7e:58:b4:02:02:
14:42:eb:21:50:bb:51:7a:d9:0c:e8:49:d6:1a:27:7d:21:76:
6b:7a:9b:c7:4b:60:d8:6d:ad:2d:ec:2c:d6:8b:f9:92:28:c3:
ad:56:e2:0f:36:6e:f6:ce:b3:30:aa:f5:e5:26:ac:07:cd:47:
a6:e3:b0:62:02:08:0f:82:4d:3c:6c:7f:40:80:1f:67:3c:0b:
55:b3:da:69:78:81:74:72:1a:b3:ab:7d:85:80:21:11:93:0e:
17:6b:65:47:2a:15:c8:47:14:65:03:da:0e:01:a0:42:b4:53:
84:ec:97:b2:69:5f:98:90:4c:af:f6:bd:a9:09:b1:eb:7d:56:
57:84:72:b0:8a:91:a3:ad:f6:bf:3f:03:e3:ac:19:d7:75:87:
aa:eb:5c:5b:10:2c:e1:a6:70:49:e1:8b:f2:ec:13:dc:1b:36:
6f:36:6c:d3:eb:cc:3d:fb:a8:c8:64:d9:43:25:c1:bc:98:6d:
22:4d:a4:fb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeD84czIZsiZQjGG/rlj5l8XihbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQwMDlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjYTBlYWVjZjUzMDk4MDY3ZGI1NjI5MzIzNmU4ZGY4OTExMGRlOGUyMWQ2
NGQ2ZjYzYmRlMGNkNDhiZTg4ODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXghk4wWI0aJISyVteCjw/Vh+SitltyZ9RcK66ZboKpFWK9dbTHf0UR0IXD
J5g4ux7opGRfKRhTJ/uMPpQDcgpNZx6V/NydxWmGxSCmlj9HhZ20m7QbIeMNgxrx
+YbRcMQ1wVk0JfYl+gGLuQjWGvJ8kFtwaW3y2levB4+EgLPSxeVBuxVqOmofk+kc
V6bzQX5ZZdeAwUO4nw7ZXAPHSCfN6jJJNtZn/EwftpsvcUH92A1hAQOfoSLlMsY3
ir20t7X3baBtEJX+ueKaC1tjP4LaWlq6AgpSt8N0g9HxggVfKlwyGyXQjVceEmJr
b1wVbrIjIe5QN1qxCVmdwLeRdm0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTvL2y+
bWr3J0JrcOCxJG6WU5lFzzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDE3MTAxZjQtMjE1OS00YzA4LWFhNWUtYjE2YmEwNDYxNDUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hcg
MA0GCSqGSIb3DQEBCwUAA4IBAQAzjC9Bv0Rc5FbM9dFGtaumqNhKzkVbJMPLDc8R
g7gGws5fBiRqoOcPt9Kh8UO+DMhKSi6YFs/ePBfi7wfuPcfh+bxXfli0AgIUQush
ULtRetkM6EnWGid9IXZrepvHS2DYba0t7CzWi/mSKMOtVuIPNm72zrMwqvXlJqwH
zUem47BiAggPgk08bH9AgB9nPAtVs9ppeIF0chqzq32FgCERkw4Xa2VHKhXIRxRl
A9oOAaBCtFOE7JeyaV+YkEyv9r2pCbHrfVZXhHKwipGjrfa/PwPjrBnXdYeq61xb
ECzhpnBJ4Yvy7BPcGzZvNmzT68w9+6jIZNlDJcG8mG0iTaT7
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:46:40 2025 by rpki-client