Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
File: 4967c03f-f17b-42f4-bfca-8694bb963ab0.roa (raw, json)
Hash identifier: gh/cfYEOilbvpT69TFm5oSaijfZYoYmxl6tnF0xD16M=
Subject key identifier: 14:0D:C1:B0:72:7C:18:22:4A:07:0F:D8:67:60:71:65:5C:2B:59:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78BC1FFDD9404250F485A6249CA127831B54E7A2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
Signing time: Tue 20 May 2025 18:30:52 +0000
ROA not before: Tue 20 May 2025 18:30:52 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:bc:1f:fd:d9:40:42:50:f4:85:a6:24:9c:a1:27:83:1b:54:e7:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:30:52 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=50b7db215dae80ad486281e6d096765f438b3772069bcf2b0e3a3ceb2f66961c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5a:0f:e7:83:e5:60:f0:5a:58:f3:cc:42:09:
1e:3c:85:23:69:c0:b9:83:90:49:d1:c6:e6:04:68:
c3:80:6f:c3:b7:50:2c:b6:82:53:43:b3:cd:e0:a3:
39:c5:50:e4:92:c7:33:f6:d4:c8:54:21:b9:7c:31:
06:02:b3:3b:09:19:67:5e:8d:a9:e9:83:6d:09:c9:
5b:af:c2:a5:31:71:be:92:21:2c:b9:51:cc:8d:62:
c7:e9:54:44:b7:de:2e:34:a6:d1:bc:0a:e5:ee:03:
cc:81:4a:b3:1e:da:31:18:cf:fc:56:f6:8a:71:0c:
1d:ca:e6:5c:67:16:94:23:f5:86:69:fb:72:f4:12:
56:85:60:3e:6b:ae:c3:1e:4d:e0:1a:c6:b5:e9:e9:
48:f7:4b:c5:4d:81:2e:37:bd:ef:e5:e6:a4:92:2e:
3f:23:ff:84:09:ff:2b:88:35:e8:37:14:f5:62:6e:
30:6d:a2:f7:a6:3c:fe:65:d5:bc:b8:7b:4a:f7:07:
51:ad:fc:63:44:82:ba:48:ae:b2:1f:58:62:b2:cb:
8f:eb:4d:f4:0b:6f:fc:cc:f6:0e:69:83:84:7d:00:
5a:a0:51:08:41:07:f3:a5:f1:48:02:45:cd:e8:e3:
13:ce:85:d5:c0:7c:2d:f6:ae:aa:6d:dc:a0:e9:9c:
4b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:0D:C1:B0:72:7C:18:22:4A:07:0F:D8:67:60:71:65:5C:2B:59:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9040::/48
Signature Algorithm: sha256WithRSAEncryption
bd:22:4a:fe:92:60:ea:77:4d:85:69:a5:81:48:9d:7a:5a:72:
a6:8e:95:a6:8b:6a:6c:04:47:91:09:26:07:ba:f7:d7:3f:bf:
3f:2d:11:07:18:43:8e:da:ad:a2:78:98:42:6b:4f:c7:09:5c:
76:03:11:d3:10:b4:f2:c1:8d:0a:02:35:56:56:e0:ae:9a:17:
51:c0:6f:f4:e9:34:4a:20:ca:db:ed:e8:fa:aa:6b:5f:21:66:
60:56:d7:39:19:d4:2f:ac:19:13:6b:2e:4f:2a:c1:d2:3c:c7:
c0:35:52:b5:b1:72:94:e4:ba:9e:fa:25:51:d2:56:70:d3:15:
f2:5c:ed:9b:69:d1:c0:ec:c7:4a:9e:3d:97:1f:b3:b8:d9:96:
37:10:84:9a:b1:75:4f:5b:cd:f5:70:e8:2a:b0:c0:9a:34:eb:
b4:a1:ce:7d:db:a2:9d:be:56:ac:1e:97:cc:a0:20:fc:3f:e3:
01:12:cd:5e:c9:c4:9a:1e:a1:27:ee:08:7f:38:6c:9e:b9:f2:
49:1a:c8:73:ad:76:53:e8:48:1f:9c:2c:91:cb:0c:63:8b:dd:
8a:70:af:53:74:17:d7:84:f4:f3:53:2f:13:b6:d5:5e:f2:bd:
0b:84:17:37:8a:f7:9a:67:fa:75:17:93:45:02:56:38:ab:f6:
d0:0f:97:a6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeLwf/dlAQlD0haYknKEngxtU56IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMwNTJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwYjdkYjIxNWRhZTgwYWQ0ODYyODFlNmQwOTY3NjVmNDM4YjM3NzIwNjli
Y2YyYjBlM2EzY2ViMmY2Njk2MWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9aD+eD5WDwWljzzEIJHjyFI2nAuYOQSdHG5gRow4Bvw7dQLLaCU0OzzeCj
OcVQ5JLHM/bUyFQhuXwxBgKzOwkZZ16NqemDbQnJW6/CpTFxvpIhLLlRzI1ix+lU
RLfeLjSm0bwK5e4DzIFKsx7aMRjP/Fb2inEMHcrmXGcWlCP1hmn7cvQSVoVgPmuu
wx5N4BrGtenpSPdLxU2BLje97+XmpJIuPyP/hAn/K4g16DcU9WJuMG2i96Y8/mXV
vLh7SvcHUa38Y0SCukiush9YYrLLj+tN9Atv/Mz2DmmDhH0AWqBRCEEH86XxSAJF
zejjE86F1cB8Lfauqm3coOmcS0ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQUDcGw
cnwYIkoHD9hnYHFlXCtZJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDk2N2MwM2YtZjE3Yi00MmY0LWJmY2EtODY5NGJiOTYzYWIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAvSJK/pJg6ndNhWmlgUidelpypo6VpotqbARH
kQkmB7r31z+/Py0RBxhDjtqtoniYQmtPxwlcdgMR0xC08sGNCgI1VlbgrpoXUcBv
9Ok0SiDK2+3o+qprXyFmYFbXORnUL6wZE2suTyrB0jzHwDVStbFylOS6nvolUdJW
cNMV8lztm2nRwOzHSp49lx+zuNmWNxCEmrF1T1vN9XDoKrDAmjTrtKHOfduinb5W
rB6XzKAg/D/jARLNXsnEmh6hJ+4IfzhsnrnySRrIc612U+hIH5wskcsMY4vdinCv
U3QX14T081MvE7bVXvK9C4QXN4r3mmf6dReTRQJWOKv20A+Xpg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:53 2025 by rpki-client