Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c5783ee-ddea-4cae-b6f4-3d26d328b36c.roa
File: 4c5783ee-ddea-4cae-b6f4-3d26d328b36c.roa (raw, json)
Hash identifier: 75gHbM2wC0S77b8bVGNtyJkHVoarQqwxMs+p/anpglQ=
Subject key identifier: 49:B4:97:F3:BB:64:C5:98:E5:D1:E6:B1:2A:73:8C:2D:42:AC:6F:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 043B19E242AA103A54F3E6D82B8148FC6E9D6508
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c5783ee-ddea-4cae-b6f4-3d26d328b36c.roa
Signing time: Tue 20 May 2025 18:30:59 +0000
ROA not before: Tue 20 May 2025 18:30:59 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:3b:19:e2:42:aa:10:3a:54:f3:e6:d8:2b:81:48:fc:6e:9d:65:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:30:59 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ea3ba54d4620cf72bc9685659abd29b752a3e98004dd5e0634de76866edf7568, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:6e:6d:be:8e:83:78:35:69:d0:61:ca:54:86:
72:1e:c3:0f:fa:b4:a6:82:20:8b:28:1d:91:be:60:
67:53:ec:a4:91:8e:5c:9a:2b:8d:4e:01:e5:e6:99:
ce:7f:1b:14:b3:a3:cc:18:64:72:57:b7:c7:e8:20:
8c:17:e0:41:e2:56:d1:21:71:f5:43:28:67:2c:11:
f3:8f:62:ca:24:30:3a:06:a7:68:61:36:cc:44:24:
2b:bd:d6:9a:80:82:bb:b4:02:3a:b9:3b:04:e3:a5:
d1:dc:24:7a:81:27:77:20:39:1a:4c:4f:01:ee:92:
ed:31:70:ef:60:68:30:c0:ca:2e:c8:52:8e:82:15:
33:a0:c8:2a:eb:f7:1e:c0:c0:d6:f7:fe:9a:e6:db:
a4:c8:46:d3:dd:f8:88:e3:99:10:e6:53:15:fc:1b:
ae:b8:f9:8f:eb:29:68:eb:3e:21:95:5d:56:b1:64:
c6:51:a7:d1:dc:e5:34:42:51:c5:5c:11:4c:71:bc:
69:53:81:d3:c6:4f:83:ea:a0:bb:d4:82:80:c4:01:
cf:1a:ab:f2:1b:fc:be:39:9e:1e:76:82:aa:a5:a9:
7d:c8:50:be:5a:92:7a:19:00:1d:67:34:95:b7:a6:
ec:2f:e2:be:93:41:15:72:83:c2:22:20:0a:2f:e0:
11:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B4:97:F3:BB:64:C5:98:E5:D1:E6:B1:2A:73:8C:2D:42:AC:6F:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c5783ee-ddea-4cae-b6f4-3d26d328b36c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
96:b6:cc:25:15:85:52:ee:be:f2:18:5c:54:24:af:f2:0c:61:
00:1d:e3:85:30:c3:07:1c:ea:f5:ba:96:5a:53:83:af:34:0c:
64:64:85:a2:44:6e:52:a5:b9:a1:ae:76:42:ef:d5:40:5f:55:
19:84:05:14:a0:5e:68:01:58:68:6c:99:4f:6d:f5:af:ce:ad:
e9:e9:b5:1a:d8:c4:9d:be:5c:49:d6:a6:63:f2:2c:99:0a:b6:
21:da:71:27:bd:87:04:23:ca:8f:09:2d:14:93:e0:84:61:f9:
f1:2d:54:52:27:58:93:a5:b2:d0:ae:65:27:1f:3e:e8:d6:e5:
88:83:f0:a3:c9:6e:b2:d7:c1:1f:79:ad:91:dd:af:22:da:98:
10:f5:ad:f9:11:73:53:18:78:38:b2:12:ec:f7:6c:dc:75:59:
b5:e6:25:5e:14:57:43:91:a1:35:2e:d7:fb:0f:4f:34:d0:7e:
54:6a:21:7a:fd:9f:66:8d:0b:d0:8c:c6:ad:88:66:e4:84:4b:
2b:f4:c9:aa:a0:65:8c:99:e9:87:98:8d:ae:b1:6a:c9:d0:11:
75:af:28:0a:72:6f:1f:93:47:70:f8:3d:15:7c:e7:fb:9b:ac:
36:51:df:ea:6a:8e:e1:5d:7f:9e:db:25:01:39:29:0f:69:20:
7d:3d:c3:16
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBDsZ4kKqEDpU8+bYK4FI/G6dZQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMwNTlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhM2JhNTRkNDYyMGNmNzJiYzk2ODU2NTlhYmQyOWI3NTJhM2U5ODAwNGRk
NWUwNjM0ZGU3Njg2NmVkZjc1NjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOxubb6Og3g1adBhylSGch7DD/q0poIgiygdkb5gZ1PspJGOXJorjU4B5eaZ
zn8bFLOjzBhkcle3x+ggjBfgQeJW0SFx9UMoZywR849iyiQwOganaGE2zEQkK73W
moCCu7QCOrk7BOOl0dwkeoEndyA5GkxPAe6S7TFw72BoMMDKLshSjoIVM6DIKuv3
HsDA1vf+mubbpMhG0934iOOZEOZTFfwbrrj5j+spaOs+IZVdVrFkxlGn0dzlNEJR
xVwRTHG8aVOB08ZPg+qgu9SCgMQBzxqr8hv8vjmeHnaCqqWpfchQvlqSehkAHWc0
lbem7C/ivpNBFXKDwiIgCi/gEacCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRJtJfz
u2TFmOXR5rEqc4wtQqxvqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM1NzgzZWUtZGRlYS00Y2FlLWI2ZjQtM2QyNmQzMjhiMzZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGg
wDANBgkqhkiG9w0BAQsFAAOCAQEAlrbMJRWFUu6+8hhcVCSv8gxhAB3jhTDDBxzq
9bqWWlODrzQMZGSFokRuUqW5oa52Qu/VQF9VGYQFFKBeaAFYaGyZT231r86t6em1
GtjEnb5cSdamY/IsmQq2IdpxJ72HBCPKjwktFJPghGH58S1UUidYk6Wy0K5lJx8+
6NbliIPwo8lustfBH3mtkd2vItqYEPWt+RFzUxh4OLIS7Pds3HVZteYlXhRXQ5Gh
NS7X+w9PNNB+VGohev2fZo0L0IzGrYhm5IRLK/TJqqBljJnph5iNrrFqydARda8o
CnJvH5NHcPg9FXzn+5usNlHf6mqO4V1/ntslATkpD2kgfT3DFg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:23 2025 by rpki-client