Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
File: 515f7e85-9223-47e5-be2b-42ec6a12a88b.roa (raw, json)
Hash identifier: U6qCiMIo493I8q6zU4f1nA/JNI/ysQ8XXkND/3Puf3U=
Subject key identifier: 5B:81:C9:86:86:B9:04:6D:6A:AF:09:83:3E:AF:71:8A:85:60:AF:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E28412E91F6995793CF3F32A7D3F8DD3676E949
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
Signing time: Thu 22 May 2025 01:22:17 +0000
ROA not before: Thu 22 May 2025 01:22:17 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:28:41:2e:91:f6:99:57:93:cf:3f:32:a7:d3:f8:dd:36:76:e9:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:22:17 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=cb8fa291625bd5d5d4978913b9216990bbdb88c1436782f02854245557df92cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:88:a7:c5:8c:81:6d:53:22:37:b4:f8:d2:9f:
4b:36:b3:d7:fe:0f:4a:5b:1b:75:86:00:c7:ac:bc:
f9:34:f6:1a:53:c2:43:8e:2b:a0:a3:34:19:63:19:
c6:62:b8:24:48:39:83:8b:57:cf:b5:7d:a5:33:82:
7f:e8:35:64:ea:e1:b8:f8:e1:e0:04:98:31:0b:1e:
33:97:66:7a:00:46:96:a3:a6:9f:ad:dc:1f:c1:57:
6c:6d:44:4e:dd:5e:d5:42:97:d8:3e:dc:7b:65:c6:
04:33:ba:8e:e9:71:90:f7:6e:61:0f:3f:e0:01:45:
0b:a2:41:09:0f:f6:4c:12:25:1c:be:4d:77:e0:6a:
4d:28:e8:45:9b:a9:b9:9c:ae:7a:b1:cd:b2:02:9d:
c9:2a:ef:5e:79:69:87:77:0c:63:d1:15:8c:db:07:
ed:43:0a:91:8d:e7:bd:1b:d9:50:56:58:d5:d6:1e:
d9:70:d3:31:f6:5f:83:2f:fd:d4:97:17:c7:5a:f9:
49:d1:8c:cb:5a:46:f1:dc:b1:05:62:54:ca:af:e8:
72:8f:d8:40:11:72:28:a7:e8:80:a9:52:e7:ff:8a:
e9:56:44:eb:f9:b3:1e:a6:f7:46:d7:e5:56:58:40:
30:56:66:8c:28:81:96:be:e9:47:06:72:48:25:ae:
39:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:81:C9:86:86:B9:04:6D:6A:AF:09:83:3E:AF:71:8A:85:60:AF:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:9000::/40
Signature Algorithm: sha256WithRSAEncryption
74:90:2b:d5:3b:72:e9:4e:21:ce:92:29:ab:35:3f:cf:9c:18:
57:c2:d1:d2:1f:5c:74:7c:12:8e:54:dc:10:9b:a1:69:76:44:
08:a9:fc:cf:ea:ad:38:e2:e7:9b:d1:70:73:cb:18:4a:25:fe:
9b:fc:84:38:86:f6:47:98:63:f5:29:2d:5b:db:a3:71:e9:a0:
7b:22:f3:df:e6:43:3d:bd:11:0b:ed:24:42:ea:33:ac:f1:ec:
47:ba:6f:a9:96:85:00:40:4b:d5:0a:f0:b5:43:62:72:a8:d6:
67:90:69:a3:1a:6f:47:42:36:f6:18:a9:7c:65:80:79:ae:82:
be:63:05:cd:1d:7b:a9:24:bf:7a:32:1e:e1:92:12:8c:11:c4:
67:0f:4e:a1:8c:cc:c5:17:92:da:eb:c4:42:be:da:6b:08:3e:
73:54:a3:21:21:30:04:23:e3:88:1a:8a:52:c8:a3:a2:38:a3:
e2:13:04:49:36:4a:e7:6f:fb:23:e8:94:ca:bb:e9:b7:01:09:
0b:0b:22:6f:4d:64:ef:a7:a7:ec:43:99:6c:e4:43:eb:ba:84:
48:51:5f:45:41:ad:e4:38:8d:e9:b8:f1:de:b2:d5:3d:8b:80:
77:f5:19:2f:a1:04:0c:f8:f0:58:e0:a1:9a:df:73:63:91:3f:
85:7d:4f:f2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHihBLpH2mVeTzz8yp9P43TZ26UkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTIyMTdaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiOGZhMjkxNjI1YmQ1ZDVkNDk3ODkxM2I5MjE2OTkwYmJkYjg4YzE0MzY3
ODJmMDI4NTQyNDU1NTdkZjkyY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqIp8WMgW1TIje0+NKfSzaz1/4PSlsbdYYAx6y8+TT2GlPCQ44roKM0GWMZ
xmK4JEg5g4tXz7V9pTOCf+g1ZOrhuPjh4ASYMQseM5dmegBGlqOmn63cH8FXbG1E
Tt1e1UKX2D7ce2XGBDO6julxkPduYQ8/4AFFC6JBCQ/2TBIlHL5Nd+BqTSjoRZup
uZyuerHNsgKdySrvXnlph3cMY9EVjNsH7UMKkY3nvRvZUFZY1dYe2XDTMfZfgy/9
1JcXx1r5SdGMy1pG8dyxBWJUyq/oco/YQBFyKKfogKlS5/+K6VZE6/mzHqb3Rtfl
VlhAMFZmjCiBlr7pRwZySCWuOb8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRbgcmG
hrkEbWqvCYM+r3GKhWCvYjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTE1ZjdlODUtOTIyMy00N2U1LWJlMmItNDJlYzZhMTJhODhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2Q
MA0GCSqGSIb3DQEBCwUAA4IBAQB0kCvVO3LpTiHOkimrNT/PnBhXwtHSH1x0fBKO
VNwQm6FpdkQIqfzP6q044ueb0XBzyxhKJf6b/IQ4hvZHmGP1KS1b26Nx6aB7IvPf
5kM9vREL7SRC6jOs8exHum+ploUAQEvVCvC1Q2JyqNZnkGmjGm9HQjb2GKl8ZYB5
roK+YwXNHXupJL96Mh7hkhKMEcRnD06hjMzFF5La68RCvtprCD5zVKMhITAEI+OI
GopSyKOiOKPiEwRJNkrnb/sj6JTKu+m3AQkLCyJvTWTvp6fsQ5ls5EPruoRIUV9F
Qa3kOI3puPHestU9i4B39RkvoQQM+PBY4KGa33NjkT+FfU/y
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:27 2025 by rpki-client