Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
File: 5387f3e7-ef20-46b2-8929-bf638dce97e1.roa (raw, json)
Hash identifier: p9tNWfqRoP4/HQC87TIcIB5cUBXmnWq4hCQC3M8XgnI=
Subject key identifier: 29:C6:80:4A:6C:47:CE:FE:5A:89:20:3A:98:34:05:30:EB:B7:4D:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B4B667EB2A0BD46207C31F954D3E581EA88C45A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
Signing time: Tue 20 May 2025 18:40:54 +0000
ROA not before: Tue 20 May 2025 18:40:54 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:4b:66:7e:b2:a0:bd:46:20:7c:31:f9:54:d3:e5:81:ea:88:c4:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:40:54 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=a330de3b941a3d84cfa08cce8c9c2c88d60b966b67ad8bd7f07cc9bb2eb6fcaf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:8d:a5:ed:63:d5:d3:b9:98:81:e2:55:76:dd:
96:c7:30:c7:ac:03:c2:0f:1b:cf:f0:f6:0d:ae:ea:
c9:de:d5:90:f2:f6:18:c8:9f:f2:05:d6:7a:97:32:
ca:f6:bb:53:a0:11:6c:b1:ff:88:91:e8:ca:a9:e2:
46:37:ad:9f:1b:f3:02:0c:0f:db:4c:2e:cf:ab:25:
d2:cd:e2:7a:10:08:fb:bd:81:3e:8a:9e:78:a3:3a:
cb:f1:2c:f7:dc:d4:b8:b3:ea:1b:d6:94:78:db:0c:
ca:42:11:a2:75:bc:49:6e:85:64:26:af:b4:37:2a:
71:c3:5e:bf:26:ae:20:ac:6f:98:69:1c:3d:c2:45:
e4:f1:b4:0b:75:02:9a:ca:75:0a:b4:a3:de:b1:b2:
5c:86:cb:73:83:8b:1a:e0:ca:2a:04:97:5a:74:2b:
85:64:82:02:c6:9e:79:c8:ac:0f:1e:96:9f:c9:3d:
0e:b3:3c:28:f0:ac:89:18:d5:c3:de:2a:87:01:e6:
94:fb:42:78:18:42:6d:c8:63:ca:09:1b:59:79:82:
fb:ef:ac:39:23:0f:96:1f:a5:95:ad:8f:36:b2:44:
23:87:9d:2a:cd:74:29:ce:e3:ad:4a:bb:c6:7a:79:
4c:c4:df:ad:07:a5:c5:95:b2:8b:64:15:37:d3:15:
84:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C6:80:4A:6C:47:CE:FE:5A:89:20:3A:98:34:05:30:EB:B7:4D:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5000::/40
Signature Algorithm: sha256WithRSAEncryption
29:d3:51:17:aa:08:2f:4d:87:4f:c3:be:ad:01:a8:f4:09:4f:
24:0e:f1:c0:16:5b:44:d8:a1:74:df:f6:09:1f:13:ca:f7:2c:
43:ab:31:27:e2:80:de:68:4c:71:50:16:86:28:61:ee:fe:e4:
95:f7:d9:bd:5d:a3:b8:7b:e6:e8:85:dc:0b:eb:88:f7:77:58:
7c:d8:c4:23:a5:76:16:eb:89:ba:50:14:b3:a9:c7:24:00:43:
aa:ee:d0:8c:e3:cc:5b:44:86:11:d0:83:2a:a2:f1:3a:e0:7f:
f2:ad:4e:89:46:14:6e:05:6c:3a:4b:57:fa:27:ba:0a:03:7d:
70:0c:a0:00:9c:52:ff:4b:3d:f6:c1:7f:fe:21:1c:69:69:f1:
36:29:51:60:02:a1:d9:ac:4c:ba:c6:3d:59:e5:48:6e:0a:5f:
3a:0b:c0:f6:ec:8c:96:b8:ee:67:70:1c:c2:9b:40:2f:d7:52:
97:ef:0e:7f:bb:60:5c:e4:14:27:31:27:18:c6:32:51:f4:3f:
d0:5d:90:9c:6f:39:b5:90:c7:7b:5b:e6:10:ca:11:35:54:f2:
f9:dc:e4:4d:6a:1d:25:ae:c0:78:29:6d:70:15:8d:81:5d:c0:
c6:ec:8b:78:a7:a2:90:50:94:0d:d3:81:f4:f9:80:e6:57:6b:
97:5a:71:92
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG0tmfrKgvUYgfDH5VNPlgeqIxFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQwNTRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzMzBkZTNiOTQxYTNkODRjZmEwOGNjZThjOWMyYzg4ZDYwYjk2NmI2N2Fk
OGJkN2YwN2NjOWJiMmViNmZjYWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIONpe1j1dO5mIHiVXbdlscwx6wDwg8bz/D2Da7qyd7VkPL2GMif8gXWepcy
yva7U6ARbLH/iJHoyqniRjetnxvzAgwP20wuz6sl0s3iehAI+72BPoqeeKM6y/Es
99zUuLPqG9aUeNsMykIRonW8SW6FZCavtDcqccNevyauIKxvmGkcPcJF5PG0C3UC
msp1CrSj3rGyXIbLc4OLGuDKKgSXWnQrhWSCAsaeecisDx6Wn8k9DrM8KPCsiRjV
w94qhwHmlPtCeBhCbchjygkbWXmC+++sOSMPlh+lla2PNrJEI4edKs10Kc7jrUq7
xnp5TMTfrQelxZWyi2QVN9MVhNsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQpxoBK
bEfO/lqJIDqYNAUw67dN4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4N2YzZTctZWYyMC00NmIyLTg5MjktYmY2MzhkY2U5N2UxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAp01EXqggvTYdPw76tAaj0CU8kDvHAFltE2KF0
3/YJHxPK9yxDqzEn4oDeaExxUBaGKGHu/uSV99m9XaO4e+bohdwL64j3d1h82MQj
pXYW64m6UBSzqcckAEOq7tCM48xbRIYR0IMqovE64H/yrU6JRhRuBWw6S1f6J7oK
A31wDKAAnFL/Sz32wX/+IRxpafE2KVFgAqHZrEy6xj1Z5UhuCl86C8D27IyWuO5n
cBzCm0Av11KX7w5/u2Bc5BQnMScYxjJR9D/QXZCcbzm1kMd7W+YQyhE1VPL53ORN
ah0lrsB4KW1wFY2BXcDG7It4p6KQUJQN04H0+YDmV2uXWnGS
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:33 2025 by rpki-client