Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
File: 53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa (raw, json)
Hash identifier: nVoTJ0tuzyv7h2YiSTfJ19xcsbGonKcEoBnlGCu2vXM=
Subject key identifier: 9B:82:89:EF:6E:91:65:BB:9D:16:E1:D0:52:DC:EA:22:73:B0:3D:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58C4A6C43BF5692EE9048C5EBC1ABB982A648842
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
Signing time: Fri 06 Jun 2025 15:10:06 +0000
ROA not before: Fri 06 Jun 2025 15:10:06 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:c4:a6:c4:3b:f5:69:2e:e9:04:8c:5e:bc:1a:bb:98:2a:64:88:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:06 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=7a476a65571d9c8e6d5b86102936c4ea8ca246bc6fdeaad4cd6dc30ac58a7974, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d6:c6:2d:4b:0a:24:85:95:26:d4:e9:94:3a:
64:f8:cf:4e:11:cf:c2:65:85:7e:aa:4c:c0:68:a7:
77:5d:30:0a:95:3e:75:e0:85:e5:a1:f2:36:7e:2d:
60:d3:d8:b7:69:08:09:d4:74:04:1d:f2:fb:d9:8e:
68:4c:51:81:b2:9f:45:a2:c2:55:d9:f0:73:81:97:
9a:fd:5e:8c:4b:e7:c4:da:ad:ee:2f:40:95:d4:2f:
fe:9e:25:05:ed:5e:20:f3:e1:05:b6:4c:c6:b6:d5:
3a:93:3e:21:f9:4b:d1:42:86:b8:0b:ec:3e:b7:f1:
47:f1:d4:24:b0:1a:15:fa:a0:36:71:a3:ad:a9:60:
86:de:31:f7:8b:a3:59:05:13:92:c6:4d:cb:73:89:
59:1f:08:07:ea:e0:e5:6b:ab:31:ec:3d:1f:c7:d5:
99:2f:84:9f:d3:b9:7d:1c:de:a6:41:ae:a1:09:34:
93:33:61:17:e2:19:83:e5:14:c7:a4:e7:1b:41:fc:
70:6f:fe:62:c3:29:62:e1:84:0c:19:d7:3f:9c:1f:
83:7a:15:c5:3f:2b:b7:c6:27:3b:0e:59:a3:76:04:
d5:1b:21:95:04:55:5a:7c:7c:a4:dd:01:d7:68:ac:
24:f9:fa:85:c1:22:8d:00:0b:5d:06:8d:5f:5a:3d:
92:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:82:89:EF:6E:91:65:BB:9D:16:E1:D0:52:DC:EA:22:73:B0:3D:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:2000::/40
Signature Algorithm: sha256WithRSAEncryption
b3:56:ff:9f:8a:61:90:bf:e1:36:eb:0c:7a:f7:50:fa:cd:11:
7e:51:43:0b:c8:76:b8:4b:5f:3e:59:2a:82:3b:64:cf:42:c3:
5d:a1:d9:11:eb:6d:fe:84:50:4b:8c:ef:6d:a9:4e:09:e9:e6:
01:ee:b5:11:5f:dd:20:46:4e:2b:03:c0:64:4a:37:9c:04:d2:
13:8a:b6:50:cf:71:3a:14:a2:5c:10:0d:38:44:88:18:de:69:
43:8f:1a:f0:d7:26:ce:55:34:b6:ef:90:89:26:4f:c9:92:0d:
6d:01:56:61:12:34:d2:a7:17:51:cd:1d:de:2d:ed:58:1d:dc:
d8:14:5f:ed:e2:06:d9:15:16:01:08:05:6f:96:29:d4:7c:88:
8c:9a:47:a5:ca:a6:79:c1:8b:5a:56:28:a5:5a:60:52:70:4c:
85:5f:b2:4d:43:16:2e:ba:10:1e:2d:bd:f8:d5:e3:20:7d:74:
a3:7b:e3:6a:31:a0:8d:80:61:74:a5:45:30:c4:44:6d:27:c2:
b3:dc:6c:7a:cf:b2:95:a2:96:5d:fc:54:e7:5c:0d:2e:42:64:
43:de:89:70:22:d6:d0:63:1e:f3:0f:9b:4f:ca:8f:a8:a5:e5:
73:a3:59:c4:9d:59:64:b5:e6:b7:08:74:a4:77:6d:3b:07:6c:
10:6e:1c:1b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWMSmxDv1aS7pBIxevBq7mCpkiEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwMDZaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhNDc2YTY1NTcxZDljOGU2ZDViODYxMDI5MzZjNGVhOGNhMjQ2YmM2ZmRl
YWFkNGNkNmRjMzBhYzU4YTc5NzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7Wxi1LCiSFlSbU6ZQ6ZPjPThHPwmWFfqpMwGind10wCpU+deCF5aHyNn4t
YNPYt2kICdR0BB3y+9mOaExRgbKfRaLCVdnwc4GXmv1ejEvnxNqt7i9AldQv/p4l
Be1eIPPhBbZMxrbVOpM+IflL0UKGuAvsPrfxR/HUJLAaFfqgNnGjralght4x94uj
WQUTksZNy3OJWR8IB+rg5WurMew9H8fVmS+En9O5fRzepkGuoQk0kzNhF+IZg+UU
x6TnG0H8cG/+YsMpYuGEDBnXP5wfg3oVxT8rt8YnOw5Zo3YE1RshlQRVWnx8pN0B
12isJPn6hcEijQALXQaNX1o9kp8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSbgonv
bpFlu50W4dBS3Ooic7A9EzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTNmZGQzNTQtMGViOC00MDRiLTgyMDMtYjVlODIxMWIyYjdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYg
MA0GCSqGSIb3DQEBCwUAA4IBAQCzVv+fimGQv+E26wx691D6zRF+UUMLyHa4S18+
WSqCO2TPQsNdodkR623+hFBLjO9tqU4J6eYB7rURX90gRk4rA8BkSjecBNITirZQ
z3E6FKJcEA04RIgY3mlDjxrw1ybOVTS275CJJk/Jkg1tAVZhEjTSpxdRzR3eLe1Y
HdzYFF/t4gbZFRYBCAVvlinUfIiMmkelyqZ5wYtaViilWmBScEyFX7JNQxYuuhAe
Lb341eMgfXSje+NqMaCNgGF0pUUwxERtJ8Kz3Gx6z7KVopZd/FTnXA0uQmRD3olw
ItbQYx7zD5tPyo+opeVzo1nEnVlktea3CHSkd207B2wQbhwb
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:15 2025 by rpki-client