Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
File: 5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa (raw, json)
Hash identifier: 8bBH0sFR8cPDtGdn5RHTbp06ehMTm6pWzBdOqBsSWcU=
Subject key identifier: 61:0F:C5:5E:EC:70:EE:AB:8C:77:38:78:79:7C:47:F1:A8:9A:B0:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30EFA62AB935A5A8AFF57D5E71D8595AF2A91063
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
Signing time: Tue 20 May 2025 18:41:40 +0000
ROA not before: Tue 20 May 2025 18:41:40 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:ef:a6:2a:b9:35:a5:a8:af:f5:7d:5e:71:d8:59:5a:f2:a9:10:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:41:40 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=8b55906bfde70baacc6b57ab7ce387ef4014af5741abca012eccd7c4cea3f93a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b1:89:0d:b8:26:1c:44:c8:23:c4:50:4c:ce:
70:ed:49:d5:1f:25:fa:ea:21:34:55:67:b5:83:c5:
2a:3c:fc:ac:c0:1f:1b:7c:00:39:8e:73:78:84:b3:
79:ae:a7:1e:a5:42:0a:7a:0e:7b:48:c8:26:e3:54:
54:80:72:17:3f:56:01:7d:98:60:b7:0e:da:32:04:
33:7d:ad:dd:73:24:bf:23:fd:e8:25:18:d5:99:86:
9e:09:bb:a1:89:3c:ac:e2:cc:3f:a0:89:60:7d:4f:
a1:75:20:7a:84:bd:e4:2a:dd:c4:82:1f:e3:3e:da:
13:7e:2f:2b:aa:af:f0:a2:0f:c2:da:a9:de:3a:f6:
b8:03:99:18:dc:2c:e0:87:0f:c4:d5:2b:67:b1:a4:
df:75:e0:3f:21:af:63:6c:f8:1b:a5:0f:2f:23:f8:
b5:df:85:d8:a3:26:38:b9:f3:a8:63:a9:34:44:0b:
03:8d:6d:15:55:a2:d8:6c:78:16:ff:b7:2d:ce:78:
72:3d:28:a4:03:3e:c2:db:ae:67:5d:ae:9b:27:9d:
76:23:6b:81:20:aa:26:cd:d6:e3:ec:7a:fc:4f:18:
78:c9:73:00:6c:ed:ea:6b:5f:cb:88:e4:24:47:62:
d8:c9:f3:2f:fe:b1:d1:44:45:c1:e1:e1:43:73:80:
57:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:0F:C5:5E:EC:70:EE:AB:8C:77:38:78:79:7C:47:F1:A8:9A:B0:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80b0::/48
Signature Algorithm: sha256WithRSAEncryption
14:95:92:af:e0:33:f7:70:a1:b3:ab:e5:39:9d:f0:f6:7c:b3:
7a:46:14:d8:f4:fd:dd:19:5f:db:62:94:7b:4c:af:f2:c8:f4:
85:8b:17:f5:28:e5:4b:61:82:8e:fd:5e:4d:e6:87:71:86:e1:
27:8a:e4:e9:50:64:65:2b:29:37:87:8f:16:55:7a:1f:f6:0d:
ef:30:5e:42:5d:08:21:de:6b:64:c9:7e:0f:85:c5:93:7f:dc:
5a:ab:57:67:13:ee:a6:28:e4:7a:33:5e:d6:eb:c7:15:e5:45:
78:9d:bf:34:9d:0f:06:11:25:35:41:73:82:d2:05:ac:ce:4b:
89:98:2c:fe:8a:11:27:80:41:b4:42:bd:b5:ba:af:f0:81:b8:
f3:15:91:80:10:f0:c8:5d:3e:38:ea:fc:e7:68:7b:61:a5:06:
3b:b1:8f:5a:66:06:ce:2f:ee:03:72:89:1c:d1:1c:f9:dd:19:
50:6d:01:ef:68:8d:43:53:f9:5e:eb:30:d6:1b:2b:1f:9b:04:
df:da:7a:f1:20:e1:77:f5:31:31:c1:0c:1c:5d:17:bc:98:4b:
54:d8:bd:eb:fe:d0:3c:a9:39:63:85:ff:95:90:4c:1c:d7:27:
ea:0b:bf:b8:1b:d2:ce:cd:71:8c:0f:9f:2f:56:1b:35:3f:c3:
91:96:4d:22
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMO+mKrk1paiv9X1ecdhZWvKpEGMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQxNDBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiNTU5MDZiZmRlNzBiYWFjYzZiNTdhYjdjZTM4N2VmNDAxNGFmNTc0MWFi
Y2EwMTJlY2NkN2M0Y2VhM2Y5M2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJSxiQ24JhxEyCPEUEzOcO1J1R8l+uohNFVntYPFKjz8rMAfG3wAOY5zeISz
ea6nHqVCCnoOe0jIJuNUVIByFz9WAX2YYLcO2jIEM32t3XMkvyP96CUY1ZmGngm7
oYk8rOLMP6CJYH1PoXUgeoS95CrdxIIf4z7aE34vK6qv8KIPwtqp3jr2uAOZGNws
4IcPxNUrZ7Gk33XgPyGvY2z4G6UPLyP4td+F2KMmOLnzqGOpNEQLA41tFVWi2Gx4
Fv+3Lc54cj0opAM+wtuuZ12umyeddiNrgSCqJs3W4+x6/E8YeMlzAGzt6mtfy4jk
JEdi2MnzL/6x0URFweHhQ3OAV1UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRhD8Ve
7HDuq4x3OHh5fEfxqJqw3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQxZmZmOTgtNDQxNS00Y2QwLWIyY2MtMjZmNjFhOGNhZTdiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
sDANBgkqhkiG9w0BAQsFAAOCAQEAFJWSr+Az93Chs6vlOZ3w9nyzekYU2PT93Rlf
22KUe0yv8sj0hYsX9SjlS2GCjv1eTeaHcYbhJ4rk6VBkZSspN4ePFlV6H/YN7zBe
Ql0IId5rZMl+D4XFk3/cWqtXZxPupijkejNe1uvHFeVFeJ2/NJ0PBhElNUFzgtIF
rM5LiZgs/ooRJ4BBtEK9tbqv8IG48xWRgBDwyF0+OOr852h7YaUGO7GPWmYGzi/u
A3KJHNEc+d0ZUG0B72iNQ1P5Xusw1hsrH5sE39p68SDhd/UxMcEMHF0XvJhLVNi9
6/7QPKk5Y4X/lZBMHNcn6gu/uBvSzs1xjA+fL1YbNT/DkZZNIg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:11 2025 by rpki-client