Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
File: 5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa (raw, json)
Hash identifier: AsPHc+6WVLlUJBviWlFoRvJR3B8tKaqMDxpHfqBaC/A=
Subject key identifier: 03:FF:70:6E:25:C2:E6:63:17:A2:6B:1E:93:5C:9C:7C:6E:60:DA:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 730525C49D9E3B9F70A2455FB5B96AB27A39F781
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
Signing time: Tue 20 May 2025 20:11:09 +0000
ROA not before: Tue 20 May 2025 20:11:09 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:05:25:c4:9d:9e:3b:9f:70:a2:45:5f:b5:b9:6a:b2:7a:39:f7:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:09 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=49d91da4a529fe84b0513324ce65d802a80030e82a23ac0737dafb32e78e5d0e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:62:2b:b3:9c:2d:d7:f5:fc:4a:38:e8:c9:b8:
68:9e:51:f4:f0:75:f2:74:65:f1:0d:ef:8a:9a:b0:
22:49:50:d5:b3:bf:37:6f:ec:45:4c:be:9d:48:e9:
8e:b7:3c:0d:62:93:ae:a7:e0:1e:26:9a:33:67:f2:
e0:8d:58:9f:63:28:20:3a:33:5e:ba:69:78:32:b7:
6b:99:f8:a7:2e:a6:c2:8f:96:03:45:71:fb:f4:1c:
06:62:27:f3:db:42:98:3a:a2:7d:e5:7b:49:eb:2d:
ae:28:5a:5d:0b:17:95:23:44:02:de:5a:77:34:34:
54:e9:b2:99:33:a5:7c:4d:7e:48:4b:ca:ff:79:f6:
fc:72:07:99:5a:6b:59:2c:df:8e:7b:c3:83:bc:8d:
58:1f:e7:96:51:2f:6e:56:aa:a9:10:fd:39:e9:c3:
6e:02:e2:01:f4:95:33:91:91:26:1d:a4:fc:7b:d7:
82:57:39:cd:17:d3:38:6b:f6:bd:06:0a:59:a5:9e:
29:3b:12:44:6a:b2:0c:df:bd:e7:46:53:73:10:19:
6e:4a:fa:f6:da:22:d7:ad:98:aa:f8:57:c7:da:a0:
ba:8a:d2:bd:50:f1:ec:2a:9d:ba:eb:86:df:96:86:
19:e3:48:b1:98:9d:99:51:51:e7:41:4f:28:fe:5d:
21:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:FF:70:6E:25:C2:E6:63:17:A2:6B:1E:93:5C:9C:7C:6E:60:DA:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:2000::/40
Signature Algorithm: sha256WithRSAEncryption
37:3a:1d:6c:d0:df:33:e5:68:a2:67:3e:6e:7e:ed:67:1b:78:
9c:ad:b2:66:5c:01:1a:3f:84:fd:46:75:7c:9d:37:47:32:0b:
18:9e:45:9a:61:42:ec:6f:f5:1b:d6:1d:ea:7c:14:9e:2a:19:
30:b8:40:ba:46:d1:8f:66:62:58:4e:d1:74:44:ef:74:94:f6:
9f:94:09:4b:6e:e1:a2:55:56:3a:6a:85:8d:bd:5d:fc:44:c3:
94:a1:d6:a4:89:b6:25:1c:f3:92:c8:2c:e1:01:dd:4e:7b:25:
20:08:33:23:27:dc:2b:40:92:fa:12:2b:9a:ec:77:75:3f:3b:
61:0f:5d:9e:3f:be:dc:64:50:c0:30:0e:8e:a7:99:d5:66:14:
29:99:10:49:b7:b5:0e:d0:d2:c5:97:b1:0f:0c:d0:40:4e:79:
43:2a:e5:89:d8:50:4b:c5:cf:7d:c9:71:15:97:bd:8d:6f:d9:
4b:85:da:94:92:46:4f:b9:6d:5a:c2:c1:d1:45:0a:d4:6b:ab:
ee:cb:d1:3d:ab:d7:4e:f3:5c:a0:7d:76:d0:ba:d7:66:1e:27:
69:63:bb:9a:fb:85:b3:52:26:d7:58:d0:35:b8:48:24:b8:08:
8b:d6:fe:e9:b8:0c:29:88:86:09:2a:f6:23:ac:38:7d:77:10:
0d:ab:0c:b3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcwUlxJ2eO59wokVftblqsno594EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMDlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5ZDkxZGE0YTUyOWZlODRiMDUxMzMyNGNlNjVkODAyYTgwMDMwZTgyYTIz
YWMwNzM3ZGFmYjMyZTc4ZTVkMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFiK7OcLdf1/Eo46Mm4aJ5R9PB18nRl8Q3vipqwIklQ1bO/N2/sRUy+nUjp
jrc8DWKTrqfgHiaaM2fy4I1Yn2MoIDozXrppeDK3a5n4py6mwo+WA0Vx+/QcBmIn
89tCmDqifeV7SestrihaXQsXlSNEAt5adzQ0VOmymTOlfE1+SEvK/3n2/HIHmVpr
WSzfjnvDg7yNWB/nllEvblaqqRD9OenDbgLiAfSVM5GRJh2k/HvXglc5zRfTOGv2
vQYKWaWeKTsSRGqyDN+950ZTcxAZbkr69toi162YqvhXx9qguorSvVDx7CqduuuG
35aGGeNIsZidmVFR50FPKP5dIUcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQD/3Bu
JcLmYxeiax6TXJx8bmDaQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQ4ZTgzMWUtNGQ2MS00NDliLWE1MzItYTFkZDlkNzQzYWM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hog
MA0GCSqGSIb3DQEBCwUAA4IBAQA3Oh1s0N8z5WiiZz5ufu1nG3icrbJmXAEaP4T9
RnV8nTdHMgsYnkWaYULsb/Ub1h3qfBSeKhkwuEC6RtGPZmJYTtF0RO90lPaflAlL
buGiVVY6aoWNvV38RMOUodakibYlHPOSyCzhAd1OeyUgCDMjJ9wrQJL6Eiua7Hd1
PzthD12eP77cZFDAMA6Op5nVZhQpmRBJt7UO0NLFl7EPDNBATnlDKuWJ2FBLxc99
yXEVl72Nb9lLhdqUkkZPuW1awsHRRQrUa6vuy9E9q9dO81ygfXbQutdmHidpY7ua
+4WzUibXWNA1uEgkuAiL1v7puAwpiIYJKvYjrDh9dxANqwyz
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:20 2025 by rpki-client