Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
File: 631196a4-90f5-4760-982e-15fbaf4805ec.roa (raw, json)
Hash identifier: 5xL6E63S1hP4dN1sdMnyZcTO8qFoXfQD0/F0tArf8Sg=
Subject key identifier: 4E:A9:7F:59:F4:40:F8:65:33:3A:44:FF:71:B1:3C:9B:BD:C1:41:A1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C9CE9200A09F8CD212B170E1AEA476B3597B3E4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
Signing time: Tue 10 Jun 2025 17:30:08 +0000
ROA not before: Tue 10 Jun 2025 17:30:08 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:9c:e9:20:0a:09:f8:cd:21:2b:17:0e:1a:ea:47:6b:35:97:b3:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:30:08 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=e87e98c586e6d512ddfb7864ebb34b66ef7795f76f2558cb49f09e42abd63ddb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:97:cd:dc:bb:35:8c:14:75:32:2a:77:6e:9e:
e3:af:49:e0:35:be:82:d6:91:c3:f7:f4:e3:1a:e0:
97:1c:a7:73:6b:b4:40:78:1e:d0:a7:06:61:c3:4b:
6b:0b:1e:19:f7:f2:8f:cc:57:64:6c:97:dc:0f:78:
08:de:49:16:78:80:e4:b7:89:89:98:ab:ee:8d:1a:
b1:7a:6f:1e:a4:c0:aa:25:ac:e0:af:e5:71:44:5c:
35:1d:00:c7:85:ff:4c:13:57:84:3c:4d:56:9b:53:
e6:3e:5a:ed:14:9d:2c:9d:6f:eb:6d:e1:ee:91:99:
02:a4:46:74:7a:74:f8:ac:47:9e:53:6c:a2:44:90:
b2:a6:d5:a1:fa:ea:ec:7b:f9:85:44:9e:38:ff:38:
77:a6:4a:7b:93:98:e1:c6:e5:5a:cb:a8:36:08:6b:
25:c8:35:60:46:40:f7:6f:85:fa:65:58:38:9f:c1:
90:2b:49:39:65:fc:dd:da:e9:5e:db:3a:27:9f:17:
eb:c7:97:ca:2a:a8:09:55:d4:1d:0e:76:e6:19:62:
54:e4:08:67:65:83:0e:ab:6d:40:0c:eb:da:d6:fa:
4d:ed:52:ea:96:a4:30:51:b7:d0:04:b0:b4:af:04:
ab:eb:ff:bd:7f:37:5c:d4:09:0c:3e:35:bb:64:d7:
eb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A9:7F:59:F4:40:F8:65:33:3A:44:FF:71:B1:3C:9B:BD:C1:41:A1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020:8000::/36
Signature Algorithm: sha256WithRSAEncryption
36:51:ea:75:d1:de:db:b1:5e:f9:ff:f3:68:d4:a6:06:79:df:
98:8f:97:57:01:2c:33:89:b6:2d:47:55:ae:c5:a3:0a:b1:c7:
c4:e2:ef:c8:a3:c1:31:f9:29:ad:53:a3:07:4b:1e:fc:e7:17:
e5:79:e4:97:34:c9:2f:41:72:23:5c:b3:cb:49:af:70:47:d0:
c8:e0:0f:12:c9:16:c4:c5:80:17:90:21:28:d5:e7:84:6c:90:
0b:e2:1a:c8:06:34:d3:49:c2:09:18:62:84:9c:c0:2e:f3:e9:
e9:97:2a:d0:16:42:3e:a4:27:c1:74:73:59:d9:c5:71:da:87:
f8:3a:7a:96:fa:27:ce:2e:8b:13:69:52:95:2a:b9:89:98:83:
95:c4:13:7d:4f:5e:cc:a0:48:a2:59:a7:84:2c:60:0d:a9:2b:
f5:18:fe:83:28:76:84:c0:10:c1:1d:79:3c:7b:07:11:14:76:
ca:92:84:a9:54:c0:4b:18:95:97:d1:15:2d:0c:b8:2e:20:18:
17:fd:53:91:56:46:3a:e8:14:aa:f0:27:91:68:54:94:e3:02:
28:0a:ec:53:d0:c5:cf:6a:9a:e9:c9:fb:ab:33:6b:c1:ab:15:
ed:1a:a5:73:b7:98:fc:1a:d6:fe:3d:27:b3:a4:a9:4d:a5:47:
17:77:ca:db
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbJzpIAoJ+M0hKxcOGupHazWXs+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzMwMDhaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4N2U5OGM1ODZlNmQ1MTJkZGZiNzg2NGViYjM0YjY2ZWY3Nzk1Zjc2ZjI1
NThjYjQ5ZjA5ZTQyYWJkNjNkZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCXzdy7NYwUdTIqd26e469J4DW+gtaRw/f04xrglxync2u0QHge0KcGYcNL
awseGffyj8xXZGyX3A94CN5JFniA5LeJiZir7o0asXpvHqTAqiWs4K/lcURcNR0A
x4X/TBNXhDxNVptT5j5a7RSdLJ1v623h7pGZAqRGdHp0+KxHnlNsokSQsqbVofrq
7Hv5hUSeOP84d6ZKe5OY4cblWsuoNghrJcg1YEZA92+F+mVYOJ/BkCtJOWX83drp
Xts6J58X68eXyiqoCVXUHQ525hliVOQIZ2WDDqttQAzr2tb6Te1S6pakMFG30ASw
tK8Eq+v/vX83XNQJDD41u2TX648CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBROqX9Z
9ED4ZTM6RP9xsTybvcFBoTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjMxMTk2YTQtOTBmNS00NzYwLTk4MmUtMTVmYmFmNDgwNWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CCA
MA0GCSqGSIb3DQEBCwUAA4IBAQA2Uep10d7bsV75//No1KYGed+Yj5dXASwzibYt
R1WuxaMKscfE4u/Io8Ex+SmtU6MHSx785xfleeSXNMkvQXIjXLPLSa9wR9DI4A8S
yRbExYAXkCEo1eeEbJAL4hrIBjTTScIJGGKEnMAu8+nplyrQFkI+pCfBdHNZ2cVx
2of4OnqW+ifOLosTaVKVKrmJmIOVxBN9T17MoEiiWaeELGANqSv1GP6DKHaEwBDB
HXk8ewcRFHbKkoSpVMBLGJWX0RUtDLguIBgX/VORVkY66BSq8CeRaFSU4wIoCuxT
0MXPaprpyfurM2vBqxXtGqVzt5j8Gtb+PSezpKlNpUcXd8rb
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:46:39 2025 by rpki-client