Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65c46db4-023b-4885-8c6b-9444db174ad3.roa
File: 65c46db4-023b-4885-8c6b-9444db174ad3.roa (raw, json)
Hash identifier: eAZCjSP1OZIwGpiGiFALSzYxi3o9t0AoHGuOJT6/e18=
Subject key identifier: 61:CE:EC:47:DB:3F:1B:DC:24:D0:F9:05:70:76:C9:E1:AC:68:BF:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 702849E85DAF2166BBB591730F6EBC807E33F76D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65c46db4-023b-4885-8c6b-9444db174ad3.roa
Signing time: Tue 20 May 2025 19:51:16 +0000
ROA not before: Tue 20 May 2025 19:51:16 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:c080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:28:49:e8:5d:af:21:66:bb:b5:91:73:0f:6e:bc:80:7e:33:f7:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:51:16 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ac083ce372a883fbcdb811e865869b6d2d49f3487a806bfddcad79a2495187dc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a5:cd:c2:9f:94:49:5b:06:0e:bc:94:b0:f2:
1e:63:64:1e:dc:b5:a4:d2:f4:59:82:b5:0f:71:2e:
b6:92:31:12:70:21:29:28:ad:c6:a6:3b:05:5d:f8:
1e:f1:d1:08:c7:24:4f:60:d0:70:a5:2d:30:5f:fe:
d4:81:66:cc:33:c6:9a:22:86:c3:aa:5b:b9:3d:ec:
1b:39:97:ce:79:8c:61:75:40:0c:62:56:2e:e6:ae:
67:a1:d5:2c:35:8f:9f:b0:4f:c6:96:23:45:28:d1:
6d:12:99:3a:99:5a:3d:2f:e3:4e:e6:3c:62:d2:41:
f2:7d:4b:e4:a5:1d:38:92:a5:ad:a6:5b:95:03:9c:
f3:63:7e:e0:24:dd:a3:c0:fd:f1:bc:d5:41:19:f3:
69:d2:8a:28:8b:a0:8a:fa:0a:1c:6f:b1:72:19:9b:
08:dc:8c:63:59:18:3f:11:b1:c3:46:39:f5:17:b2:
5c:62:4b:7f:42:94:45:17:67:80:73:1b:b1:87:75:
34:f3:e2:41:83:59:da:41:41:ff:5f:af:e3:68:29:
70:2b:80:77:5c:12:0c:07:62:6a:bb:66:ae:23:05:
11:6f:f2:bf:82:30:b9:4e:a6:6b:d2:11:8b:44:13:
9d:ce:7e:ff:45:54:b8:a2:5c:3c:5a:fa:d9:54:2a:
b3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:CE:EC:47:DB:3F:1B:DC:24:D0:F9:05:70:76:C9:E1:AC:68:BF:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65c46db4-023b-4885-8c6b-9444db174ad3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:c080::/46
Signature Algorithm: sha256WithRSAEncryption
c2:24:4f:e1:ba:60:9e:c8:9b:d5:5b:26:85:c0:73:28:26:cd:
be:9d:ad:68:22:8b:e3:21:40:8c:7e:12:b2:2f:e5:d7:6f:56:
88:29:e6:f5:ab:aa:78:16:ad:2f:d5:af:86:df:fb:e8:fd:29:
ef:62:37:77:e0:a1:29:17:7d:31:76:4a:7f:7e:97:f7:e6:2e:
c1:0a:3d:4a:1b:ee:18:22:a5:23:05:ee:80:c0:d0:ff:18:da:
f6:e5:ea:47:f8:76:9a:6f:62:89:75:34:b9:7b:5e:9f:c9:06:
aa:6c:88:6d:87:29:b0:92:cc:c9:54:10:76:86:ed:9a:03:10:
61:b6:9a:f6:c5:84:67:a6:03:f2:29:be:b9:69:fc:54:e0:98:
28:0b:47:05:a6:e4:80:12:32:03:aa:65:5e:b7:78:bf:86:67:
7a:27:4f:ad:a0:1a:f1:14:3f:c0:2a:6a:99:d0:41:c7:ee:61:
6e:04:4f:3a:15:a1:b1:c1:ad:84:32:65:10:ac:94:c1:ab:cc:
0d:24:a0:73:e2:0e:5b:ce:71:6b:e2:75:15:a3:21:db:0c:df:
39:b1:08:95:13:88:b7:3d:31:c0:5d:1a:6d:52:e1:5f:37:fb:
d7:0a:c2:84:fe:15:7e:e7:c9:f3:1a:49:93:65:42:10:59:a8:
43:48:0d:4a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcChJ6F2vIWa7tZFzD268gH4z920wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUxMTZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjMDgzY2UzNzJhODgzZmJjZGI4MTFlODY1ODY5YjZkMmQ0OWYzNDg3YTgw
NmJmZGRjYWQ3OWEyNDk1MTg3ZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGlzcKflElbBg68lLDyHmNkHty1pNL0WYK1D3EutpIxEnAhKSitxqY7BV34
HvHRCMckT2DQcKUtMF/+1IFmzDPGmiKGw6pbuT3sGzmXznmMYXVADGJWLuauZ6HV
LDWPn7BPxpYjRSjRbRKZOplaPS/jTuY8YtJB8n1L5KUdOJKlraZblQOc82N+4CTd
o8D98bzVQRnzadKKKIugivoKHG+xchmbCNyMY1kYPxGxw0Y59ReyXGJLf0KURRdn
gHMbsYd1NPPiQYNZ2kFB/1+v42gpcCuAd1wSDAdiartmriMFEW/yv4IwuU6ma9IR
i0QTnc5+/0VUuKJcPFr62VQqs4ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRhzuxH
2z8b3CTQ+QVwdsnhrGi/kDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjVjNDZkYjQtMDIzYi00ODg1LThjNmItOTQ0NGRiMTc0YWQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HvA
gDANBgkqhkiG9w0BAQsFAAOCAQEAwiRP4bpgnsib1VsmhcBzKCbNvp2taCKL4yFA
jH4Ssi/l129WiCnm9auqeBatL9Wvht/76P0p72I3d+ChKRd9MXZKf36X9+YuwQo9
ShvuGCKlIwXugMDQ/xja9uXqR/h2mm9iiXU0uXten8kGqmyIbYcpsJLMyVQQdobt
mgMQYbaa9sWEZ6YD8im+uWn8VOCYKAtHBabkgBIyA6plXrd4v4ZneidPraAa8RQ/
wCpqmdBBx+5hbgRPOhWhscGthDJlEKyUwavMDSSgc+IOW85xa+J1FaMh2wzfObEI
lROItz0xwF0abVLhXzf71wrChP4VfufJ8xpJk2VCEFmoQ0gNSg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:32 2025 by rpki-client