Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
File: 66a53b3f-eb55-4869-ac1a-f83569ee728f.roa (raw, json)
Hash identifier: OQbbiEmKoFt/tz9LcmAC3j2W47CGOwwEVn+590CI2X0=
Subject key identifier: F6:F0:D6:28:01:49:72:A4:8D:9D:F0:B2:36:2F:61:CE:E8:AE:7E:B1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 322BDD7D63B0085FF93729226C57DAD3AD5CC1C4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
Signing time: Fri 06 Jun 2025 15:10:17 +0000
ROA not before: Fri 06 Jun 2025 15:10:17 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:2b:dd:7d:63:b0:08:5f:f9:37:29:22:6c:57:da:d3:ad:5c:c1:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:17 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=5e97a3a80b873e3857a4a08ee5b691045b8dd39345a6c9fd5b7914bdb36f8f76, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:95:d4:c4:6c:b7:38:b4:68:39:46:cc:b4:63:
20:55:1a:54:09:2e:af:5d:77:db:59:da:df:94:70:
eb:e0:06:b8:6b:c6:4b:81:6c:5f:d2:8d:72:38:72:
4a:cc:26:f9:fe:0a:b7:2b:f2:74:b5:78:42:08:ef:
9e:d5:fe:43:ac:70:7e:7b:02:d4:3e:a0:7b:a7:af:
09:e7:ed:e8:67:47:c2:e7:cc:93:ef:14:48:d8:39:
f3:aa:b8:52:99:93:d3:95:5a:5c:f0:3b:b1:0f:2e:
c7:3d:77:d3:58:b9:f0:d6:a9:57:f2:47:4f:0d:ec:
69:4c:e6:f7:c8:72:7b:9e:b4:b1:49:2c:6b:8f:81:
6e:16:97:ab:2c:ca:67:82:d8:8b:ed:d0:19:2b:4a:
1f:5a:4a:e0:d8:80:d3:c4:eb:d1:81:a7:5a:f8:ff:
be:09:7c:ba:7a:88:cf:38:9b:2b:57:2c:25:6d:14:
2e:d4:80:97:3b:80:22:17:aa:a8:88:3a:d3:1d:5f:
10:e5:90:fe:d7:39:50:f3:46:a2:ef:f1:63:61:12:
5f:9f:67:5a:e7:d7:fe:3e:d1:e3:9c:7b:1b:fc:f1:
51:d8:e8:ef:bd:1b:f1:bd:96:fb:62:05:52:88:79:
d2:f0:8e:55:be:7e:45:6b:a5:86:90:6a:6f:bb:26:
ad:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:F0:D6:28:01:49:72:A4:8D:9D:F0:B2:36:2F:61:CE:E8:AE:7E:B1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8000::/40
Signature Algorithm: sha256WithRSAEncryption
46:7d:eb:ba:5d:9f:10:74:fc:fd:d9:0a:fa:4f:9e:74:67:cc:
f6:00:81:7a:19:d8:7e:f9:24:df:8e:56:f6:c9:36:58:59:b5:
83:fc:fe:35:d8:3e:8c:ae:00:56:16:5b:55:b9:47:81:63:23:
52:20:97:9e:c5:5a:a8:c5:ac:1a:52:78:2d:f2:af:9c:de:9c:
80:cc:27:7d:59:57:9e:17:c8:f1:a7:34:d2:14:a9:ac:b7:ef:
ab:a5:77:96:ac:7a:7f:be:1e:44:c8:9f:a4:cd:58:cc:5f:aa:
e6:c4:f5:2a:14:41:12:81:f8:49:74:87:4d:20:cc:1d:44:a7:
24:24:27:a4:61:17:43:32:f5:07:88:44:10:72:49:f5:30:e7:
f1:2e:98:e1:62:e8:cc:e0:44:ee:3d:37:2e:31:8c:f6:22:17:
43:ac:6f:9c:94:b1:ae:1b:72:51:91:f9:e3:6a:4b:01:d2:40:
9f:e7:b8:1a:6f:8f:e0:a5:dc:a6:35:ff:58:9b:d0:24:e6:f0:
3d:20:c8:be:c1:3c:b7:96:4c:97:8b:13:34:c9:d8:68:29:76:
68:fc:f1:d2:c8:c2:be:63:75:d4:a7:e9:92:3a:b7:98:14:dd:
fc:e6:15:25:db:62:68:bf:79:c3:c6:6b:51:ff:75:2d:f1:af:
77:20:67:6b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMivdfWOwCF/5NykibFfa061cwcQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwMTdaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlOTdhM2E4MGI4NzNlMzg1N2E0YTA4ZWU1YjY5MTA0NWI4ZGQzOTM0NWE2
YzlmZDViNzkxNGJkYjM2ZjhmNzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGV1MRstzi0aDlGzLRjIFUaVAkur11321na35Rw6+AGuGvGS4FsX9KNcjhy
Sswm+f4KtyvydLV4QgjvntX+Q6xwfnsC1D6ge6evCeft6GdHwufMk+8USNg586q4
UpmT05VaXPA7sQ8uxz1301i58NapV/JHTw3saUzm98hye560sUksa4+BbhaXqyzK
Z4LYi+3QGStKH1pK4NiA08Tr0YGnWvj/vgl8unqIzzibK1csJW0ULtSAlzuAIheq
qIg60x1fEOWQ/tc5UPNGou/xY2ESX59nWufX/j7R45x7G/zxUdjo770b8b2W+2IF
Uoh50vCOVb5+RWulhpBqb7smrZ0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT28NYo
AUlypI2d8LI2L2HO6K5+sTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjZhNTNiM2YtZWI1NS00ODY5LWFjMWEtZjgzNTY5ZWU3MjhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA
MA0GCSqGSIb3DQEBCwUAA4IBAQBGfeu6XZ8QdPz92Qr6T550Z8z2AIF6Gdh++STf
jlb2yTZYWbWD/P412D6MrgBWFltVuUeBYyNSIJeexVqoxawaUngt8q+c3pyAzCd9
WVeeF8jxpzTSFKmst++rpXeWrHp/vh5EyJ+kzVjMX6rmxPUqFEESgfhJdIdNIMwd
RKckJCekYRdDMvUHiEQQckn1MOfxLpjhYujM4ETuPTcuMYz2IhdDrG+clLGuG3JR
kfnjaksB0kCf57gab4/gpdymNf9Ym9Ak5vA9IMi+wTy3lkyXixM0ydhoKXZo/PHS
yMK+Y3XUp+mSOreYFN385hUl22Jov3nDxmtR/3Ut8a93IGdr
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:49 2025 by rpki-client