Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
File: 67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa (raw, json)
Hash identifier: hWSv+yUDm1d2F4K0FKr72zJVVdeENbgVMkHemZh7K2s=
Subject key identifier: AA:BF:1C:A8:35:72:78:3B:0A:D6:B6:13:E1:8C:93:CE:CC:16:58:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36490EAB2762C06E83207E59474B77B76E564D0A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
Signing time: Fri 06 Jun 2025 15:10:21 +0000
ROA not before: Fri 06 Jun 2025 15:10:21 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:49:0e:ab:27:62:c0:6e:83:20:7e:59:47:4b:77:b7:6e:56:4d:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:21 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=0a16285da09a4f3fd4482dcf7d888a2e968737996dd22c222ff03f195362d59e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:dc:65:97:79:9c:0c:d3:22:7f:21:4b:c9:71:
27:30:e3:94:57:3a:6c:d8:94:5d:4c:f8:8b:25:2b:
78:53:ae:91:6f:1e:ec:ca:02:5e:38:28:9b:71:af:
15:47:05:33:4c:db:fe:12:77:30:4f:22:06:43:15:
f8:0e:d5:e1:3e:da:1b:1e:92:b3:9f:6e:a7:87:f3:
c9:5f:f5:6c:76:03:54:4c:8b:9f:ea:aa:2c:22:8f:
26:62:8e:f4:71:96:e5:e1:74:bc:74:4e:86:64:0d:
90:7e:8e:91:b9:85:53:ea:c7:c6:75:6a:50:fb:0c:
77:ce:64:db:e4:20:3f:48:f5:28:87:ac:25:88:24:
ec:ef:54:1a:89:51:b8:99:18:42:93:3a:64:d6:7a:
f5:94:1f:60:19:d8:24:13:7d:29:11:a0:8f:9c:6f:
aa:ba:7b:d0:68:3d:a7:44:93:23:51:0d:37:2e:bf:
d0:fa:d3:9d:61:65:4a:a4:19:1f:89:6e:b3:54:e8:
9e:1d:41:2a:cd:31:10:54:9c:68:6b:65:64:34:05:
99:c6:01:c0:cb:24:7e:f6:29:9f:4d:43:79:2a:62:
3b:3b:51:c7:65:b7:a0:3f:95:6a:c7:10:87:cc:38:
a4:e6:7f:b2:7c:c1:1a:19:07:47:ed:9d:5b:48:b9:
9e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:BF:1C:A8:35:72:78:3B:0A:D6:B6:13:E1:8C:93:CE:CC:16:58:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:6000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:2e:e2:44:21:36:8b:16:a9:9d:8e:95:8e:4d:65:53:6a:f6:
5a:ea:7b:d5:7f:b9:63:78:3e:f9:37:a0:52:af:88:94:99:a6:
8d:28:8c:3a:4f:1c:cc:04:ca:73:34:93:47:a4:5d:73:38:b3:
77:22:8c:d3:89:01:35:c3:cc:bc:c6:d9:d4:86:87:34:05:81:
db:69:5c:37:f8:af:8e:92:5f:ca:6f:07:6e:98:73:50:b8:9c:
86:58:c0:a7:e7:9a:14:45:56:a4:4e:bf:ae:4a:88:d4:42:8a:
ed:b3:87:2e:ab:09:21:91:5b:01:34:2b:de:83:17:33:b3:56:
ad:31:3c:e8:6f:eb:fd:8d:c5:88:8a:ef:04:2c:49:e9:fe:df:
7c:11:73:d1:9e:0a:45:37:18:75:b6:f7:48:96:6b:45:6e:9a:
d4:6d:53:57:de:50:fb:c5:a9:57:8a:c1:76:2d:8c:bc:8b:0c:
11:d8:43:ad:27:c5:25:34:12:48:af:91:29:7e:93:7a:f0:0b:
4c:b0:fe:eb:9f:3e:9a:0e:76:db:de:19:72:cd:57:da:06:da:
5b:22:38:a2:8f:3f:57:b9:94:6a:70:4f:60:85:57:55:b2:ce:
71:16:83:71:ca:c4:46:1e:2a:3a:d4:67:91:59:d8:a1:c0:e7:
8d:47:83:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNkkOqydiwG6DIH5ZR0t3t25WTQowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwMjFaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhMTYyODVkYTA5YTRmM2ZkNDQ4MmRjZjdkODg4YTJlOTY4NzM3OTk2ZGQy
MmMyMjJmZjAzZjE5NTM2MmQ1OWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPDcZZd5nAzTIn8hS8lxJzDjlFc6bNiUXUz4iyUreFOukW8e7MoCXjgom3Gv
FUcFM0zb/hJ3ME8iBkMV+A7V4T7aGx6Ss59up4fzyV/1bHYDVEyLn+qqLCKPJmKO
9HGW5eF0vHROhmQNkH6OkbmFU+rHxnVqUPsMd85k2+QgP0j1KIesJYgk7O9UGolR
uJkYQpM6ZNZ69ZQfYBnYJBN9KRGgj5xvqrp70Gg9p0STI1ENNy6/0PrTnWFlSqQZ
H4lus1Tonh1BKs0xEFScaGtlZDQFmcYBwMskfvYpn01DeSpiOztRx2W3oD+VascQ
h8w4pOZ/snzBGhkHR+2dW0i5nmcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSqvxyo
NXJ4OwrWthPhjJPOzBZYzTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjdhOTE5MTAtYTU3Yy00YTA0LThkN2ItNDA0YmNkNWZlY2YyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBg
MA0GCSqGSIb3DQEBCwUAA4IBAQDBLuJEITaLFqmdjpWOTWVTavZa6nvVf7ljeD75
N6BSr4iUmaaNKIw6TxzMBMpzNJNHpF1zOLN3IozTiQE1w8y8xtnUhoc0BYHbaVw3
+K+Okl/KbwdumHNQuJyGWMCn55oURVakTr+uSojUQorts4cuqwkhkVsBNCvegxcz
s1atMTzob+v9jcWIiu8ELEnp/t98EXPRngpFNxh1tvdIlmtFbprUbVNX3lD7xalX
isF2LYy8iwwR2EOtJ8UlNBJIr5EpfpN68AtMsP7rnz6aDnbb3hlyzVfaBtpbIjii
jz9XuZRqcE9ghVdVss5xFoNxysRGHio61GeRWdihwOeNR4NM
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:34 2025 by rpki-client