Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
File: 758ab83f-3a25-48db-a214-04c27915b62e.roa (raw, json)
Hash identifier: 7Eh1/cgTm5Y4fxdUd0nHJBUiPKa0lHmZeaAWMUppdy4=
Subject key identifier: BD:EF:33:67:A1:4E:34:66:0E:59:DD:38:E7:CF:3F:D8:EC:A4:9A:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50B645E7DB4507AB8815D16B29C3EE02F62A99AD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
Signing time: Thu 22 May 2025 01:22:18 +0000
ROA not before: Thu 22 May 2025 01:22:18 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:b6:45:e7:db:45:07:ab:88:15:d1:6b:29:c3:ee:02:f6:2a:99:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:22:18 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=49262488d3d1825bb9498ccbcdcfbe11dbf9c0fd253b95f2e29ecced3e456853, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:83:de:27:39:f0:73:68:a8:68:b1:3b:08:eb:
5c:08:89:93:41:8f:0d:6d:b8:e6:29:03:13:fd:11:
e6:f9:3d:a2:39:4a:b6:a8:d5:4a:ea:38:af:07:9e:
a2:67:9f:e4:1e:04:32:ed:13:78:5e:70:0c:a4:d8:
19:a9:3f:b4:ae:5e:9d:24:1a:ee:f3:21:b4:b3:ea:
4e:7c:3b:ce:ff:b1:b0:61:0a:91:ea:50:8a:49:1b:
ad:0b:32:cc:e9:d1:b6:bc:d5:3d:5e:f2:c6:8e:90:
66:09:28:ee:8e:80:f7:6a:c9:14:67:87:1b:b7:fc:
10:17:a1:b2:65:ea:dc:9b:2c:3a:a8:ab:06:7f:35:
fd:dc:00:03:42:57:d4:4e:5e:65:ad:dd:7b:cf:36:
3f:bf:06:19:6d:c5:8b:ba:a2:58:a4:96:9b:d7:54:
cd:41:e9:63:e4:88:0c:e8:e5:92:bb:f8:5d:a9:2e:
12:3e:50:85:4f:4d:1b:d9:9e:1f:82:46:d9:74:fb:
e9:5c:3c:75:76:5d:65:6f:b3:81:cf:49:a6:63:20:
a2:ef:5b:de:76:38:b5:b0:f7:d0:d8:59:77:43:ea:
57:66:8c:4b:3b:7a:cb:68:c4:22:25:8d:e3:58:00:
11:b1:a6:6c:cd:eb:b9:52:75:41:63:24:17:b7:7c:
1d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:EF:33:67:A1:4E:34:66:0E:59:DD:38:E7:CF:3F:D8:EC:A4:9A:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:a000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:b0:18:cd:35:ca:35:e4:e2:ed:c7:e8:71:f4:1e:50:9b:62:
e2:14:d7:96:89:70:94:31:27:23:b5:87:8b:a9:d3:9e:79:6b:
44:47:2b:1d:ec:47:62:e7:3e:fc:08:c2:62:1d:44:6e:54:1e:
cf:27:55:cd:cd:80:9f:6a:fe:3a:a7:ff:9c:ea:ab:bc:88:3d:
8d:93:0e:67:37:ae:b0:18:87:91:8d:80:ef:d7:37:c7:6c:f2:
20:04:a8:26:18:f2:21:ba:c9:b0:13:f6:95:90:7a:65:ee:f1:
1f:76:6d:6a:4b:28:e9:d7:4e:d0:11:4b:4d:eb:27:2e:1d:b6:
ba:04:26:cd:09:8d:90:45:69:30:73:7d:c7:3c:61:e6:f2:7e:
25:74:64:cc:d7:f7:02:54:41:6f:5d:1b:83:8a:76:cf:5b:e6:
a9:11:f3:a1:b7:d3:e8:4f:51:6b:89:5f:6f:9c:1f:12:59:32:
95:19:76:da:f6:29:36:1a:c4:eb:37:7f:d5:7e:79:98:07:95:
e9:fc:0a:a6:46:08:25:b2:df:95:68:6c:94:9f:3d:98:09:d3:
a5:0f:38:bb:8d:4f:f4:20:dc:00:a0:84:dc:91:4c:26:02:57:
35:54:cd:2e:f4:dd:c0:8e:f6:ca:37:79:98:dd:8f:98:4f:73:
f8:42:9e:89
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUULZF59tFB6uIFdFrKcPuAvYqma0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTIyMThaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5MjYyNDg4ZDNkMTgyNWJiOTQ5OGNjYmNkY2ZiZTExZGJmOWMwZmQyNTNi
OTVmMmUyOWVjY2VkM2U0NTY4NTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGD3ic58HNoqGixOwjrXAiJk0GPDW245ikDE/0R5vk9ojlKtqjVSuo4rwee
omef5B4EMu0TeF5wDKTYGak/tK5enSQa7vMhtLPqTnw7zv+xsGEKkepQikkbrQsy
zOnRtrzVPV7yxo6QZgko7o6A92rJFGeHG7f8EBehsmXq3JssOqirBn81/dwAA0JX
1E5eZa3de882P78GGW3Fi7qiWKSWm9dUzUHpY+SIDOjlkrv4XakuEj5QhU9NG9me
H4JG2XT76Vw8dXZdZW+zgc9JpmMgou9b3nY4tbD30NhZd0PqV2aMSzt6y2jEIiWN
41gAEbGmbM3ruVJ1QWMkF7d8HZ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS97zNn
oU40Zg5Z3Tjnzz/Y7KSaMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzU4YWI4M2YtM2EyNS00OGRiLWEyMTQtMDRjMjc5MTViNjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2g
MA0GCSqGSIb3DQEBCwUAA4IBAQCqsBjNNco15OLtx+hx9B5Qm2LiFNeWiXCUMScj
tYeLqdOeeWtERysd7Edi5z78CMJiHURuVB7PJ1XNzYCfav46p/+c6qu8iD2Nkw5n
N66wGIeRjYDv1zfHbPIgBKgmGPIhusmwE/aVkHpl7vEfdm1qSyjp107QEUtN6ycu
Hba6BCbNCY2QRWkwc33HPGHm8n4ldGTM1/cCVEFvXRuDinbPW+apEfOht9PoT1Fr
iV9vnB8SWTKVGXba9ik2GsTrN3/VfnmYB5Xp/AqmRgglst+VaGyUnz2YCdOlDzi7
jU/0INwAoITckUwmAlc1VM0u9N3AjvbKN3mY3Y+YT3P4Qp6J
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:52 2025 by rpki-client