Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa
File: 7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa (raw, json)
Hash identifier: 4pKoa2EjxGz+csdknlrsYJi8n3F6o0zILKaBVcU62f8=
Subject key identifier: A1:D4:2D:6C:71:60:47:12:F1:A2:F0:17:15:45:6A:7B:6D:F9:9F:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 656167B0250DBC3F815EBE3C13E5BBE1062E4F53
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa
Signing time: Tue 20 May 2025 20:30:22 +0000
ROA not before: Tue 20 May 2025 20:30:22 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d027::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:61:67:b0:25:0d:bc:3f:81:5e:be:3c:13:e5:bb:e1:06:2e:4f:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:30:22 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=e9a34c029dc2fc68e378398c94989b8caad1a768c1639d02f14b00a8553b8efb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:07:49:46:13:3b:f9:7e:74:de:61:1e:32:57:
5a:ab:7d:f0:82:a8:ab:9f:1b:92:80:29:5c:c5:66:
5a:83:b8:ea:42:f2:2b:5c:1d:72:c0:c3:2f:8e:e6:
bb:fe:b3:b4:2c:05:78:57:18:7c:a9:d4:5f:32:24:
6c:b0:ee:30:d3:17:3c:cc:50:5f:0c:98:25:3c:51:
71:a3:d6:ad:02:28:72:c5:f3:a8:6f:cf:18:f9:b1:
80:b0:ae:49:62:12:2e:ac:b3:ec:62:e9:86:9b:da:
c1:eb:22:99:1f:c7:25:ab:ae:ed:16:ad:fc:76:8f:
d3:a0:91:c9:5a:5f:6d:65:cc:32:78:30:bc:a9:de:
2a:5e:c5:de:ad:7c:5f:9c:f4:1b:a1:0e:84:4f:36:
07:41:0a:a5:f1:30:4c:fd:1b:7f:99:4c:39:64:42:
b2:54:3d:46:26:c3:93:60:2a:21:61:fe:e6:84:11:
55:e2:2e:83:91:0a:a8:10:25:4b:cb:48:63:77:39:
05:b4:90:57:7f:22:71:1a:33:7f:35:74:35:8c:e2:
11:89:4e:30:43:94:c2:a2:11:61:0b:9c:ca:f5:a4:
be:38:7b:e0:ff:82:a0:a1:72:3f:fb:bc:c3:3f:a8:
cb:a9:f0:5e:16:6f:cd:87:5d:6e:91:1e:05:4f:14:
69:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D4:2D:6C:71:60:47:12:F1:A2:F0:17:15:45:6A:7B:6D:F9:9F:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d027::/36
Signature Algorithm: sha256WithRSAEncryption
30:ba:3d:02:59:f6:d3:0e:5b:c5:6e:45:fe:cd:09:35:e6:51:
f7:ff:30:4c:99:7c:54:91:32:44:3e:83:bc:26:3b:f2:10:c4:
a8:9b:4d:92:84:9d:f8:e1:35:24:ad:47:83:ee:ee:05:0f:d1:
94:93:68:b0:24:0f:6d:27:62:f9:4d:5a:ed:90:da:93:8d:2e:
77:95:a5:68:6c:8f:5c:8d:fe:47:55:59:a0:f5:93:b2:80:da:
0f:26:f1:f2:1c:45:f2:3f:fc:03:f1:77:d2:d7:30:92:5e:20:
56:9b:13:fb:77:b6:e0:5a:d7:b1:64:34:22:2c:0d:30:78:7f:
aa:cd:0b:6a:52:0d:81:0f:cc:24:6f:21:2f:e3:ab:e4:31:2c:
b6:51:c9:fe:f6:9b:da:e5:d8:d4:f0:d8:98:16:92:b5:9e:3b:
4a:b4:1c:4b:c1:e0:1d:69:27:75:36:d1:16:97:4e:97:31:26:
4f:0f:19:89:b8:72:22:96:76:86:04:d2:b8:e0:ef:df:e5:4c:
70:95:f8:70:f4:dc:da:6f:27:8e:b9:50:a8:0b:10:d9:7f:08:
05:e4:eb:2a:e2:06:99:47:c9:5a:07:c1:d1:56:d9:d9:2c:c6:
46:3d:82:fc:b9:9f:45:49:be:b9:69:75:43:4c:0d:b0:67:35:
e2:90:b9:02
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZWFnsCUNvD+BXr48E+W74QYuT1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMwMjJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5YTM0YzAyOWRjMmZjNjhlMzc4Mzk4Yzk0OTg5YjhjYWFkMWE3NjhjMTYz
OWQwMmYxNGIwMGE4NTUzYjhlZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEHSUYTO/l+dN5hHjJXWqt98IKoq58bkoApXMVmWoO46kLyK1wdcsDDL47m
u/6ztCwFeFcYfKnUXzIkbLDuMNMXPMxQXwyYJTxRcaPWrQIocsXzqG/PGPmxgLCu
SWISLqyz7GLphpvawesimR/HJauu7Rat/HaP06CRyVpfbWXMMngwvKneKl7F3q18
X5z0G6EOhE82B0EKpfEwTP0bf5lMOWRCslQ9RibDk2AqIWH+5oQRVeIug5EKqBAl
S8tIY3c5BbSQV38icRozfzV0NYziEYlOMEOUwqIRYQucyvWkvjh74P+CoKFyP/u8
wz+oy6nwXhZvzYddbpEeBU8UafcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSh1C1s
cWBHEvGi8BcVRWp7bfmftTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2JjYmY5ZjMtN2E2My00MmEyLTliNTgtNGMwYzEwZmMzNGRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CcA
MA0GCSqGSIb3DQEBCwUAA4IBAQAwuj0CWfbTDlvFbkX+zQk15lH3/zBMmXxUkTJE
PoO8JjvyEMSom02ShJ344TUkrUeD7u4FD9GUk2iwJA9tJ2L5TVrtkNqTjS53laVo
bI9cjf5HVVmg9ZOygNoPJvHyHEXyP/wD8XfS1zCSXiBWmxP7d7bgWtexZDQiLA0w
eH+qzQtqUg2BD8wkbyEv46vkMSy2Ucn+9pva5djU8NiYFpK1njtKtBxLweAdaSd1
NtEWl06XMSZPDxmJuHIilnaGBNK44O/f5Uxwlfhw9NzabyeOuVCoCxDZfwgF5Osq
4gaZR8laB8HRVtnZLMZGPYL8uZ9FSb65aXVDTA2wZzXikLkC
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:19 2025 by rpki-client