Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
File: 7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa (raw, json)
Hash identifier: lG5g+z3nNxgPnqQNmvUii/WT2FxwK4wlCV+87EZwi0w=
Subject key identifier: 11:CF:0E:F4:98:60:DB:6B:E2:7E:1B:8D:05:06:A2:B5:35:09:12:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71C3399F7489EADC6F6F37ED8A98CF18AA925F98
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
Signing time: Tue 10 Jun 2025 17:20:35 +0000
ROA not before: Tue 10 Jun 2025 17:20:35 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:c3:39:9f:74:89:ea:dc:6f:6f:37:ed:8a:98:cf:18:aa:92:5f:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:35 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=a8568941c5f644dd94274b4b355aec9a914ecf7afa9bb610b0bfca3093bb193c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2f:f1:05:e9:3e:fd:13:f4:e8:4a:59:b6:05:
56:bd:37:8c:0c:9d:c0:c6:db:63:7b:8e:49:1e:c7:
99:a7:43:2d:8d:bc:86:f5:7c:bf:dc:ad:7e:68:ec:
b6:f6:85:36:cc:96:e5:be:fc:82:2c:3f:d2:3d:30:
8e:56:d0:fe:64:c8:f7:be:6a:8b:23:8b:40:bd:fe:
9a:dd:fb:0f:4a:41:c2:da:76:64:42:d7:ef:9f:d0:
14:de:55:31:82:12:3b:71:a6:54:43:06:6e:b4:1d:
a8:0f:10:68:31:71:cb:45:e6:20:f6:5c:b0:69:36:
76:59:51:d8:3a:1f:82:51:3d:bf:9b:64:b1:c0:b4:
d3:a4:27:25:31:fe:94:c3:d6:65:2c:73:c8:f1:37:
3f:96:3a:2f:72:e6:65:60:a3:a5:ab:81:96:4d:ba:
d0:ef:cf:7b:1a:d9:c4:20:13:6c:13:34:e5:c4:70:
18:88:f5:0c:32:c8:83:c0:e5:73:45:42:7e:09:ce:
24:54:dd:65:25:e0:88:a1:d7:22:30:8a:31:ee:1b:
21:0b:2b:cd:62:65:54:14:3e:14:4d:26:e7:51:0f:
18:fd:a0:7e:9b:7b:91:66:1b:36:6f:31:75:ab:a1:
b5:cc:41:56:bb:08:b2:72:e6:f8:ce:ea:5c:a7:fd:
a6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:CF:0E:F4:98:60:DB:6B:E2:7E:1B:8D:05:06:A2:B5:35:09:12:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038::/32
Signature Algorithm: sha256WithRSAEncryption
08:e5:7a:d1:6c:1e:6c:63:46:67:0c:0c:7d:b0:c9:80:5d:4b:
d7:1b:37:78:c9:d6:33:3c:44:06:58:31:a1:d7:63:ab:1e:f0:
23:28:d9:79:a2:4c:fd:23:5e:48:77:98:6c:bf:86:00:d9:af:
e4:cb:5e:f3:55:04:41:4a:69:67:7b:23:01:a1:59:43:82:f2:
05:cd:c2:aa:28:04:ae:60:8c:8c:1c:f2:ac:de:0a:d3:b3:fc:
1c:a3:97:6b:f6:93:a6:c0:ae:a0:68:64:96:67:89:8c:f2:4f:
8f:9c:ab:4c:eb:b3:a6:5e:8d:d2:74:9a:01:6a:e0:ef:e3:02:
6e:24:28:c2:74:dc:0c:36:cb:ea:93:db:80:54:0c:da:cd:13:
37:7c:e9:99:f8:c0:d8:a1:dc:ea:45:04:d9:54:d6:2b:41:ea:
01:bd:a9:33:e1:78:c7:b6:1c:d8:1e:0e:32:fa:99:bc:1e:cc:
f2:2c:14:67:b8:9c:a0:57:a7:1e:af:a3:40:f1:31:bc:3f:46:
3e:9f:1f:63:27:e3:eb:a9:f2:2c:87:00:a5:33:f3:0e:75:6d:
7f:0f:76:1b:f1:0c:55:f6:56:1f:a8:ca:fd:96:c2:16:65:59:
8d:09:45:51:cd:0c:22:75:a8:0d:7b:0b:be:63:70:e3:d3:7a:
43:ff:17:a7
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUccM5n3SJ6txvbzftipjPGKqSX5gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwMzVaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4NTY4OTQxYzVmNjQ0ZGQ5NDI3NGI0YjM1NWFlYzlhOTE0ZWNmN2FmYTli
YjYxMGIwYmZjYTMwOTNiYjE5M2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI8v8QXpPv0T9OhKWbYFVr03jAydwMbbY3uOSR7HmadDLY28hvV8v9ytfmjs
tvaFNsyW5b78giw/0j0wjlbQ/mTI975qiyOLQL3+mt37D0pBwtp2ZELX75/QFN5V
MYISO3GmVEMGbrQdqA8QaDFxy0XmIPZcsGk2dllR2DofglE9v5tkscC006QnJTH+
lMPWZSxzyPE3P5Y6L3LmZWCjpauBlk260O/PexrZxCATbBM05cRwGIj1DDLIg8Dl
c0VCfgnOJFTdZSXgiKHXIjCKMe4bIQsrzWJlVBQ+FE0m51EPGP2gfpt7kWYbNm8x
dauhtcxBVrsIsnLm+M7qXKf9piMCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQRzw70
mGDba+J+G40FBqK1NQkShTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RjZjAxNGYtYWY4OC00YWI5LTk5NzYtNzQ2ZWQ4ZGVjMWE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Dgw
DQYJKoZIhvcNAQELBQADggEBAAjletFsHmxjRmcMDH2wyYBdS9cbN3jJ1jM8RAZY
MaHXY6se8CMo2XmiTP0jXkh3mGy/hgDZr+TLXvNVBEFKaWd7IwGhWUOC8gXNwqoo
BK5gjIwc8qzeCtOz/Byjl2v2k6bArqBoZJZniYzyT4+cq0zrs6ZejdJ0mgFq4O/j
Am4kKMJ03Aw2y+qT24BUDNrNEzd86Zn4wNih3OpFBNlU1itB6gG9qTPheMe2HNge
DjL6mbwezPIsFGe4nKBXpx6vo0DxMbw/Rj6fH2Mn4+up8iyHAKUz8w51bX8Pdhvx
DFX2Vh+oyv2WwhZlWY0JRVHNDCJ1qA17C75jcOPTekP/F6c=
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:10 2025 by rpki-client