Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82baa148-3f1e-4e5f-a19f-3be140c60d34.roa
File: 82baa148-3f1e-4e5f-a19f-3be140c60d34.roa (raw, json)
Hash identifier: C8TYb+4+mNguNVy0Cma3J4lxcLM2VG91Dk46xPZFc/c=
Subject key identifier: 87:98:0D:07:80:1C:96:31:2B:CF:8B:70:AC:D2:02:2A:8B:E8:EE:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 138576349B8AA8F206353D727B3F52EFF90475AD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82baa148-3f1e-4e5f-a19f-3be140c60d34.roa
Signing time: Fri 06 Jun 2025 15:10:23 +0000
ROA not before: Fri 06 Jun 2025 15:10:23 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:85:76:34:9b:8a:a8:f2:06:35:3d:72:7b:3f:52:ef:f9:04:75:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:23 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=fa68aca9ef0687f70fe0c115398a0fdfe681af57a6bdc653589e724e95f041ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5d:9c:73:00:2d:0c:21:2f:93:06:2c:10:b2:
97:51:ac:99:ca:33:1c:71:e6:b5:a1:40:31:ff:70:
5d:c6:18:1c:e4:9e:f8:de:f1:6c:e2:c1:26:81:b6:
33:ee:a6:5e:c9:27:15:b8:24:90:de:78:ac:0a:c4:
8f:f5:de:37:1d:a1:34:e1:e7:46:ff:77:5b:c0:17:
28:d3:7e:da:b3:8b:23:37:5d:87:13:9d:fb:b2:93:
f8:af:93:58:dd:87:f6:ec:e4:6b:4a:8a:e8:79:6b:
86:cb:d8:d3:f3:c8:78:92:0a:a8:7e:3f:df:08:ed:
ef:92:f3:c8:73:e8:46:72:eb:da:8d:c9:36:16:c3:
c1:41:58:59:53:ad:ff:77:86:43:5d:41:b7:cf:f5:
0d:fe:8a:79:1d:76:1c:53:ec:ee:54:ae:35:be:82:
c3:01:2a:40:54:91:75:69:cb:31:52:e8:c5:6f:e3:
ed:e1:cb:56:54:6e:a9:8a:8e:c0:cf:23:44:0a:38:
5f:30:60:8c:8f:12:b9:ae:a8:d9:f0:83:f5:60:9d:
56:b4:d5:bd:a2:a2:4f:97:59:a0:81:7b:40:36:a0:
ea:24:4c:f7:af:f6:bd:8b:eb:b3:3a:a7:0f:d3:99:
a7:ba:39:42:99:aa:c5:ae:4c:06:b1:46:1c:cd:de:
ed:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:98:0D:07:80:1C:96:31:2B:CF:8B:70:AC:D2:02:2A:8B:E8:EE:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82baa148-3f1e-4e5f-a19f-3be140c60d34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:4000::/40
Signature Algorithm: sha256WithRSAEncryption
8c:c1:fc:ba:41:df:99:fa:ab:3f:0f:b8:07:4b:2e:ad:10:50:
dc:28:fa:20:21:e1:65:cd:89:16:e4:a8:2f:38:7a:cb:c1:9f:
db:fe:cf:10:e7:cc:13:22:3b:cf:11:a9:88:2f:cc:cb:c2:ce:
9c:f6:fd:1c:34:45:f8:e7:1a:da:16:f9:f0:ca:0b:c0:e1:65:
ff:75:2c:c1:82:c0:5c:ef:e7:42:02:d5:9a:cd:40:bd:e0:67:
f4:cf:11:85:d7:94:53:d5:79:9c:0b:24:e4:b0:c3:98:c5:fa:
c2:c8:96:49:9d:b4:c5:e4:94:52:84:52:5c:04:64:3e:ee:7a:
ae:86:65:77:04:4a:08:00:14:a8:d7:42:f2:4a:78:21:27:94:
cd:95:2d:b2:3a:15:d1:11:d3:c4:43:5b:8d:fe:ee:20:f4:22:
86:09:e6:84:1e:9c:42:66:23:58:26:b2:98:40:a2:35:9e:c7:
56:ad:d2:f3:a6:eb:78:ea:94:c1:9a:b8:5d:7b:3b:01:ad:7a:
95:58:92:eb:bb:cd:d1:dd:7f:17:6c:8d:86:e4:9f:9c:aa:cd:
e1:41:5f:bb:37:35:92:eb:8f:d6:2a:b0:99:f4:6b:b6:54:8d:
3f:39:f6:cf:00:41:c9:4c:17:8c:aa:54:22:03:89:8e:30:88:
2e:24:36:0a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE4V2NJuKqPIGNT1yez9S7/kEda0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwMjNaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhNjhhY2E5ZWYwNjg3ZjcwZmUwYzExNTM5OGEwZmRmZTY4MWFmNTdhNmJk
YzY1MzU4OWU3MjRlOTVmMDQxYWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFdnHMALQwhL5MGLBCyl1GsmcozHHHmtaFAMf9wXcYYHOSe+N7xbOLBJoG2
M+6mXsknFbgkkN54rArEj/XeNx2hNOHnRv93W8AXKNN+2rOLIzddhxOd+7KT+K+T
WN2H9uzka0qK6HlrhsvY0/PIeJIKqH4/3wjt75LzyHPoRnLr2o3JNhbDwUFYWVOt
/3eGQ11Bt8/1Df6KeR12HFPs7lSuNb6CwwEqQFSRdWnLMVLoxW/j7eHLVlRuqYqO
wM8jRAo4XzBgjI8Sua6o2fCD9WCdVrTVvaKiT5dZoIF7QDag6iRM96/2vYvrszqn
D9OZp7o5Qpmqxa5MBrFGHM3e7e8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSHmA0H
gByWMSvPi3Cs0gIqi+juATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODJiYWExNDgtM2YxZS00ZTVmLWExOWYtM2JlMTQwYzYwZDM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBA
MA0GCSqGSIb3DQEBCwUAA4IBAQCMwfy6Qd+Z+qs/D7gHSy6tEFDcKPogIeFlzYkW
5KgvOHrLwZ/b/s8Q58wTIjvPEamIL8zLws6c9v0cNEX45xraFvnwygvA4WX/dSzB
gsBc7+dCAtWazUC94Gf0zxGF15RT1XmcCyTksMOYxfrCyJZJnbTF5JRShFJcBGQ+
7nquhmV3BEoIABSo10LySnghJ5TNlS2yOhXREdPEQ1uN/u4g9CKGCeaEHpxCZiNY
JrKYQKI1nsdWrdLzput46pTBmrhdezsBrXqVWJLru83R3X8XbI2G5J+cqs3hQV+7
NzWS64/WKrCZ9Gu2VI0/OfbPAEHJTBeMqlQiA4mOMIguJDYK
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:30 2025 by rpki-client