Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
File: 94b69c02-a117-42df-89a0-b463fa809f2d.roa (raw, json)
Hash identifier: T7p9HDri1oWhl7kD58zbXlEci3cBrJ9bIX92g6B9ZDQ=
Subject key identifier: A0:03:20:FF:B8:D8:B9:D0:03:39:6A:46:8F:D3:42:58:69:ED:1B:4A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5DDCD74D515EEECA526584AFD3087161CFD2C7C5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
Signing time: Tue 20 May 2025 20:11:26 +0000
ROA not before: Tue 20 May 2025 20:11:26 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:dc:d7:4d:51:5e:ee:ca:52:65:84:af:d3:08:71:61:cf:d2:c7:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:26 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b3bc8fd4b42f4e912081d7c229ab3c80a3dbedba20dd1544ae2c9a37381a9dab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fa:58:bb:8f:32:f6:85:4f:0c:4b:a5:54:85:
50:56:87:76:7f:a8:c3:69:60:00:7d:2a:82:94:cb:
98:ab:74:13:f4:32:5a:97:67:ab:52:8e:3b:10:73:
53:9f:4b:e0:4d:d5:06:47:da:13:c3:2d:a5:e9:35:
50:32:65:aa:97:b0:ff:b9:8b:38:bf:d5:fa:3d:9d:
97:b9:fc:90:9a:c5:fe:63:0c:35:c4:c2:86:4c:36:
37:c8:c0:bc:94:3f:27:cb:38:0b:fe:9c:ec:fa:a5:
db:4a:d1:1b:d0:7f:c8:04:86:26:48:2f:31:50:79:
5f:88:eb:96:90:7d:5f:8e:9e:63:6f:94:04:98:b6:
12:bc:f1:50:02:3a:c6:d8:73:9c:7c:c8:a9:ee:6a:
0d:32:f1:5b:76:e4:6c:e9:97:2f:29:f4:cd:07:05:
d5:88:cb:44:7b:89:db:c6:8c:8f:28:ae:5f:0b:5a:
d3:3f:38:95:cc:d2:b6:60:91:cd:6d:b8:b9:7b:a2:
c3:48:09:5f:18:10:69:be:c6:66:e2:2b:09:89:dc:
d2:88:de:20:a0:e1:52:09:ee:ac:3a:7b:ad:08:8f:
95:8c:b3:b9:c4:52:14:04:69:f8:df:b7:d7:9d:d3:
5f:cd:da:59:de:82:70:94:c2:ee:5f:91:fa:d2:8c:
55:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:03:20:FF:B8:D8:B9:D0:03:39:6A:46:8F:D3:42:58:69:ED:1B:4A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:2000::/40
Signature Algorithm: sha256WithRSAEncryption
02:bd:c7:fc:47:b8:55:21:e8:a5:23:18:59:fc:7e:19:e5:e1:
84:6e:2a:e0:69:a8:6b:30:3c:46:5d:46:97:4b:c6:c9:d8:ac:
10:f9:d1:63:46:91:68:8d:e8:99:ef:cd:b0:ed:14:00:e8:7f:
6d:28:1e:b7:b5:15:be:66:8c:e2:7f:26:e4:00:0e:ef:c3:0f:
f7:59:77:83:7e:1c:cf:a8:e0:d5:77:8f:0d:46:43:4a:9e:39:
3b:1f:fc:93:c4:22:35:c7:ee:bf:9b:9d:4d:5b:5b:90:b7:73:
f0:bd:0d:5c:d5:29:68:e5:a0:aa:34:f8:34:3c:f4:3d:03:7a:
06:c1:ae:ee:48:3b:64:7d:a6:2d:e6:47:56:d8:25:92:29:d7:
7c:ad:67:a6:34:4f:e9:f7:20:54:f7:8c:d4:49:05:d5:c0:43:
16:00:c4:76:1d:0e:38:48:24:68:48:25:55:53:28:ca:4d:79:
71:71:f5:13:71:d8:97:90:9b:a1:36:87:79:57:05:b7:b7:15:
35:92:e0:94:a0:04:e4:b8:ab:de:de:87:e1:fd:2c:77:ef:5c:
94:d2:73:b0:ee:51:a2:24:05:d6:5e:56:1f:c9:15:91:85:54:
1c:95:76:38:8a:13:31:f2:57:8e:aa:f6:29:72:7e:99:c6:5f:
e0:ab:32:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXdzXTVFe7spSZYSv0whxYc/Sx8UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMjZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzYmM4ZmQ0YjQyZjRlOTEyMDgxZDdjMjI5YWIzYzgwYTNkYmVkYmEyMGRk
MTU0NGFlMmM5YTM3MzgxYTlkYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALz6WLuPMvaFTwxLpVSFUFaHdn+ow2lgAH0qgpTLmKt0E/QyWpdnq1KOOxBz
U59L4E3VBkfaE8Mtpek1UDJlqpew/7mLOL/V+j2dl7n8kJrF/mMMNcTChkw2N8jA
vJQ/J8s4C/6c7Pql20rRG9B/yASGJkgvMVB5X4jrlpB9X46eY2+UBJi2ErzxUAI6
xthznHzIqe5qDTLxW3bkbOmXLyn0zQcF1YjLRHuJ28aMjyiuXwta0z84lczStmCR
zW24uXuiw0gJXxgQab7GZuIrCYnc0ojeIKDhUgnurDp7rQiPlYyzucRSFARp+N+3
153TX83aWd6CcJTC7l+R+tKMVbMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgAyD/
uNi50AM5akaP00JYae0bSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRiNjljMDItYTExNy00MmRmLTg5YTAtYjQ2M2ZhODA5ZjJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYg
MA0GCSqGSIb3DQEBCwUAA4IBAQACvcf8R7hVIeilIxhZ/H4Z5eGEbirgaahrMDxG
XUaXS8bJ2KwQ+dFjRpFojeiZ782w7RQA6H9tKB63tRW+ZozifybkAA7vww/3WXeD
fhzPqODVd48NRkNKnjk7H/yTxCI1x+6/m51NW1uQt3PwvQ1c1Slo5aCqNPg0PPQ9
A3oGwa7uSDtkfaYt5kdW2CWSKdd8rWemNE/p9yBU94zUSQXVwEMWAMR2HQ44SCRo
SCVVUyjKTXlxcfUTcdiXkJuhNod5VwW3txU1kuCUoATkuKve3ofh/Sx371yU0nOw
7lGiJAXWXlYfyRWRhVQclXY4ihMx8leOqvYpcn6Zxl/gqzJX
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:26 2025 by rpki-client