Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
File: 9902e563-fe64-4a01-9616-0424a53839fb.roa (raw, json)
Hash identifier: xbUEhfZFQLhgYRMWD2zUrDXGmdpFGnwxNWnWaGEYzFQ=
Subject key identifier: FC:24:1E:8E:51:C4:F4:ED:7D:D8:71:99:83:02:9A:80:16:87:25:DF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76148AB2ACDB9BD603269682C61EF6C476C4B5C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
Signing time: Tue 20 May 2025 18:50:06 +0000
ROA not before: Tue 20 May 2025 18:50:06 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:14:8a:b2:ac:db:9b:d6:03:26:96:82:c6:1e:f6:c4:76:c4:b5:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:50:06 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=4ddc47307d4ceb41a17c22d1f98458b5fbbc6bfc8ea415ff9b85f5a16ce6b51f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:36:9d:e0:1a:46:2f:18:13:86:4f:1a:c6:9c:
20:47:b4:44:ce:49:c4:f5:e5:cb:36:03:52:3f:02:
c7:66:ea:2c:1e:c0:c8:f8:9e:7b:52:24:25:35:f6:
a8:29:17:49:d2:2a:50:d1:57:bb:14:8b:59:34:9e:
ad:c7:55:d8:7d:66:de:d4:5f:f3:9d:43:66:7b:ff:
35:ac:49:9f:b4:ae:dc:24:28:eb:7e:7f:84:da:9c:
19:7a:99:c3:79:c5:73:33:f4:52:70:9d:e9:18:b5:
fc:67:53:54:84:7f:dc:0f:9e:9f:dc:80:ca:e3:bf:
90:70:71:a4:4d:68:c5:c5:e1:aa:ff:1b:86:16:b1:
a1:2b:f4:fe:ea:44:7c:e3:86:9e:fb:1f:31:79:93:
c7:cd:e2:ed:2c:30:4d:24:77:6f:fb:e4:ac:09:76:
77:7d:72:0e:73:cc:d4:d1:40:a7:4e:00:c6:3a:09:
d9:d0:1b:2c:c6:4f:3d:49:c5:f3:95:70:f4:23:60:
57:b7:78:f4:1d:a7:f5:5b:5a:86:67:ec:7b:c4:e7:
e4:60:6d:1d:dc:fb:b1:da:a9:ed:35:87:eb:5e:1b:
24:45:c0:e4:1f:45:48:27:e6:1f:ca:d7:ed:ff:b7:
36:4a:c7:d4:fd:d3:88:43:57:41:40:0b:7b:3a:1f:
31:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:24:1E:8E:51:C4:F4:ED:7D:D8:71:99:83:02:9A:80:16:87:25:DF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
68:94:01:85:67:20:af:e9:46:4a:36:1a:7e:05:82:cc:1d:d1:
09:9a:95:2a:5e:e9:2a:c8:06:ca:be:da:05:8f:c0:e8:fa:03:
01:b4:71:b3:fd:c4:c6:3f:b0:97:7e:8c:52:f2:70:03:16:6d:
4a:3f:3f:6e:b8:0b:a4:37:38:59:12:c8:20:eb:b7:99:de:c8:
81:8c:db:6f:68:d2:78:d6:d4:cd:34:32:4f:3a:9c:a1:4e:6c:
5c:36:af:bb:16:29:5b:13:2d:59:e0:e7:e7:43:88:f0:48:d7:
60:97:e8:9e:73:ab:67:76:64:4f:cf:3b:b4:03:e5:17:c9:da:
af:31:ed:2d:18:1b:3a:c5:19:20:e2:9f:a2:fc:ab:86:68:a9:
cc:4d:34:5e:03:bb:fc:9a:e0:b4:b9:cd:18:48:05:f1:7a:e5:
d7:94:66:c8:a7:3a:58:ec:17:2c:2f:f6:1b:8b:a0:10:9d:4a:
a4:56:15:2f:bc:4f:a2:03:e0:3f:ea:51:ab:5b:a9:dc:98:71:
5c:7a:df:07:3f:39:00:e2:d0:b2:6c:2f:7c:32:35:8c:b0:09:
27:30:53:80:f1:f2:20:f8:c3:9d:f0:d7:32:0e:91:8b:b2:b6:
24:88:11:da:d7:f0:9a:d4:91:4e:78:3a:fe:2e:f6:a8:22:00:
ed:2c:51:b9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdhSKsqzbm9YDJpaCxh72xHbEtckwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUwMDZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkZGM0NzMwN2Q0Y2ViNDFhMTdjMjJkMWY5ODQ1OGI1ZmJiYzZiZmM4ZWE0
MTVmZjliODVmNWExNmNlNmI1MWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK02neAaRi8YE4ZPGsacIEe0RM5JxPXlyzYDUj8Cx2bqLB7AyPiee1IkJTX2
qCkXSdIqUNFXuxSLWTSercdV2H1m3tRf851DZnv/NaxJn7Su3CQo635/hNqcGXqZ
w3nFczP0UnCd6Ri1/GdTVIR/3A+en9yAyuO/kHBxpE1oxcXhqv8bhhaxoSv0/upE
fOOGnvsfMXmTx83i7SwwTSR3b/vkrAl2d31yDnPM1NFAp04AxjoJ2dAbLMZPPUnF
85Vw9CNgV7d49B2n9Vtahmfse8Tn5GBtHdz7sdqp7TWH614bJEXA5B9FSCfmH8rX
7f+3NkrH1P3TiENXQUALezofMZkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT8JB6O
UcT07X3YcZmDApqAFocl3zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTkwMmU1NjMtZmU2NC00YTAxLTk2MTYtMDQyNGE1MzgzOWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
wDANBgkqhkiG9w0BAQsFAAOCAQEAaJQBhWcgr+lGSjYafgWCzB3RCZqVKl7pKsgG
yr7aBY/A6PoDAbRxs/3Exj+wl36MUvJwAxZtSj8/brgLpDc4WRLIIOu3md7IgYzb
b2jSeNbUzTQyTzqcoU5sXDavuxYpWxMtWeDn50OI8EjXYJfonnOrZ3ZkT887tAPl
F8narzHtLRgbOsUZIOKfovyrhmipzE00XgO7/JrgtLnNGEgF8Xrl15RmyKc6WOwX
LC/2G4ugEJ1KpFYVL7xPogPgP+pRq1up3JhxXHrfBz85AOLQsmwvfDI1jLAJJzBT
gPHyIPjDnfDXMg6Ri7K2JIgR2tfwmtSRTng6/i72qCIA7SxRuQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:34 2025 by rpki-client