Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
File: 99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa (raw, json)
Hash identifier: qr5M/+jbuUer3xcLXcibQF7chh4GB4pYNWwMm0f4Usw=
Subject key identifier: E0:8F:99:2E:34:E6:2F:D3:19:61:B9:66:91:50:16:13:5B:D6:9F:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03365EE81DF502401DA8DF2C2F8FB343F8EC6533
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
Signing time: Sat 24 May 2025 00:30:12 +0000
ROA not before: Sat 24 May 2025 00:30:12 +0000
ROA not after: Sat 28 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:36:5e:e8:1d:f5:02:40:1d:a8:df:2c:2f:8f:b3:43:f8:ec:65:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 24 00:30:12 2025 GMT
Not After : Jun 28 23:59:59 2025 GMT
Subject: serialNumber=c4b6b65ae82101f9f66d7fc1a855f674e47d40f3aa961d4a325f5b7c3ee4d62e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8b:03:59:a1:17:ea:45:74:ae:0b:3f:31:b1:
1a:c6:bd:cd:7a:2a:80:68:0b:51:c5:46:0d:8f:3b:
cc:dd:6a:8e:12:c4:76:19:20:4f:e9:cb:a3:62:2c:
eb:ba:12:33:87:a0:b0:eb:29:c4:6c:b0:7b:50:0e:
40:74:a4:f6:3f:d5:fa:87:7a:d7:c1:b3:79:e4:48:
1c:64:ff:e2:62:57:17:b8:c8:05:7b:a0:95:ef:b3:
1d:2e:db:51:75:5c:0d:cc:71:63:1a:f2:54:61:71:
ec:70:1c:a9:79:4d:9c:b7:ba:7f:7d:4e:a4:99:4b:
ed:02:8a:44:60:c8:74:fe:88:96:af:87:1c:47:19:
54:c4:58:c7:6c:5e:86:73:48:d8:d0:c1:29:96:ee:
e9:7d:dd:a9:fa:84:02:cd:7a:b7:0d:bf:52:ac:df:
e0:9c:51:73:56:36:ef:8e:5a:17:22:59:41:f8:d6:
aa:6f:40:ea:a2:e3:af:73:3a:7b:e4:ef:0d:ff:aa:
79:35:f2:6b:91:ae:8c:eb:da:08:2d:53:1f:69:2b:
3e:d2:c8:a4:5c:3c:12:5a:44:06:38:f3:17:fd:28:
f6:f6:1a:f9:38:7c:b4:12:d5:bb:d4:84:44:b9:2e:
5b:72:fe:50:7a:3c:4b:7e:36:66:4b:1f:21:31:53:
23:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:8F:99:2E:34:E6:2F:D3:19:61:B9:66:91:50:16:13:5B:D6:9F:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1000::/38
Signature Algorithm: sha256WithRSAEncryption
8c:90:ff:7c:97:ad:05:67:c6:5f:7a:de:02:6b:68:d8:e8:76:
bd:97:9c:12:5b:ba:d7:14:28:b7:f3:c2:e4:7c:48:bc:2c:23:
d1:b8:1c:cd:65:d8:d1:d5:6d:b3:42:cc:14:eb:49:79:bb:ae:
f4:75:c2:30:95:42:e9:08:a7:fc:31:00:b7:14:5d:de:62:1f:
4e:7b:38:d0:32:61:cd:ff:06:e3:bf:57:9a:16:da:85:3c:9f:
4f:3a:99:33:0b:f8:e7:1e:87:cc:60:82:ff:0e:74:85:0b:e8:
8d:d1:85:71:42:9c:96:5b:2b:0e:3b:92:00:c9:38:4f:fc:3f:
85:da:c4:e6:16:04:ee:7f:2a:c1:a2:d9:28:e5:e1:8f:87:8e:
af:5c:e0:7d:fc:dd:8a:7a:e8:87:dd:4d:28:02:53:38:f5:03:
20:30:2c:0b:48:0d:59:8b:14:35:f5:c1:c2:aa:0b:aa:ae:04:
9f:95:05:1e:ee:f5:4f:c6:12:d2:30:36:6e:e1:02:3d:1a:f9:
d0:96:f3:22:6b:87:b2:79:0b:21:9e:6d:c0:ec:3c:80:48:05:
c5:58:ca:40:56:34:04:f5:6c:f6:2d:ea:2d:d2:f3:97:02:4a:
e5:8c:98:1a:11:dd:9b:f1:3f:4a:aa:3a:bc:57:b4:8c:7f:1d:
58:c9:92:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAzZe6B31AkAdqN8sL4+zQ/jsZTMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjQwMDMwMTJaFw0yNTA2MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0YjZiNjVhZTgyMTAxZjlmNjZkN2ZjMWE4NTVmNjc0ZTQ3ZDQwZjNhYTk2
MWQ0YTMyNWY1YjdjM2VlNGQ2MmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAImLA1mhF+pFdK4LPzGxGsa9zXoqgGgLUcVGDY87zN1qjhLEdhkgT+nLo2Is
67oSM4egsOspxGywe1AOQHSk9j/V+od618GzeeRIHGT/4mJXF7jIBXugle+zHS7b
UXVcDcxxYxryVGFx7HAcqXlNnLe6f31OpJlL7QKKRGDIdP6Ilq+HHEcZVMRYx2xe
hnNI2NDBKZbu6X3dqfqEAs16tw2/Uqzf4JxRc1Y2745aFyJZQfjWqm9A6qLjr3M6
e+TvDf+qeTXya5GujOvaCC1TH2krPtLIpFw8ElpEBjjzF/0o9vYa+Th8tBLVu9SE
RLkuW3L+UHo8S342ZksfITFTI5UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTgj5ku
NOYv0xlhuWaRUBYTW9afqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTliYzUyZjMtYjRmNS00NGViLTlhNTMtYzc0ZGEzZTk3MTNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCMkP98l60FZ8Zfet4Ca2jY6Ha9l5wSW7rXFCi3
88LkfEi8LCPRuBzNZdjR1W2zQswU60l5u670dcIwlULpCKf8MQC3FF3eYh9OezjQ
MmHN/wbjv1eaFtqFPJ9POpkzC/jnHofMYIL/DnSFC+iN0YVxQpyWWysOO5IAyThP
/D+F2sTmFgTufyrBotko5eGPh46vXOB9/N2KeuiH3U0oAlM49QMgMCwLSA1ZixQ1
9cHCqguqrgSflQUe7vVPxhLSMDZu4QI9GvnQlvMia4eyeQshnm3A7DyASAXFWMpA
VjQE9Wz2Leot0vOXAkrljJgaEd2b8T9Kqjq8V7SMfx1YyZJ0
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:53 2025 by rpki-client