Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1796bea-01c9-41b7-b13d-6932c4f36a42.roa
File: a1796bea-01c9-41b7-b13d-6932c4f36a42.roa (raw, json)
Hash identifier: JdSde1U68byvN0Jxh3YS4ysES9PINW4m/OdSdSH9rII=
Subject key identifier: 1B:6B:44:68:31:B5:64:40:C6:84:C9:DB:83:E4:B2:BD:DA:23:78:47
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3023300B8A96FBA98251D3BCE1E26E054C7A8A8E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1796bea-01c9-41b7-b13d-6932c4f36a42.roa
Signing time: Tue 20 May 2025 18:50:47 +0000
ROA not before: Tue 20 May 2025 18:50:47 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:23:30:0b:8a:96:fb:a9:82:51:d3:bc:e1:e2:6e:05:4c:7a:8a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:50:47 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=3fd3d6e35407e1d1a54a2287d742675d9ba24e8a74d1c9c753cbe5b7b938ff05, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:dc:0b:7e:53:36:15:e3:ab:bf:b1:f7:42:1c:
81:94:aa:36:e2:19:1b:c5:83:fe:a2:c6:eb:34:41:
61:2b:4b:61:cb:67:94:a5:d2:74:b7:a0:e7:82:9b:
3c:7a:0b:d7:fa:1b:94:86:52:c6:03:72:38:0d:f9:
69:b6:7f:e4:ea:76:e3:7e:57:f6:b2:09:0b:bc:06:
b6:7b:27:5d:46:0b:a6:bd:ee:d8:cf:92:25:55:ab:
45:40:d0:8d:5d:16:e4:a9:75:4c:4c:2c:e3:fd:ae:
cf:a4:c8:1f:a4:97:d3:fb:03:35:ca:3e:0e:3a:81:
78:87:f1:7b:a1:12:01:f0:9c:9e:7e:bb:47:7b:46:
47:7d:20:9f:37:90:a1:b9:45:72:fa:c5:4b:56:cd:
15:2f:e7:01:b8:1f:3b:c0:15:ac:56:41:20:e5:2e:
b1:d4:13:25:26:b3:9c:7c:96:4e:85:cf:cc:8b:8d:
c4:99:9b:8f:b6:b2:15:6e:a9:96:2f:6a:fb:8a:d1:
ae:b1:49:29:b0:07:e8:ee:8c:51:3a:08:e6:d3:54:
f0:6a:60:5a:71:34:e4:82:30:df:15:2a:12:f9:38:
e6:03:3f:8f:a0:4b:b3:bf:7d:31:28:cb:35:44:0f:
c4:04:72:4f:58:7b:e9:8a:07:38:09:dc:03:6b:62:
12:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:6B:44:68:31:B5:64:40:C6:84:C9:DB:83:E4:B2:BD:DA:23:78:47
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1796bea-01c9-41b7-b13d-6932c4f36a42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a000::/40
Signature Algorithm: sha256WithRSAEncryption
75:82:70:38:fa:7f:02:bb:fd:ce:22:75:6c:8b:2e:b2:b9:35:
6c:75:41:b4:1c:da:53:0d:ee:5b:30:f5:a8:35:04:a6:2e:a6:
e1:13:b4:e4:30:bc:6d:fb:57:cf:24:d0:24:77:4b:e0:29:a7:
5e:d6:4d:23:d5:d3:38:f5:11:61:e0:04:6b:79:75:3f:e8:46:
37:b3:03:a7:6f:2e:58:c5:fb:1f:b2:1c:ab:7d:cf:e0:d7:2b:
89:f1:7f:71:89:20:30:ab:60:54:9f:55:ba:24:c7:a7:79:f3:
ef:73:98:8a:1c:1b:69:ab:54:85:bd:23:78:55:6a:ef:95:f3:
53:e1:4f:42:d1:21:81:a0:6d:6c:85:2b:7a:9e:a6:6f:f7:78:
6f:54:de:89:73:4b:53:24:5c:ff:35:e8:92:16:a5:51:22:72:
a4:7d:72:b2:18:58:bf:95:b9:ef:71:2f:9e:87:e0:60:f0:ed:
44:62:e9:1b:27:20:72:a8:7a:43:08:d5:13:e3:6d:0e:9d:7e:
9a:a6:8b:10:a9:ca:d7:d7:e1:3b:37:dc:eb:ae:de:05:da:a3:
e3:84:b4:6b:db:7f:02:77:e6:51:7c:fc:d6:57:f9:85:c9:3c:
df:ab:42:be:cc:bb:89:bf:0a:ce:2a:a8:a4:d9:61:60:d9:f6:
71:a5:7e:3b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMCMwC4qW+6mCUdO84eJuBUx6io4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUwNDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmZDNkNmUzNTQwN2UxZDFhNTRhMjI4N2Q3NDI2NzVkOWJhMjRlOGE3NGQx
YzljNzUzY2JlNWI3YjkzOGZmMDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKPcC35TNhXjq7+x90IcgZSqNuIZG8WD/qLG6zRBYStLYctnlKXSdLeg54Kb
PHoL1/oblIZSxgNyOA35abZ/5Op2435X9rIJC7wGtnsnXUYLpr3u2M+SJVWrRUDQ
jV0W5Kl1TEws4/2uz6TIH6SX0/sDNco+DjqBeIfxe6ESAfCcnn67R3tGR30gnzeQ
oblFcvrFS1bNFS/nAbgfO8AVrFZBIOUusdQTJSaznHyWToXPzIuNxJmbj7ayFW6p
li9q+4rRrrFJKbAH6O6MUToI5tNU8GpgWnE05IIw3xUqEvk45gM/j6BLs799MSjL
NUQPxARyT1h76YoHOAncA2tiEkkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQba0Ro
MbVkQMaEyduD5LK92iN4RzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTE3OTZiZWEtMDFjOS00MWI3LWIxM2QtNjkzMmM0ZjM2YTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGg
MA0GCSqGSIb3DQEBCwUAA4IBAQB1gnA4+n8Cu/3OInVsiy6yuTVsdUG0HNpTDe5b
MPWoNQSmLqbhE7TkMLxt+1fPJNAkd0vgKade1k0j1dM49RFh4ARreXU/6EY3swOn
by5Yxfsfshyrfc/g1yuJ8X9xiSAwq2BUn1W6JMenefPvc5iKHBtpq1SFvSN4VWrv
lfNT4U9C0SGBoG1shSt6nqZv93hvVN6Jc0tTJFz/NeiSFqVRInKkfXKyGFi/lbnv
cS+eh+Bg8O1EYukbJyByqHpDCNUT420OnX6aposQqcrX1+E7N9zrrt4F2qPjhLRr
238Cd+ZRfPzWV/mFyTzfq0K+zLuJvwrOKqik2WFg2fZxpX47
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:29 2025 by rpki-client