Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
File: af189eff-34de-4652-a029-d682c90d1fc5.roa (raw, json)
Hash identifier: N02a1hTgVfdpZS0F/hEYoz04YP0+84cqelU7mPXCQyc=
Subject key identifier: C8:AC:C9:10:AA:33:F1:B5:37:2B:00:9F:69:FC:8B:65:21:03:95:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55931A7E22B7D6F6DECFFA1E84DD6D6FDC072612
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
Signing time: Tue 20 May 2025 19:21:39 +0000
ROA not before: Tue 20 May 2025 19:21:39 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:93:1a:7e:22:b7:d6:f6:de:cf:fa:1e:84:dd:6d:6f:dc:07:26:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:21:39 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ebaa5edefaa032ac2dbde77a75695f7de3daefc143d188af35e3e3bac4ab1937, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:29:25:40:4b:35:df:af:cc:eb:6e:8c:81:9d:
91:93:b0:84:5e:cf:3d:44:2a:1a:9e:1f:8c:9a:ef:
34:6b:2c:46:08:71:3b:8a:57:01:af:a5:77:e3:02:
c5:c1:15:1a:a5:d8:e2:a0:bb:da:51:5b:e7:45:58:
ab:6b:79:f5:62:31:ff:fd:af:8c:39:90:e7:90:72:
b3:da:a3:4f:6d:db:15:2c:1f:7b:8e:b5:9d:7f:14:
ec:59:fb:7d:51:6f:4c:26:de:83:e7:9c:5f:e8:94:
5c:4f:62:10:46:a1:f5:6e:dd:d2:f3:e5:0e:26:cd:
22:57:2c:64:fd:e0:5a:c3:d9:33:9c:29:1c:bf:75:
b0:bf:1f:98:2e:59:30:1f:a3:fc:f6:2c:35:71:fc:
c6:8a:d1:25:e4:b9:79:88:f8:6e:4e:a1:44:c5:f8:
85:e8:f2:b9:4b:ef:c9:f3:e4:99:88:74:f8:4d:be:
c8:9e:25:b6:f6:fb:30:77:a0:0f:83:8f:04:a6:d9:
a6:f8:e5:ca:fc:64:45:65:35:fa:dc:40:4c:a8:cb:
14:0d:ec:72:a3:d2:d9:c8:b4:e7:4e:75:6d:fc:ae:
09:0a:ff:4e:65:d3:64:9a:67:87:f4:67:87:b1:ae:
1b:7e:b7:5b:a9:a7:10:01:1a:c2:9a:26:03:80:41:
66:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:AC:C9:10:AA:33:F1:B5:37:2B:00:9F:69:FC:8B:65:21:03:95:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
31:ce:61:e9:f7:4a:7e:c0:b9:53:30:d1:5d:a3:d5:fa:6b:e6:
2a:ef:5f:9b:a6:80:4a:58:bc:88:db:8b:fa:44:39:6f:89:24:
84:3d:cc:f3:a8:72:43:0d:c5:21:dd:a6:9b:9e:ad:99:b9:41:
e6:fe:82:e4:b1:d0:21:cb:5e:cb:03:4f:5b:fc:93:bb:8d:a4:
04:77:76:02:cb:b1:b1:b7:b7:29:83:2b:a4:ff:b8:a1:93:36:
84:c7:0b:89:0e:44:37:71:30:6a:41:46:89:fa:88:8b:0e:97:
ce:c9:0e:e2:dd:63:b2:f3:5c:c7:6b:c3:aa:bb:54:1e:b6:51:
f3:7d:40:d3:56:47:e6:e0:06:cf:17:af:2d:cb:ef:2a:ad:02:
45:d8:19:3d:b2:b7:2f:6c:03:fd:9f:1e:b4:bb:ca:a0:69:4b:
7e:2c:26:64:88:af:84:cb:44:5c:90:00:38:ee:27:bc:be:3f:
64:9d:64:86:b4:be:4f:8f:20:2f:ca:4b:dc:74:ef:6a:5b:e8:
8a:92:4b:33:96:9c:40:72:07:c3:70:96:0e:90:18:b9:61:f8:
4d:0d:9f:7b:da:8a:74:46:06:f2:30:45:77:ca:66:c1:0c:5b:
5f:93:22:5c:ab:f0:9e:2d:67:97:44:d0:d5:08:1d:47:50:0a:
a8:01:79:fe
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVZMafiK31vbez/oehN1tb9wHJhIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIxMzlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGViYWE1ZWRlZmFhMDMyYWMyZGJkZTc3YTc1Njk1ZjdkZTNkYWVmYzE0M2Qx
ODhhZjM1ZTNlM2JhYzRhYjE5MzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEpJUBLNd+vzOtujIGdkZOwhF7PPUQqGp4fjJrvNGssRghxO4pXAa+ld+MC
xcEVGqXY4qC72lFb50VYq2t59WIx//2vjDmQ55Bys9qjT23bFSwfe461nX8U7Fn7
fVFvTCbeg+ecX+iUXE9iEEah9W7d0vPlDibNIlcsZP3gWsPZM5wpHL91sL8fmC5Z
MB+j/PYsNXH8xorRJeS5eYj4bk6hRMX4hejyuUvvyfPkmYh0+E2+yJ4ltvb7MHeg
D4OPBKbZpvjlyvxkRWU1+txATKjLFA3scqPS2ci05051bfyuCQr/TmXTZJpnh/Rn
h7GuG363W6mnEAEawpomA4BBZtECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTIrMkQ
qjPxtTcrAJ9p/ItlIQOVdTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWYxODllZmYtMzRkZS00NjUyLWEwMjktZDY4MmM5MGQxZmM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
wDANBgkqhkiG9w0BAQsFAAOCAQEAMc5h6fdKfsC5UzDRXaPV+mvmKu9fm6aASli8
iNuL+kQ5b4kkhD3M86hyQw3FId2mm56tmblB5v6C5LHQIcteywNPW/yTu42kBHd2
Asuxsbe3KYMrpP+4oZM2hMcLiQ5EN3EwakFGifqIiw6XzskO4t1jsvNcx2vDqrtU
HrZR831A01ZH5uAGzxevLcvvKq0CRdgZPbK3L2wD/Z8etLvKoGlLfiwmZIivhMtE
XJAAOO4nvL4/ZJ1khrS+T48gL8pL3HTvalvoipJLM5acQHIHw3CWDpAYuWH4TQ2f
e9qKdEYG8jBFd8pmwQxbX5MiXKvwni1nl0TQ1QgdR1AKqAF5/g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:08 2025 by rpki-client