Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aff52575-8887-44f7-8b7f-44fbe4ddcd4c.roa
File: aff52575-8887-44f7-8b7f-44fbe4ddcd4c.roa (raw, json)
Hash identifier: 05aGOCY55v5B8jFxDRR3sAUP5Lb8dIViMf76oXSPZO4=
Subject key identifier: 2E:6F:4F:1B:26:9B:C3:FB:B3:87:8A:77:F9:4F:1A:5E:C2:52:D3:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 090CAC7B73231C8E45670A739ECACC0FE2A41C76
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aff52575-8887-44f7-8b7f-44fbe4ddcd4c.roa
Signing time: Tue 20 May 2025 18:40:59 +0000
ROA not before: Tue 20 May 2025 18:40:59 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:0c:ac:7b:73:23:1c:8e:45:67:0a:73:9e:ca:cc:0f:e2:a4:1c:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:40:59 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=94423d98303547eb9023f3f04609701c0adeb69a1a8bf55cf48c0fedcb9a4fbe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:61:5c:b2:8c:da:d8:44:35:c4:b5:87:50:6d:
54:49:20:b4:b1:59:cf:a4:04:1f:ca:60:43:49:96:
0b:f3:13:bb:60:07:0f:a4:01:8c:5b:90:1b:d1:27:
7f:1f:bd:93:5f:29:e3:ce:e0:c3:3b:98:be:24:c0:
43:30:e3:e9:cb:38:79:72:62:d6:30:49:c5:5c:47:
89:47:c5:32:44:61:37:21:90:01:9e:30:f0:f6:8d:
36:66:e8:1d:cb:db:f3:e0:b2:91:94:15:2e:a3:41:
16:79:e0:78:ec:27:36:2f:71:99:db:60:b8:1b:3f:
9e:2b:e3:28:5b:27:d2:c8:1d:a8:9a:e5:6e:af:6c:
58:43:2e:8e:a3:a8:7d:04:b0:bf:4d:14:b1:5d:ec:
87:15:65:1c:fe:a4:01:ae:e0:3f:2b:1d:96:41:b4:
d1:3e:58:74:d8:4c:c2:25:6a:da:2d:5d:50:33:e5:
9f:2c:aa:a8:01:64:94:b0:5c:1a:88:4a:59:a7:1d:
d6:b9:1e:0d:c9:7f:c3:64:fd:a4:5f:a5:51:8d:2b:
85:56:14:8d:78:95:94:3b:cc:62:b3:68:75:fe:41:
25:13:e0:0d:d9:99:2e:01:14:92:ea:92:a8:2f:f6:
d9:1e:c4:e3:11:6c:0e:ff:41:65:ad:c7:24:aa:87:
f0:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:6F:4F:1B:26:9B:C3:FB:B3:87:8A:77:F9:4F:1A:5E:C2:52:D3:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aff52575-8887-44f7-8b7f-44fbe4ddcd4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:9080::/48
Signature Algorithm: sha256WithRSAEncryption
51:21:4c:8d:72:fa:8f:a5:09:d1:a5:05:89:a6:8b:27:94:20:
ac:f0:99:1f:24:c8:54:e8:0a:4f:5e:2a:5b:da:88:81:ae:62:
42:e3:9c:fc:eb:40:2a:03:dd:7b:7b:b3:b1:c2:e1:f7:e6:4c:
0c:65:83:37:81:48:4e:8a:26:92:eb:f5:d2:ec:63:c3:43:0f:
fa:4f:d3:73:f7:04:74:ae:a0:15:5b:11:9a:b2:da:13:a4:b0:
ad:83:64:9b:b8:c2:de:e2:80:49:a5:b2:d3:b6:e6:f3:98:a1:
56:91:e1:d7:2f:43:fa:8d:e4:67:d1:32:42:fe:81:33:dc:88:
ab:24:9d:8d:92:ff:94:b6:75:28:e6:af:e2:f5:6c:d1:e7:d3:
7c:92:d9:6d:36:d4:cb:f0:1d:0f:ea:6b:4d:4b:64:49:27:f6:
cc:f2:e8:79:67:44:e3:ae:04:d9:1a:07:f2:5b:70:53:83:8c:
d9:20:e0:2a:37:0f:c6:97:46:a2:63:6e:8c:03:35:86:93:0d:
45:c4:77:2e:b4:c4:a7:20:91:ba:0e:60:21:71:d6:ff:54:2a:
5c:6c:5c:c5:79:3e:97:59:e4:20:2e:0b:0e:64:97:ae:f1:20:
2d:eb:25:33:19:2e:41:07:72:56:78:0e:c1:eb:40:ac:ae:92:
15:47:05:28
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCQyse3MjHI5FZwpznsrMD+KkHHYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQwNTlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0NDIzZDk4MzAzNTQ3ZWI5MDIzZjNmMDQ2MDk3MDFjMGFkZWI2OWExYThi
ZjU1Y2Y0OGMwZmVkY2I5YTRmYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALthXLKM2thENcS1h1BtVEkgtLFZz6QEH8pgQ0mWC/MTu2AHD6QBjFuQG9En
fx+9k18p487gwzuYviTAQzDj6cs4eXJi1jBJxVxHiUfFMkRhNyGQAZ4w8PaNNmbo
Hcvb8+CykZQVLqNBFnngeOwnNi9xmdtguBs/nivjKFsn0sgdqJrlbq9sWEMujqOo
fQSwv00UsV3shxVlHP6kAa7gPysdlkG00T5YdNhMwiVq2i1dUDPlnyyqqAFklLBc
GohKWacd1rkeDcl/w2T9pF+lUY0rhVYUjXiVlDvMYrNodf5BJRPgDdmZLgEUkuqS
qC/22R7E4xFsDv9BZa3HJKqH8E0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQub08b
JpvD+7OHinf5TxpewlLTiDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWZmNTI1NzUtODg4Ny00NGY3LThiN2YtNDRmYmU0ZGRjZDRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAUSFMjXL6j6UJ0aUFiaaLJ5QgrPCZHyTIVOgK
T14qW9qIga5iQuOc/OtAKgPde3uzscLh9+ZMDGWDN4FIToomkuv10uxjw0MP+k/T
c/cEdK6gFVsRmrLaE6SwrYNkm7jC3uKASaWy07bm85ihVpHh1y9D+o3kZ9EyQv6B
M9yIqySdjZL/lLZ1KOav4vVs0efTfJLZbTbUy/AdD+prTUtkSSf2zPLoeWdE464E
2RoH8ltwU4OM2SDgKjcPxpdGomNujAM1hpMNRcR3LrTEpyCRug5gIXHW/1QqXGxc
xXk+l1nkIC4LDmSXrvEgLeslMxkuQQdyVngOwetArK6SFUcFKA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:05 2025 by rpki-client