Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
File: bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa (raw, json)
Hash identifier: zmKkwMlmqTru4fTfBdEIfdEyUKwxSuspKvD0y1p2D+c=
Subject key identifier: 99:54:A5:18:A5:E3:F0:C9:16:5A:9D:14:62:07:A2:20:53:88:09:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 296BFE462F979A9815AE91E0E47AE3E6514BA317
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
Signing time: Fri 06 Jun 2025 15:10:53 +0000
ROA not before: Fri 06 Jun 2025 15:10:53 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:6b:fe:46:2f:97:9a:98:15:ae:91:e0:e4:7a:e3:e6:51:4b:a3:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:53 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=51167d5b34f58d0e2c6dd991ce0a0e12df88ca0c4df5eb0ea3855fe9bcc70fe7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4d:56:45:65:11:84:92:47:3d:01:30:3d:e3:
e8:16:7b:82:4e:78:69:52:79:a7:b8:a0:2f:95:1d:
8c:5c:df:88:c4:d7:26:53:58:0f:3a:cc:f4:b2:26:
f9:79:d6:b1:76:46:95:54:b5:fb:39:f0:d4:70:93:
4c:73:04:1a:81:d6:60:25:91:0c:92:4f:49:7d:39:
af:14:5e:24:c0:6c:34:79:e4:f5:2b:e9:7d:cc:62:
41:e9:83:3b:6e:f7:55:d9:66:fe:97:8c:65:d5:c5:
e2:e3:1f:d9:e7:c4:ce:e5:49:a7:0d:f8:48:61:cd:
9b:3e:33:9d:bb:cf:6b:05:cf:0d:b8:57:76:cd:8d:
a8:15:79:33:08:ed:ee:7f:4e:c3:d0:e3:17:d7:2e:
e3:28:ea:17:44:d3:b1:18:b6:f3:4a:ac:59:b0:92:
da:bd:5e:da:84:78:6b:e0:45:84:ef:68:cb:42:62:
e5:12:3f:e3:93:d7:05:29:77:53:9c:1c:54:81:65:
6f:02:5a:8f:5e:2a:dc:d3:30:87:2b:5f:64:42:d7:
b0:af:58:95:dc:18:3a:b8:48:d8:d9:8e:ea:78:de:
9e:15:f5:1f:4c:c4:0c:8f:66:2c:8e:85:8e:00:d5:
34:c3:c3:2a:94:67:41:49:6f:ce:ff:2f:a2:e6:b0:
44:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:54:A5:18:A5:E3:F0:C9:16:5A:9D:14:62:07:A2:20:53:88:09:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:b000::/40
Signature Algorithm: sha256WithRSAEncryption
9b:bb:93:77:d2:d7:a5:49:7a:c5:b0:37:4b:c0:3d:97:aa:72:
e6:9c:3b:c3:25:a6:cf:4c:0d:7a:3b:f9:a4:e9:9f:60:e4:b5:
55:0d:7e:10:dc:98:67:56:60:b0:15:1f:1b:73:82:04:88:55:
d6:dd:89:b2:59:3b:e4:b2:2f:b9:79:14:11:d6:59:33:d0:b4:
0d:98:7e:af:00:a9:db:cc:42:b0:31:2f:32:57:08:47:85:5c:
23:79:ae:79:4b:c5:e0:16:fe:de:09:06:29:22:3c:46:68:54:
0f:13:be:70:5c:c1:90:6d:8c:ab:f1:5c:c4:ee:90:f7:0d:38:
11:d9:60:b3:64:b1:8b:56:18:8d:6b:72:fd:58:f9:61:33:45:
1e:de:86:83:ac:9c:55:01:48:04:e0:cf:3b:2e:43:ce:cd:da:
50:65:ec:83:68:5b:64:3a:4a:85:1c:c8:02:fe:11:55:0c:7a:
a5:a7:72:ca:b2:6d:6c:1c:1f:07:45:0d:72:e6:de:6e:6a:c7:
2f:71:e0:9b:f5:4e:82:b7:2b:2a:c9:43:d9:63:35:f1:f8:62:
5c:bb:31:fc:55:b5:62:49:df:d6:42:a5:02:6c:38:af:3f:62:
a0:2c:22:02:2c:cb:fb:c1:46:43:3c:9d:5d:50:f4:c5:aa:cc:
80:6c:d0:b1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKWv+Ri+XmpgVrpHg5Hrj5lFLoxcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwNTNaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxMTY3ZDViMzRmNThkMGUyYzZkZDk5MWNlMGEwZTEyZGY4OGNhMGM0ZGY1
ZWIwZWEzODU1ZmU5YmNjNzBmZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJlNVkVlEYSSRz0BMD3j6BZ7gk54aVJ5p7igL5UdjFzfiMTXJlNYDzrM9LIm
+XnWsXZGlVS1+znw1HCTTHMEGoHWYCWRDJJPSX05rxReJMBsNHnk9SvpfcxiQemD
O273Vdlm/peMZdXF4uMf2efEzuVJpw34SGHNmz4znbvPawXPDbhXds2NqBV5Mwjt
7n9Ow9DjF9cu4yjqF0TTsRi280qsWbCS2r1e2oR4a+BFhO9oy0Ji5RI/45PXBSl3
U5wcVIFlbwJaj14q3NMwhytfZELXsK9YldwYOrhI2NmO6njenhX1H0zEDI9mLI6F
jgDVNMPDKpRnQUlvzv8vouawREcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSZVKUY
pePwyRZanRRiB6IgU4gJ4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRhYTZkZTYtMDBkMy00ZDE4LThhYTAtMGJmODI4ODhkMzZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCw
MA0GCSqGSIb3DQEBCwUAA4IBAQCbu5N30telSXrFsDdLwD2XqnLmnDvDJabPTA16
O/mk6Z9g5LVVDX4Q3JhnVmCwFR8bc4IEiFXW3YmyWTvksi+5eRQR1lkz0LQNmH6v
AKnbzEKwMS8yVwhHhVwjea55S8XgFv7eCQYpIjxGaFQPE75wXMGQbYyr8VzE7pD3
DTgR2WCzZLGLVhiNa3L9WPlhM0Ue3oaDrJxVAUgE4M87LkPOzdpQZeyDaFtkOkqF
HMgC/hFVDHqlp3LKsm1sHB8HRQ1y5t5uascvceCb9U6CtysqyUPZYzXx+GJcuzH8
VbViSd/WQqUCbDivP2KgLCICLMv7wUZDPJ1dUPTFqsyAbNCx
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:58 2025 by rpki-client