Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
File: c153f994-19fd-4682-b6f7-f4e92e6144ea.roa (raw, json)
Hash identifier: g7ptA42Wn7f4PJqfNmmjv+sVmTvf6qTcqd60qxgnrqo=
Subject key identifier: 20:E0:60:72:A8:08:BF:04:9A:4A:10:F2:1F:55:AA:D7:F9:E1:06:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30D41FD9C3CDDBA3C1FB6F6BC209EE62756711C7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
Signing time: Tue 20 May 2025 20:21:47 +0000
ROA not before: Tue 20 May 2025 20:21:47 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:d4:1f:d9:c3:cd:db:a3:c1:fb:6f:6b:c2:09:ee:62:75:67:11:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:21:47 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=27aa9f751d1d7fddd36321e00de3f421e96b80be75a148596e2cf155e3c2635c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:bc:20:e8:d8:86:44:fd:fc:f7:17:ba:e8:53:
f4:b9:9b:56:9b:86:56:94:39:19:10:62:3b:98:c2:
7e:1b:2a:0a:ca:94:1f:8b:85:bc:c6:b1:b7:5a:fb:
b9:d9:01:1c:ae:fb:d2:0d:cc:5d:af:da:b8:e4:8d:
77:a3:4c:a3:dc:de:73:e3:9b:4a:2e:80:3a:86:25:
a5:b5:73:3c:aa:b8:c1:ad:95:aa:72:92:b2:6e:28:
a5:d9:1d:e5:a4:e7:5e:6c:b6:3a:60:51:70:bc:bd:
9d:9d:99:19:62:02:6e:0e:04:ed:65:18:71:94:d9:
c0:69:d3:01:8f:53:7e:da:c3:41:19:77:2e:de:25:
64:32:ef:0f:b8:08:67:f9:27:ba:ff:86:d4:8d:fd:
b4:c2:b1:6d:a2:9a:0a:32:3c:7c:08:3a:04:24:d9:
7f:6c:83:97:ab:43:0c:b1:be:74:a8:7e:85:8c:a0:
ec:43:7f:1d:7d:23:76:9e:e6:d3:b9:db:72:09:a8:
4d:dd:5f:8e:03:c1:df:34:47:4d:1d:04:1e:f2:62:
cc:26:69:c5:cc:bd:59:45:9b:65:79:9f:c7:89:8e:
f2:ea:a7:04:39:fc:d5:62:6d:11:e3:07:37:49:24:
58:fb:ff:45:19:bb:d0:09:a3:00:c5:ef:dd:af:d2:
5e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E0:60:72:A8:08:BF:04:9A:4A:10:F2:1F:55:AA:D7:F9:E1:06:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:c00::/38
Signature Algorithm: sha256WithRSAEncryption
0a:e1:9a:03:4d:f4:02:39:01:27:b4:02:e2:49:8f:ab:84:dc:
76:34:f5:1a:64:ba:a2:99:0d:67:88:c5:ce:58:4d:97:49:90:
28:7a:53:27:75:f0:81:31:e3:40:ac:92:61:e6:32:10:fe:9b:
32:b0:d1:78:8f:64:ec:71:33:91:71:26:aa:87:d3:6a:0e:f9:
ae:fe:b3:c5:25:92:e9:1d:4b:51:ec:7b:22:6a:1a:66:c6:5f:
07:3f:59:d0:fb:b5:e7:95:c9:df:17:41:30:6d:d6:50:38:4c:
bc:3d:71:ea:a2:e3:94:71:80:61:10:94:eb:3e:50:84:e2:11:
27:4c:00:72:22:fd:dc:63:59:ac:54:40:15:e0:1d:a6:b4:15:
62:be:bd:b5:6b:2c:83:6a:72:9a:aa:f3:eb:b0:19:c1:df:25:
03:ae:70:1d:84:d9:f6:92:5a:88:97:13:7f:a0:72:f4:7f:8b:
12:b0:ff:30:cb:59:57:7b:b3:f8:9f:dc:05:71:5e:2e:72:c4:
8f:11:9e:02:7b:29:a0:ab:c9:55:7c:4b:92:45:cb:95:7a:b4:
38:3d:97:c8:8d:c5:a4:ed:5d:ca:61:dd:3c:8e:9e:a0:9c:d3:
bc:5f:98:7f:57:c5:4e:ef:74:13:27:56:7e:b6:0f:33:7a:81:
f8:3a:be:f0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMNQf2cPN26PB+29rwgnuYnVnEccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIxNDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3YWE5Zjc1MWQxZDdmZGRkMzYzMjFlMDBkZTNmNDIxZTk2YjgwYmU3NWEx
NDg1OTZlMmNmMTU1ZTNjMjYzNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM68IOjYhkT9/PcXuuhT9LmbVpuGVpQ5GRBiO5jCfhsqCsqUH4uFvMaxt1r7
udkBHK770g3MXa/auOSNd6NMo9zec+ObSi6AOoYlpbVzPKq4wa2VqnKSsm4opdkd
5aTnXmy2OmBRcLy9nZ2ZGWICbg4E7WUYcZTZwGnTAY9TftrDQRl3Lt4lZDLvD7gI
Z/knuv+G1I39tMKxbaKaCjI8fAg6BCTZf2yDl6tDDLG+dKh+hYyg7EN/HX0jdp7m
07nbcgmoTd1fjgPB3zRHTR0EHvJizCZpxcy9WUWbZXmfx4mO8uqnBDn81WJtEeMH
N0kkWPv/RRm70AmjAMXv3a/SXmcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQg4GBy
qAi/BJpKEPIfVarX+eEGoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzE1M2Y5OTQtMTlmZC00NjgyLWI2ZjctZjRlOTJlNjE0NGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwM
MA0GCSqGSIb3DQEBCwUAA4IBAQAK4ZoDTfQCOQEntALiSY+rhNx2NPUaZLqimQ1n
iMXOWE2XSZAoelMndfCBMeNArJJh5jIQ/psysNF4j2TscTORcSaqh9NqDvmu/rPF
JZLpHUtR7Hsiahpmxl8HP1nQ+7XnlcnfF0EwbdZQOEy8PXHqouOUcYBhEJTrPlCE
4hEnTAByIv3cY1msVEAV4B2mtBVivr21ayyDanKaqvPrsBnB3yUDrnAdhNn2klqI
lxN/oHL0f4sSsP8wy1lXe7P4n9wFcV4ucsSPEZ4Ceymgq8lVfEuSRcuVerQ4PZfI
jcWk7V3KYd08jp6gnNO8X5h/V8VO73QTJ1Z+tg8zeoH4Or7w
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:11 2025 by rpki-client