Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c65e11fa-ec6d-4214-88c5-464a024d8957.roa
File: c65e11fa-ec6d-4214-88c5-464a024d8957.roa (raw, json)
Hash identifier: DjL/UoC3J0kCn8cudtUY9bbxanH2Bc9j9D6bsesRcCI=
Subject key identifier: 51:BA:38:DC:33:0F:03:8D:A5:F6:61:38:C4:1E:66:CE:CE:B9:DC:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0FB20990282B55739466D533EB5FF3E387AB2857
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c65e11fa-ec6d-4214-88c5-464a024d8957.roa
Signing time: Tue 20 May 2025 19:01:35 +0000
ROA not before: Tue 20 May 2025 19:01:35 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:b2:09:90:28:2b:55:73:94:66:d5:33:eb:5f:f3:e3:87:ab:28:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:01:35 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b6c65d34ef6d43b0d924919bd444a27dc9bd62896bc9effe9e34784e4b6b67aa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:68:2f:91:38:72:8c:29:b1:4e:48:f9:e4:e0:
3d:38:67:30:66:94:aa:a7:b6:b8:ad:42:4a:de:36:
f9:55:07:9b:e6:d7:cc:c9:e5:47:49:b8:d9:6f:70:
4f:82:26:c1:58:1a:13:9d:44:a1:0c:6f:2a:15:ff:
c2:94:5e:9a:21:29:83:82:6b:12:31:fb:fa:7e:19:
b3:64:6e:f5:4b:a1:f0:48:09:ba:76:c2:f4:d6:e2:
37:ee:da:a0:3b:21:87:54:bb:1a:70:ac:f1:4b:8d:
54:2f:6d:a0:6f:f7:5a:33:6e:ce:b1:25:aa:70:f8:
5a:49:31:85:3c:b6:1c:5a:ac:40:c8:b8:5c:a9:d2:
94:b2:7e:0e:7d:c6:3c:5c:92:2b:a8:2f:a7:aa:5c:
48:ec:39:68:16:b2:2a:15:43:02:4c:55:0f:80:d4:
8d:30:48:89:53:91:88:3e:50:9d:ea:81:52:16:01:
0c:8d:07:57:41:98:14:28:22:79:3e:fc:90:66:bd:
52:c0:a5:a2:62:41:c9:93:eb:00:db:52:94:af:be:
51:cf:6f:2c:e9:b5:b7:97:eb:d0:c6:04:93:9b:cd:
16:66:7b:46:46:19:db:48:e7:44:70:f3:9f:8a:bc:
52:f8:ca:f7:01:b9:a7:d0:e0:39:a4:17:b1:9b:88:
8b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:BA:38:DC:33:0F:03:8D:A5:F6:61:38:C4:1E:66:CE:CE:B9:DC:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c65e11fa-ec6d-4214-88c5-464a024d8957.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4000::/40
Signature Algorithm: sha256WithRSAEncryption
32:6d:b1:fb:7f:fc:eb:1d:94:3d:4b:8d:d4:ab:3a:04:91:47:
63:32:57:b2:f9:64:e9:27:f6:ce:6a:30:69:ed:0a:8a:3a:e1:
da:02:75:88:a1:81:e7:85:40:39:35:2a:98:ed:0f:8f:0f:1e:
b5:0f:e5:b9:41:6e:d0:4e:28:d0:be:a1:3b:13:62:72:d1:8e:
ae:47:df:ce:eb:58:73:8d:93:a0:c0:af:bd:71:28:70:b3:be:
d3:f6:55:96:b8:cb:52:4c:04:b8:19:fd:9b:d4:c5:dc:d7:8c:
9d:b8:5d:a7:8d:48:5a:4d:8e:2d:72:fc:64:e8:6f:4e:1a:7e:
18:94:58:70:f0:ae:9f:24:b3:d6:2c:93:49:23:fd:77:b6:c2:
ac:34:38:69:d1:66:da:59:b6:13:e4:b0:47:a2:f7:f6:57:71:
12:d3:d6:1b:e1:54:6e:c6:3e:6e:59:65:f6:e0:c3:7a:86:6a:
46:9c:e7:82:fd:3e:a2:dc:9d:a1:7f:cb:9c:2f:19:d2:0b:42:
86:12:ed:ae:3e:41:8a:26:50:bc:3d:4c:f7:0c:04:a4:1d:28:
ea:45:5c:e3:e6:3a:42:90:43:39:92:59:b0:5c:a2:f4:e9:9c:
2e:80:eb:0e:62:64:68:73:eb:81:1c:e7:dd:7e:4f:f2:0c:88:
61:e7:84:58
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD7IJkCgrVXOUZtUz61/z44erKFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAxMzVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2YzY1ZDM0ZWY2ZDQzYjBkOTI0OTE5YmQ0NDRhMjdkYzliZDYyODk2YmM5
ZWZmZTllMzQ3ODRlNGI2YjY3YWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdoL5E4cowpsU5I+eTgPThnMGaUqqe2uK1CSt42+VUHm+bXzMnlR0m42W9w
T4ImwVgaE51EoQxvKhX/wpRemiEpg4JrEjH7+n4Zs2Ru9Uuh8EgJunbC9NbiN+7a
oDshh1S7GnCs8UuNVC9toG/3WjNuzrElqnD4WkkxhTy2HFqsQMi4XKnSlLJ+Dn3G
PFySK6gvp6pcSOw5aBayKhVDAkxVD4DUjTBIiVORiD5QneqBUhYBDI0HV0GYFCgi
eT78kGa9UsClomJByZPrANtSlK++Uc9vLOm1t5fr0MYEk5vNFmZ7RkYZ20jnRHDz
n4q8UvjK9wG5p9DgOaQXsZuIi2kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRujjc
Mw8DjaX2YTjEHmbOzrncczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzY1ZTExZmEtZWM2ZC00MjE0LTg4YzUtNDY0YTAyNGQ4OTU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFA
MA0GCSqGSIb3DQEBCwUAA4IBAQAybbH7f/zrHZQ9S43UqzoEkUdjMley+WTpJ/bO
ajBp7QqKOuHaAnWIoYHnhUA5NSqY7Q+PDx61D+W5QW7QTijQvqE7E2Jy0Y6uR9/O
61hzjZOgwK+9cShws77T9lWWuMtSTAS4Gf2b1MXc14yduF2njUhaTY4tcvxk6G9O
Gn4YlFhw8K6fJLPWLJNJI/13tsKsNDhp0WbaWbYT5LBHovf2V3ES09Yb4VRuxj5u
WWX24MN6hmpGnOeC/T6i3J2hf8ucLxnSC0KGEu2uPkGKJlC8PUz3DASkHSjqRVzj
5jpCkEM5klmwXKL06ZwugOsOYmRoc+uBHOfdfk/yDIhh54RY
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:25 2025 by rpki-client