Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c753331a-9b4d-4856-abb9-330765ad02d0.roa
File: c753331a-9b4d-4856-abb9-330765ad02d0.roa (raw, json)
Hash identifier: vsj3ZP16yV8dQoQllB7XvnMQYcmE+w4KEUUVxcq8FsQ=
Subject key identifier: 62:2A:2B:AC:3B:93:ED:26:A2:C8:7C:FA:AC:E6:99:12:00:42:4D:F2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 744E81AD8071108F0EA8C50349D2E413EDBEE33C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c753331a-9b4d-4856-abb9-330765ad02d0.roa
Signing time: Tue 10 Jun 2025 17:20:46 +0000
ROA not before: Tue 10 Jun 2025 17:20:46 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:4e:81:ad:80:71:10:8f:0e:a8:c5:03:49:d2:e4:13:ed:be:e3:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:46 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=0729432f8ce282c976f92debd3f896117f3886f5509a018e2b2bfff59b688183, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:69:e3:5a:41:b3:95:27:01:59:6a:87:41:bf:
20:86:85:81:7b:99:bd:8c:ab:99:5c:80:5b:94:77:
db:59:5d:30:73:8a:5f:db:51:e0:11:78:18:d4:58:
40:03:60:48:19:cd:40:bd:53:f2:85:b8:dc:81:be:
6e:98:2c:90:e4:22:c9:da:92:e5:19:50:22:5f:f3:
32:00:3f:be:eb:89:cd:d3:04:2c:74:b5:86:3e:c0:
8c:d9:ad:36:cc:37:3a:14:8a:4e:36:1c:c2:3d:6d:
24:93:74:4e:0b:49:94:35:95:1a:94:54:32:eb:d1:
99:c8:ca:bb:6e:13:b1:63:74:c1:ff:82:44:1b:f9:
80:64:08:89:46:b0:33:12:1d:7c:21:b5:d4:65:5c:
a4:15:a5:3d:9b:4a:00:ba:c6:67:10:de:7c:70:83:
ba:af:fe:ca:15:8c:15:ea:db:bd:5a:46:3c:8e:a0:
10:b2:96:da:12:11:e4:54:d5:20:4d:87:cb:94:31:
d2:3f:89:ff:30:57:ba:67:97:c9:bc:5c:eb:ef:08:
c4:24:cd:30:d2:76:fb:1a:83:b8:24:6a:db:49:33:
ca:a7:94:48:ad:7b:7a:cb:d8:b8:90:9f:5a:ba:54:
01:6b:7b:61:9f:11:26:98:4f:b8:bd:03:52:b4:07:
5a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:2A:2B:AC:3B:93:ED:26:A2:C8:7C:FA:AC:E6:99:12:00:42:4D:F2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c753331a-9b4d-4856-abb9-330765ad02d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8c0::/46
Signature Algorithm: sha256WithRSAEncryption
82:ea:ed:13:97:e6:2e:69:25:02:aa:e9:f6:0f:ef:cb:80:82:
e0:01:c8:a3:64:6d:a2:b9:47:b5:eb:a4:5c:db:2b:94:6a:a5:
66:a8:8c:5e:39:72:32:84:02:aa:0e:d2:d8:ec:a0:f6:73:c4:
a8:31:3d:31:3a:21:c1:18:c2:cf:45:63:ef:7a:53:e2:9d:ce:
b6:e2:45:40:92:2e:63:51:ac:b8:1d:c6:cd:f2:05:b5:17:2b:
64:ee:c3:93:01:6f:b8:24:b5:f0:92:3b:22:2d:f4:f7:14:84:
e9:c5:42:e3:91:56:b1:ba:ad:44:a4:02:79:66:a0:d1:10:10:
4e:4c:f8:4e:ee:1a:90:55:c7:f0:91:92:ed:a7:36:1d:24:7e:
da:52:4c:a9:20:da:f8:5e:77:1a:db:36:c0:89:26:a1:6a:11:
a1:1f:15:71:c4:50:7d:6f:5c:f3:a6:8d:a3:b3:10:c8:ca:47:
d9:8f:c9:c1:2a:e7:06:9d:90:14:a9:05:5c:75:58:8e:00:3c:
7b:de:2d:a7:5e:da:ef:6d:ad:b0:01:57:f9:ca:8f:20:6a:61:
65:81:c4:a9:58:6e:5c:4f:09:f8:eb:d0:98:c8:8c:56:13:bc:
ff:93:16:1b:72:b3:7d:5e:f5:d4:c3:57:d6:af:62:1c:dd:55:
98:29:72:d3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdE6BrYBxEI8OqMUDSdLkE+2+4zwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwNDZaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3Mjk0MzJmOGNlMjgyYzk3NmY5MmRlYmQzZjg5NjExN2YzODg2ZjU1MDlh
MDE4ZTJiMmJmZmY1OWI2ODgxODMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpp41pBs5UnAVlqh0G/IIaFgXuZvYyrmVyAW5R321ldMHOKX9tR4BF4GNRY
QANgSBnNQL1T8oW43IG+bpgskOQiydqS5RlQIl/zMgA/vuuJzdMELHS1hj7AjNmt
Nsw3OhSKTjYcwj1tJJN0TgtJlDWVGpRUMuvRmcjKu24TsWN0wf+CRBv5gGQIiUaw
MxIdfCG11GVcpBWlPZtKALrGZxDefHCDuq/+yhWMFerbvVpGPI6gELKW2hIR5FTV
IE2Hy5Qx0j+J/zBXumeXybxc6+8IxCTNMNJ2+xqDuCRq20kzyqeUSK17esvYuJCf
WrpUAWt7YZ8RJphPuL0DUrQHWpsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRiKius
O5PtJqLIfPqs5pkSAEJN8jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc1MzMzMWEtOWI0ZC00ODU2LWFiYjktMzMwNzY1YWQwMmQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUI
wDANBgkqhkiG9w0BAQsFAAOCAQEAgurtE5fmLmklAqrp9g/vy4CC4AHIo2RtorlH
teukXNsrlGqlZqiMXjlyMoQCqg7S2Oyg9nPEqDE9MTohwRjCz0Vj73pT4p3OtuJF
QJIuY1GsuB3GzfIFtRcrZO7DkwFvuCS18JI7Ii309xSE6cVC45FWsbqtRKQCeWag
0RAQTkz4Tu4akFXH8JGS7ac2HSR+2lJMqSDa+F53Gts2wIkmoWoRoR8VccRQfW9c
86aNo7MQyMpH2Y/JwSrnBp2QFKkFXHVYjgA8e94tp17a722tsAFX+cqPIGphZYHE
qVhuXE8J+OvQmMiMVhO8/5MWG3KzfV711MNX1q9iHN1VmCly0w==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:25 2025 by rpki-client