Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa
File: cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa (raw, json)
Hash identifier: o9j4ktsSdlRzqKTCR8iW0ZS8ViUuAD52JKe2Th+fBq0=
Subject key identifier: 93:99:6B:07:69:73:B3:2A:68:54:30:8F:1D:89:76:16:8F:56:2D:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78695592CFA2A164C6256A79024BEEF30FB82EF8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa
Signing time: Tue 20 May 2025 18:41:01 +0000
ROA not before: Tue 20 May 2025 18:41:01 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:69:55:92:cf:a2:a1:64:c6:25:6a:79:02:4b:ee:f3:0f:b8:2e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:41:01 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=7d51ce52dec4a7a2ce949e7cf6dc7decad8ee0b6e25d145b5f50e9600f2646d5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:00:12:d0:a8:fe:86:63:70:53:ff:2f:54:3a:
6f:86:1d:be:6b:ea:91:42:2f:6a:b0:d4:60:83:ae:
e2:b1:22:48:3d:37:87:61:51:14:32:34:96:e1:78:
3d:8a:36:5f:aa:7f:79:c9:ff:6d:93:43:52:41:bb:
58:21:eb:c7:75:46:6e:4a:5f:58:48:2d:34:96:b1:
7c:3a:66:97:17:8d:45:4c:7e:26:0a:1c:9f:ac:72:
80:10:70:5d:f0:eb:e6:c4:5f:2c:0b:94:a8:25:4c:
3c:9e:4e:20:76:ec:01:f5:eb:ba:97:3c:dc:2c:2d:
63:a4:06:0b:0f:05:20:79:61:db:17:07:a5:25:07:
e0:d2:a5:59:01:36:3a:7a:7d:99:8c:16:8c:0f:17:
ab:4d:44:12:d8:91:38:22:6a:d5:df:0f:16:89:3d:
88:96:83:72:09:e6:09:be:83:65:fb:b5:92:69:41:
51:72:23:e4:f7:39:a3:4c:01:8f:f3:68:9f:77:6f:
5b:be:5e:17:02:f1:62:81:2f:6d:2d:ab:52:c9:5a:
bf:7c:37:29:3f:44:72:d0:86:1a:25:21:c8:0a:e0:
86:8d:82:8d:3b:ca:23:7d:e8:f2:50:11:39:fd:9b:
ef:0c:73:79:ed:df:80:7a:f7:8f:6f:56:2f:51:c0:
9d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:99:6B:07:69:73:B3:2A:68:54:30:8F:1D:89:76:16:8F:56:2D:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80a0::/48
Signature Algorithm: sha256WithRSAEncryption
83:9d:80:d5:6d:78:3b:7d:70:27:9b:16:d7:31:80:5f:ae:64:
87:34:f2:da:4d:ad:8d:be:48:ce:34:6c:08:44:0e:be:72:51:
72:73:80:9c:91:53:47:fa:3e:96:25:8e:62:62:98:31:da:dc:
24:88:08:45:24:b8:7f:0e:27:ad:dc:d3:97:a8:11:a1:e1:55:
f7:f4:15:b0:98:89:cd:fb:63:58:48:09:46:86:6b:b9:a8:7b:
60:6d:f1:12:fa:48:92:62:02:d8:7c:31:56:62:1b:d7:cc:9d:
89:38:52:45:ab:8a:fb:ce:02:2c:81:5d:28:3e:62:16:08:67:
d9:fd:02:75:ed:4c:eb:48:b9:c3:66:ea:e9:25:0b:51:a3:1b:
fa:71:d8:10:dc:b6:40:b1:7f:a4:8f:28:9e:3c:de:b1:49:28:
bb:d7:b8:3e:49:c5:84:fe:1d:82:a9:4d:22:98:fa:6c:83:e4:
e6:59:ae:17:cb:54:6c:47:41:e3:6c:eb:0d:36:e2:ae:e0:08:
73:d3:bd:50:2f:2f:bc:de:06:93:8a:6f:7b:65:f5:fc:1f:1a:
dc:24:9f:83:a5:cd:f9:72:10:b0:bd:eb:50:49:89:f8:a7:70:
e7:e6:d1:20:85:8f:7c:18:6a:eb:ba:15:0e:20:76:e7:f9:f9:
f2:ff:db:63
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeGlVks+ioWTGJWp5Akvu8w+4LvgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQxMDFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkNTFjZTUyZGVjNGE3YTJjZTk0OWU3Y2Y2ZGM3ZGVjYWQ4ZWUwYjZlMjVk
MTQ1YjVmNTBlOTYwMGYyNjQ2ZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsAEtCo/oZjcFP/L1Q6b4YdvmvqkUIvarDUYIOu4rEiSD03h2FRFDI0luF4
PYo2X6p/ecn/bZNDUkG7WCHrx3VGbkpfWEgtNJaxfDpmlxeNRUx+Jgocn6xygBBw
XfDr5sRfLAuUqCVMPJ5OIHbsAfXrupc83CwtY6QGCw8FIHlh2xcHpSUH4NKlWQE2
Onp9mYwWjA8Xq01EEtiROCJq1d8PFok9iJaDcgnmCb6DZfu1kmlBUXIj5Pc5o0wB
j/Non3dvW75eFwLxYoEvbS2rUslav3w3KT9EctCGGiUhyArgho2CjTvKI33o8lAR
Of2b7wxzee3fgHr3j29WL1HAnV8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSTmWsH
aXOzKmhUMI8diXYWj1YttDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y2YWMzZWYtODJmNS00YWJjLWEzNmUtNDA1Yjg2M2Y4ODRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
oDANBgkqhkiG9w0BAQsFAAOCAQEAg52A1W14O31wJ5sW1zGAX65khzTy2k2tjb5I
zjRsCEQOvnJRcnOAnJFTR/o+liWOYmKYMdrcJIgIRSS4fw4nrdzTl6gRoeFV9/QV
sJiJzftjWEgJRoZruah7YG3xEvpIkmIC2HwxVmIb18ydiThSRauK+84CLIFdKD5i
Fghn2f0Cde1M60i5w2bq6SULUaMb+nHYENy2QLF/pI8onjzesUkou9e4PknFhP4d
gqlNIpj6bIPk5lmuF8tUbEdB42zrDTbiruAIc9O9UC8vvN4Gk4pve2X1/B8a3CSf
g6XN+XIQsL3rUEmJ+Kdw5+bRIIWPfBhq67oVDiB25/n58v/bYw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:53 2025 by rpki-client