Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa
File: fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa (raw, json)
Hash identifier: T4kYylxq+Fh9Ouwza8n5NKGn15+9rQzCgwOjguUw8wQ=
Subject key identifier: EB:3B:22:59:E7:E1:00:6A:CE:09:6F:1D:48:AA:23:00:9A:EE:B2:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3DFD27DA503C8856323EF2144BECBBCFCCE3476C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa
Signing time: Tue 20 May 2025 18:41:31 +0000
ROA not before: Tue 20 May 2025 18:41:31 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:fd:27:da:50:3c:88:56:32:3e:f2:14:4b:ec:bb:cf:cc:e3:47:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:41:31 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=16926f7b2bb4cbaf8c687e1d676eec04dd899595fc150948dd9942832d8b7746, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:69:f1:ba:0b:33:03:fc:ed:84:dd:0f:3a:7a:
2c:16:9f:f6:17:3d:fd:8f:ef:e0:50:85:6a:d9:ba:
7b:d9:9d:73:5b:f4:2e:29:10:5c:8f:41:35:3e:6e:
44:87:1f:11:a1:a7:0a:ef:55:86:9e:a3:da:7b:a5:
0c:9c:81:62:be:86:33:e2:a0:fa:d0:ab:cb:e4:e9:
da:2a:ab:f5:8c:af:e0:d9:f2:84:1d:29:14:21:81:
6c:59:fd:0f:85:15:38:3f:dd:39:36:32:e4:d3:40:
76:c2:97:12:32:1e:45:2c:3b:2d:6c:0c:0f:e7:75:
2e:e7:48:b5:93:9b:9d:45:d8:30:19:56:82:76:58:
1a:18:28:b1:13:4d:4d:d1:25:80:c7:fb:5e:df:84:
ab:1a:e3:92:08:b4:32:d8:fd:dc:58:88:3e:f9:c3:
ac:4b:0a:98:51:9b:db:c4:56:50:b6:72:64:77:95:
02:3a:77:68:ca:3c:33:36:23:9d:1f:93:e3:7a:82:
8d:8b:27:ff:82:ca:97:73:c7:6a:94:f9:1b:a5:da:
91:f8:88:14:08:5d:15:40:c5:9f:5b:da:e2:2c:c8:
af:e0:ee:b6:78:44:b1:1e:d6:88:35:51:71:2a:45:
35:e3:c6:61:36:15:4c:61:1b:a5:db:21:73:1c:ce:
98:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:3B:22:59:E7:E1:00:6A:CE:09:6F:1D:48:AA:23:00:9A:EE:B2:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4060::/48
Signature Algorithm: sha256WithRSAEncryption
14:cc:b7:76:9a:82:6c:af:55:7a:e0:66:2d:0c:3b:01:67:ab:
40:ba:3c:16:98:ad:94:74:54:e5:18:85:5e:1d:11:b5:3c:ce:
c8:48:6f:df:2f:4f:f9:25:60:a5:d1:33:51:b7:db:e0:09:f0:
02:46:6f:fc:0c:13:a8:fb:fd:79:80:bb:be:93:d0:f4:66:dd:
b6:85:df:f5:98:ce:49:23:4c:3a:13:dc:dc:b2:1c:94:4c:85:
01:c8:52:5b:98:8f:b0:ef:59:45:27:a5:a7:43:83:da:a7:11:
5d:b8:77:44:a3:22:8b:4f:a2:9e:1f:a4:68:b7:01:c9:67:49:
e5:fc:7a:8f:cc:9c:c9:92:a9:8a:39:69:a9:c9:5e:ee:7f:1f:
58:95:f2:16:45:44:85:ab:fa:bf:7e:08:66:ac:d5:64:fc:ea:
d3:fd:63:47:c5:61:15:b7:16:44:ca:0f:b9:94:58:29:ff:d5:
df:91:d8:24:1e:a7:87:0e:66:f6:0c:b0:41:27:e4:de:81:de:
98:57:c9:1b:ce:d6:8f:82:95:57:d5:ce:6a:dc:5c:82:94:ff:
34:b5:04:dd:b7:5c:8f:d2:f4:2d:57:14:e6:fa:0d:d7:31:9d:
91:0d:f5:49:3b:07:63:c7:09:00:2e:c6:70:bf:5d:25:8c:c2:
25:df:b8:b6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPf0n2lA8iFYyPvIUS+y7z8zjR2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQxMzFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2OTI2ZjdiMmJiNGNiYWY4YzY4N2UxZDY3NmVlYzA0ZGQ4OTk1OTVmYzE1
MDk0OGRkOTk0MjgzMmQ4Yjc3NDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZp8boLMwP87YTdDzp6LBaf9hc9/Y/v4FCFatm6e9mdc1v0LikQXI9BNT5u
RIcfEaGnCu9Vhp6j2nulDJyBYr6GM+Kg+tCry+Tp2iqr9Yyv4NnyhB0pFCGBbFn9
D4UVOD/dOTYy5NNAdsKXEjIeRSw7LWwMD+d1LudItZObnUXYMBlWgnZYGhgosRNN
TdElgMf7Xt+Eqxrjkgi0Mtj93FiIPvnDrEsKmFGb28RWULZyZHeVAjp3aMo8MzYj
nR+T43qCjYsn/4LKl3PHapT5G6XakfiIFAhdFUDFn1va4izIr+DutnhEsR7WiDVR
cSpFNePGYTYVTGEbpdshcxzOmIECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTrOyJZ
5+EAas4Jbx1IqiMAmu6y0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmI0NTVmNWQtNmNlNi00MzczLWI1YmMtMWMxZTAzNGExNDhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
YDANBgkqhkiG9w0BAQsFAAOCAQEAFMy3dpqCbK9VeuBmLQw7AWerQLo8FpitlHRU
5RiFXh0RtTzOyEhv3y9P+SVgpdEzUbfb4AnwAkZv/AwTqPv9eYC7vpPQ9GbdtoXf
9ZjOSSNMOhPc3LIclEyFAchSW5iPsO9ZRSelp0OD2qcRXbh3RKMii0+inh+kaLcB
yWdJ5fx6j8ycyZKpijlpqcle7n8fWJXyFkVEhav6v34IZqzVZPzq0/1jR8VhFbcW
RMoPuZRYKf/V35HYJB6nhw5m9gywQSfk3oHemFfJG87Wj4KVV9XOatxcgpT/NLUE
3bdcj9L0LVcU5voN1zGdkQ31STsHY8cJAC7GcL9dJYzCJd+4tg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:14 2025 by rpki-client