Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
File: 0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa (raw, json)
Hash identifier: ZuHf+VkIqr8zCYkv5pLrixljr1ha159or1HoK+cjQCc=
Subject key identifier: 1C:BC:1E:E5:27:59:D6:E5:A4:C5:09:9C:3A:EE:03:1F:C4:BA:31:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0EBC510CDF2FAA2CFAFC8D653A91C2E31E7692FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
Signing time: Mon 16 Jun 2025 21:50:11 +0000
ROA not before: Mon 16 Jun 2025 21:50:11 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:bc:51:0c:df:2f:aa:2c:fa:fc:8d:65:3a:91:c2:e3:1e:76:92:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:50:11 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8ec0235d5b7dea41f389d111474441164f5cd21ad871af8ff65ab9982088b7cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:d3:21:07:98:53:65:c7:7e:59:11:3e:fb:8e:
22:5c:a8:7e:0b:0d:3b:ec:7b:25:c5:5b:51:1b:da:
15:29:03:88:84:60:b2:99:51:0e:dd:80:11:4a:fe:
03:a5:be:7e:88:f0:bd:62:94:55:20:ab:8a:a1:c1:
15:03:ce:ad:8c:2a:31:1e:93:ce:d3:00:31:4c:99:
82:4b:87:8a:2f:7e:57:f8:d1:04:65:27:5e:a5:b4:
8c:a9:6a:18:9a:0f:05:c1:a4:79:cd:30:c7:ee:73:
4d:43:78:f6:f6:fb:7e:47:68:b1:80:84:46:3a:ed:
ee:7e:57:7c:63:eb:ef:a5:96:c7:26:99:83:41:c4:
4d:d9:8d:3e:f1:08:94:71:4a:59:6a:1d:ca:bd:b4:
e7:ec:43:6a:da:28:1b:5c:e4:c9:0e:04:91:26:5f:
3c:7e:0c:54:63:3d:7a:cc:fe:de:39:b6:17:71:17:
19:e1:69:c6:a1:5a:95:28:66:78:79:1c:80:a0:0c:
6e:97:7c:6f:4c:2e:7e:dd:f6:3e:d5:cb:58:b0:6b:
0d:87:7d:39:9c:c0:de:27:b8:92:d4:24:a8:75:3a:
b0:00:f5:6c:82:da:e9:8f:c3:81:e4:54:20:6e:f5:
ab:e8:72:bd:2f:98:20:fa:5d:a9:5a:6c:4e:ae:53:
ec:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:BC:1E:E5:27:59:D6:E5:A4:C5:09:9C:3A:EE:03:1F:C4:BA:31:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:1000::/36
Signature Algorithm: sha256WithRSAEncryption
91:2f:52:af:da:fe:76:bc:bf:05:7f:a2:4b:7e:c3:34:83:7f:
d0:bf:75:ee:f8:d2:b8:c7:01:95:54:49:b0:1a:bf:93:38:1d:
26:aa:f4:6d:61:d3:b6:2c:43:35:47:cb:82:4f:dd:f6:8a:f8:
f9:86:60:e2:3b:3a:68:09:09:b9:4c:36:67:bc:26:2b:6b:99:
49:2b:52:95:8e:6c:54:eb:55:20:a5:5f:6a:aa:8c:20:ec:e0:
a1:d1:c0:0b:8d:58:a8:03:96:55:ac:0c:62:46:50:75:41:9c:
72:d2:f0:6a:ad:f8:78:be:bc:9c:3c:d2:f2:e2:e4:77:a2:4a:
6a:a6:e4:d6:75:9a:90:f8:d9:21:ab:e8:1b:91:f7:5d:fe:00:
dc:f6:59:9e:73:e7:d6:e5:38:e7:bc:e3:e8:36:37:a4:b6:0f:
09:8f:fc:bb:59:85:a7:09:a4:73:71:26:e9:76:cb:be:9c:44:
aa:ca:7a:c6:94:26:c5:91:e6:f3:e3:f8:e4:74:42:91:6d:41:
eb:34:6c:0d:b2:9a:4b:3b:ba:90:ab:66:b1:24:d2:f8:16:da:
db:43:9a:0d:1c:8d:de:92:71:93:2b:2a:7f:a4:db:5f:0c:88:
4c:9c:35:9f:02:bc:06:22:55:5e:b7:eb:f3:6f:f2:a9:99:07:
39:21:2c:1d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDrxRDN8vqiz6/I1lOpHC4x52kv4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTUwMTFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlYzAyMzVkNWI3ZGVhNDFmMzg5ZDExMTQ3NDQ0MTE2NGY1Y2QyMWFkODcx
YWY4ZmY2NWFiOTk4MjA4OGI3Y2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO3TIQeYU2XHflkRPvuOIlyofgsNO+x7JcVbURvaFSkDiIRgsplRDt2AEUr+
A6W+fojwvWKUVSCriqHBFQPOrYwqMR6TztMAMUyZgkuHii9+V/jRBGUnXqW0jKlq
GJoPBcGkec0wx+5zTUN49vb7fkdosYCERjrt7n5XfGPr76WWxyaZg0HETdmNPvEI
lHFKWWodyr205+xDatooG1zkyQ4EkSZfPH4MVGM9esz+3jm2F3EXGeFpxqFalShm
eHkcgKAMbpd8b0wuft32PtXLWLBrDYd9OZzA3ie4ktQkqHU6sAD1bILa6Y/DgeRU
IG71q+hyvS+YIPpdqVpsTq5T7PcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQcvB7l
J1nW5aTFCZw67gMfxLoxxTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGJmNmNlZjgtOGM2MC00YTBlLTg5MzItY2ZkYTY0OGQyNzcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCRL1Kv2v52vL8Ff6JLfsM0g3/Qv3Xu+NK4xwGV
VEmwGr+TOB0mqvRtYdO2LEM1R8uCT932ivj5hmDiOzpoCQm5TDZnvCYra5lJK1KV
jmxU61UgpV9qqowg7OCh0cALjVioA5ZVrAxiRlB1QZxy0vBqrfh4vrycPNLy4uR3
okpqpuTWdZqQ+Nkhq+gbkfdd/gDc9lmec+fW5TjnvOPoNjektg8Jj/y7WYWnCaRz
cSbpdsu+nESqynrGlCbFkebz4/jkdEKRbUHrNGwNsppLO7qQq2axJNL4FtrbQ5oN
HI3eknGTKyp/pNtfDIhMnDWfArwGIlVet+vzb/KpmQc5ISwd
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:23:20 2025 by rpki-client