Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
File: 1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa (raw, json)
Hash identifier: Za6ne/z2oR6ni+Z5VgDzrL1TES80QPrctVbNC8WcwMU=
Subject key identifier: 2C:75:4C:D3:19:FC:81:CE:7B:AC:53:43:49:FD:5F:16:7C:A4:27:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 08B081ACB1D69F4EA2CF2C093BE7C10254E91AD5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
Signing time: Mon 16 Jun 2025 21:31:31 +0000
ROA not before: Mon 16 Jun 2025 21:31:31 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:b0:81:ac:b1:d6:9f:4e:a2:cf:2c:09:3b:e7:c1:02:54:e9:1a:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:31 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f7cc02c13cb9237b66b3000fe85e0220e959f016d551096f2928f5994f6aa9d4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d4:91:f0:ec:ff:bd:82:ec:6c:cb:9e:38:7a:
ae:5d:91:4e:57:1b:de:07:28:82:9c:45:59:27:67:
3c:56:e5:3c:e0:af:66:e5:e1:29:00:66:e1:33:8d:
47:44:4e:ed:ba:53:8b:b7:ed:5f:d0:d4:80:a8:a4:
04:2d:26:b4:8d:20:f5:b2:06:e0:36:ca:42:c9:07:
91:4f:9b:8e:12:52:47:5d:58:56:86:63:68:b8:62:
aa:25:6c:03:5e:11:dd:7b:7f:d3:17:87:6d:b4:97:
7e:79:fb:ad:a8:62:7f:1b:d6:1b:2a:ce:e8:40:35:
fe:61:0d:2b:4c:a4:b0:d5:30:ca:73:93:64:aa:2d:
02:87:42:a2:0b:58:aa:0b:47:9b:35:a2:cf:6a:79:
57:81:63:05:42:d9:31:ec:d2:26:39:08:b4:ff:0c:
26:07:0d:11:a3:4b:ba:da:1a:70:7a:37:88:bf:da:
3c:1f:92:78:8f:5b:7d:3e:4d:28:91:e5:c6:c9:b9:
3a:9d:db:12:3c:ea:5b:46:6f:30:68:dc:25:b3:de:
91:a9:2f:9a:ad:c0:48:c8:98:06:9e:79:ff:f5:52:
54:ce:c5:02:ed:c8:49:b6:b0:74:ce:2b:40:60:e5:
26:a7:f1:5e:11:e3:d4:a2:2f:21:0a:f5:06:65:95:
a6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:75:4C:D3:19:FC:81:CE:7B:AC:53:43:49:FD:5F:16:7C:A4:27:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6000::/40
Signature Algorithm: sha256WithRSAEncryption
74:c4:40:a1:5b:6f:66:dc:1f:6d:77:45:86:9e:07:c0:70:ac:
e2:dc:b4:2f:9c:98:2c:ee:2e:0b:0f:e4:5c:4c:ae:ec:0f:55:
11:97:22:a5:d4:fe:db:a6:0f:d8:a9:d3:be:bd:2b:cc:d8:6d:
b8:1c:c1:18:b9:d8:27:1f:3b:40:88:91:aa:04:2e:1b:4a:0c:
7f:b6:c1:2f:32:71:52:a9:bd:ae:ea:94:a3:67:fe:dd:60:81:
f7:6b:6a:a4:dc:47:cc:ee:18:5e:75:28:0a:04:8c:52:77:e7:
43:af:69:dd:6d:29:78:bb:3b:36:b2:0c:be:75:a4:ee:19:f0:
6c:11:18:c8:76:b9:e1:f6:ab:f0:56:0a:b3:ff:53:84:4c:67:
df:f9:68:f4:ba:a5:13:da:48:b3:00:7a:7b:80:0f:0d:a0:5a:
53:00:56:bb:50:b3:7f:8f:49:76:2a:77:c1:78:f6:66:10:9e:
fa:ec:4e:99:9e:7f:14:27:36:f1:ea:f6:14:01:5f:00:a2:73:
6c:c2:6f:ae:54:73:09:80:0c:5b:41:a9:64:18:83:04:f0:3e:
e7:aa:fd:f3:b6:53:03:b3:59:e7:12:a2:72:38:bd:4a:cc:84:
ad:9c:1e:49:29:ff:22:3a:0c:2c:e4:04:41:de:7d:6b:ea:5f:
85:18:cb:c3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCLCBrLHWn06izywJO+fBAlTpGtUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxMzFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3Y2MwMmMxM2NiOTIzN2I2NmIzMDAwZmU4NWUwMjIwZTk1OWYwMTZkNTUx
MDk2ZjI5MjhmNTk5NGY2YWE5ZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHUkfDs/72C7GzLnjh6rl2RTlcb3gcogpxFWSdnPFblPOCvZuXhKQBm4TON
R0RO7bpTi7ftX9DUgKikBC0mtI0g9bIG4DbKQskHkU+bjhJSR11YVoZjaLhiqiVs
A14R3Xt/0xeHbbSXfnn7rahifxvWGyrO6EA1/mENK0yksNUwynOTZKotAodCogtY
qgtHmzWiz2p5V4FjBULZMezSJjkItP8MJgcNEaNLutoacHo3iL/aPB+SeI9bfT5N
KJHlxsm5Op3bEjzqW0ZvMGjcJbPekakvmq3ASMiYBp55//VSVM7FAu3ISbawdM4r
QGDlJqfxXhHj1KIvIQr1BmWVpg8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQsdUzT
GfyBznusU0NJ/V8WfKQnWTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWJhMmQwNjMtOTE1Yi00ZWY1LWIxYjgtMDBkNzNkYzhhMzFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRg
MA0GCSqGSIb3DQEBCwUAA4IBAQB0xEChW29m3B9td0WGngfAcKzi3LQvnJgs7i4L
D+RcTK7sD1URlyKl1P7bpg/YqdO+vSvM2G24HMEYudgnHztAiJGqBC4bSgx/tsEv
MnFSqb2u6pSjZ/7dYIH3a2qk3EfM7hhedSgKBIxSd+dDr2ndbSl4uzs2sgy+daTu
GfBsERjIdrnh9qvwVgqz/1OETGff+Wj0uqUT2kizAHp7gA8NoFpTAFa7ULN/j0l2
KnfBePZmEJ767E6Znn8UJzbx6vYUAV8AonNswm+uVHMJgAxbQalkGIME8D7nqv3z
tlMDs1nnEqJyOL1KzIStnB5JKf8iOgws5ARB3n1r6l+FGMvD
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:25 2025 by rpki-client