Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/29ccbf1f-bd18-437f-87cb-c8d85587cbea.roa
File: 29ccbf1f-bd18-437f-87cb-c8d85587cbea.roa (raw, json)
Hash identifier: yTMvWSeAIfcfgV2i7K1q7ihgOfAC42jj6xD2fSPfexc=
Subject key identifier: E0:8F:58:0E:86:FA:F1:A2:0B:B3:67:B6:90:84:67:70:DC:C1:E8:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1550263558FF6383AB246031958F2DC80579E13D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/29ccbf1f-bd18-437f-87cb-c8d85587cbea.roa
Signing time: Mon 16 Jun 2025 19:41:15 +0000
ROA not before: Mon 16 Jun 2025 19:41:15 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8030::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:50:26:35:58:ff:63:83:ab:24:60:31:95:8f:2d:c8:05:79:e1:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:41:15 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=5e207c83f13980424a612f7c854fef85f953aaac65cd1dd0f31d7c5a4928dcea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:28:3e:a4:ef:e3:b7:a7:2a:2f:55:54:eb:5e:
04:2f:e8:4b:ad:74:4e:cb:9b:6e:ed:47:9b:d1:96:
c8:23:bd:99:08:74:ee:3d:e6:f1:74:20:77:28:25:
03:e0:0d:5b:60:b6:a9:b0:9a:44:00:99:9b:5c:0c:
c7:97:46:14:7d:05:dc:7a:23:2d:65:87:21:77:8c:
db:30:16:a3:4e:d3:2a:33:41:70:6c:52:d4:41:e8:
73:08:7e:af:50:78:67:6d:0a:d1:f4:ce:d2:bf:f0:
cb:26:ad:77:d9:1a:ab:27:ae:ba:e5:3a:f5:ac:9b:
14:82:a1:5e:90:63:28:be:92:a5:eb:3e:1b:16:c0:
ed:d9:dd:31:e5:9e:e6:2f:5a:7a:9b:7b:14:f8:38:
b4:05:b5:a6:6c:ad:6c:4e:44:76:0e:37:91:4c:cb:
eb:93:1a:85:6f:df:af:1f:45:89:37:cf:5b:18:68:
1c:ce:53:60:eb:f1:2c:26:9d:c5:49:4f:4e:39:3c:
81:24:aa:d3:86:00:8f:c6:57:7c:4a:74:0b:af:15:
0a:8f:f5:c5:64:a6:9b:e2:63:53:62:51:f4:b8:b2:
2a:34:a0:4b:4f:10:33:8a:cd:f7:65:9a:d1:0d:08:
bb:ea:93:ad:76:1a:19:bd:ce:90:b0:8b:83:4f:1c:
a5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:8F:58:0E:86:FA:F1:A2:0B:B3:67:B6:90:84:67:70:DC:C1:E8:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/29ccbf1f-bd18-437f-87cb-c8d85587cbea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8030::/48
Signature Algorithm: sha256WithRSAEncryption
97:5f:e1:60:91:3f:dc:0a:17:af:62:77:0c:e4:a6:dc:51:a4:
46:3c:0d:8d:35:77:14:f0:1a:1f:a0:d4:f9:3b:49:1a:c7:32:
83:02:13:f2:4e:a9:5c:0c:92:ba:f0:bb:cc:c3:a1:3e:66:7d:
27:72:d3:54:24:b1:41:a9:d7:af:c1:1a:c4:52:8a:00:57:68:
98:14:85:75:5f:c9:43:7e:48:ae:e6:6e:ae:ed:39:47:98:c8:
84:2e:8c:4b:9f:ed:fe:0a:76:78:a0:1a:38:80:da:4f:a1:f3:
20:59:68:81:bf:53:0e:47:9f:fd:b5:aa:98:c0:44:9a:69:c6:
62:d4:76:fb:19:c4:3c:a4:88:2a:4b:af:6a:44:cb:c9:d8:d0:
85:6f:f6:ca:cc:0a:34:f0:5d:43:a6:6c:1d:cc:2b:43:f2:d2:
f0:fd:29:a4:a6:e1:64:8b:19:8a:50:b6:89:1a:68:ad:f6:ea:
44:f2:0e:47:42:5f:af:5a:0c:54:5b:15:a9:5c:70:35:db:c1:
c9:11:00:12:80:de:9a:db:74:17:72:11:d1:76:3e:cf:76:7f:
70:88:0d:58:2b:da:74:80:49:99:39:d9:eb:35:08:f2:9d:10:
c0:3a:d3:86:27:0b:e9:d0:c5:37:8f:ed:a3:9f:f8:d5:c1:2a:
e5:d5:ca:d8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFVAmNVj/Y4OrJGAxlY8tyAV54T0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQxMTVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlMjA3YzgzZjEzOTgwNDI0YTYxMmY3Yzg1NGZlZjg1Zjk1M2FhYWM2NWNk
MWRkMGYzMWQ3YzVhNDkyOGRjZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJsoPqTv47enKi9VVOteBC/oS610Tsubbu1Hm9GWyCO9mQh07j3m8XQgdygl
A+ANW2C2qbCaRACZm1wMx5dGFH0F3HojLWWHIXeM2zAWo07TKjNBcGxS1EHocwh+
r1B4Z20K0fTO0r/wyyatd9kaqyeuuuU69aybFIKhXpBjKL6Spes+GxbA7dndMeWe
5i9aept7FPg4tAW1pmytbE5Edg43kUzL65MahW/frx9FiTfPWxhoHM5TYOvxLCad
xUlPTjk8gSSq04YAj8ZXfEp0C68VCo/1xWSmm+JjU2JR9LiyKjSgS08QM4rN92Wa
0Q0Iu+qTrXYaGb3OkLCLg08cpd8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTgj1gO
hvrxoguzZ7aQhGdw3MHoRDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjljY2JmMWYtYmQxOC00MzdmLTg3Y2ItYzhkODU1ODdjYmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
MDANBgkqhkiG9w0BAQsFAAOCAQEAl1/hYJE/3AoXr2J3DOSm3FGkRjwNjTV3FPAa
H6DU+TtJGscygwIT8k6pXAySuvC7zMOhPmZ9J3LTVCSxQanXr8EaxFKKAFdomBSF
dV/JQ35IruZuru05R5jIhC6MS5/t/gp2eKAaOIDaT6HzIFlogb9TDkef/bWqmMBE
mmnGYtR2+xnEPKSIKkuvakTLydjQhW/2yswKNPBdQ6ZsHcwrQ/LS8P0ppKbhZIsZ
ilC2iRporfbqRPIOR0Jfr1oMVFsVqVxwNdvByREAEoDemtt0F3IR0XY+z3Z/cIgN
WCvadIBJmTnZ6zUI8p0QwDrThicL6dDFN4/to5/41cEq5dXK2A==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:20 2025 by rpki-client