Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
File: 3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa (raw, json)
Hash identifier: X582vVAtcjCNfmrZ8timd9m/yqVNktZ8hFIi2clJILU=
Subject key identifier: 79:CB:94:C7:11:BF:CB:E7:9B:F6:E7:D0:70:A3:53:CC:39:82:21:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52B74316BFD22B9DAB6EAD59F70846822AEE607F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
Signing time: Fri 20 Jun 2025 00:10:37 +0000
ROA not before: Fri 20 Jun 2025 00:10:37 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:b7:43:16:bf:d2:2b:9d:ab:6e:ad:59:f7:08:46:82:2a:ee:60:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 20 00:10:37 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=bf63f2f0e98300471fd62fbd6d32b259fb2c37a8d0a78a50dd827f0cbf6bed68, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:3b:62:0c:ff:c5:85:95:07:af:db:fe:b9:11:
61:4e:c4:5f:b1:bd:cf:64:fe:a0:e3:23:53:1d:c8:
b2:20:97:2a:6e:27:36:0e:5a:f6:87:23:ba:1f:61:
af:81:3d:e0:bf:db:2e:bf:76:24:52:43:f9:00:9e:
85:ab:2d:8b:de:49:ec:d5:27:9c:44:98:25:6e:af:
cf:f8:8c:ef:b4:02:2c:5c:a9:b2:9c:2f:bc:b8:07:
23:3a:99:f5:31:13:f6:50:82:55:05:c8:5f:35:21:
a6:f4:7a:8d:ad:84:1a:57:4d:55:43:41:fa:a7:e2:
e7:4a:07:73:06:02:c3:ce:5a:a0:b3:ba:b7:26:9a:
76:09:10:0c:fa:7e:5f:e7:e7:09:20:eb:10:e5:e6:
a0:40:d1:c8:78:b8:d9:a1:6e:09:a0:04:56:57:79:
fb:29:1c:ca:c2:3a:00:90:5f:0c:88:5a:0a:76:d2:
b9:93:9f:66:6c:aa:83:ef:e6:fe:4f:b0:60:c4:4f:
a8:75:f6:7f:68:c4:f8:e2:96:e1:db:6e:59:10:fb:
40:ac:a6:7d:d3:2b:23:c8:9b:76:6e:75:8e:d0:28:
ad:37:09:06:46:5d:d1:40:4a:96:5c:a7:00:78:49:
8c:b1:88:d4:2d:a9:fa:72:2e:66:55:0d:35:f7:28:
22:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:CB:94:C7:11:BF:CB:E7:9B:F6:E7:D0:70:A3:53:CC:39:82:21:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020::/28
Signature Algorithm: sha256WithRSAEncryption
8d:17:29:42:de:eb:26:a4:52:88:09:30:10:0c:f6:71:a4:bb:
69:1b:d8:e0:6e:39:9e:e3:e2:ec:d3:b9:88:17:12:3a:f2:3b:
d6:77:95:85:68:80:41:34:2b:c8:b7:da:8e:7f:ea:ef:10:ac:
0c:00:b8:5a:3c:62:71:f1:34:8d:85:34:03:91:4c:cc:77:20:
da:73:27:26:3a:c0:e4:7d:d4:0d:09:e5:b9:6b:14:7f:63:d9:
da:41:d4:95:fd:9b:41:16:0b:38:51:da:f6:34:99:13:76:a8:
03:56:ea:4a:4f:0b:19:1b:91:08:a1:94:7e:66:81:92:6d:8d:
c4:66:9a:2d:d2:4c:53:b8:48:fb:7a:e9:31:73:91:47:f3:32:
60:9e:f7:5d:4b:e3:3e:39:96:d8:56:d7:ae:d1:55:ad:69:20:
08:ff:c7:4a:7b:a2:b4:27:52:ca:3e:d7:57:95:b2:79:3b:66:
68:31:5d:59:41:3a:31:b1:8a:6a:5e:9b:b0:a1:60:1c:b7:bd:
8e:85:5a:ae:25:0d:5d:ad:21:01:22:22:9f:b0:28:5d:64:58:
89:12:36:bd:a2:74:e8:6d:fe:91:4b:0f:15:a8:91:1f:d6:2f:
d2:1f:a6:07:e7:4a:7c:94:d5:fc:89:7a:8c:f3:3c:b9:a8:2e:
98:33:79:58
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUUrdDFr/SK52rbq1Z9whGgiruYH8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjAwMDEwMzdaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmNjNmMmYwZTk4MzAwNDcxZmQ2MmZiZDZkMzJiMjU5ZmIyYzM3YThkMGE3
OGE1MGRkODI3ZjBjYmY2YmVkNjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPQ7Ygz/xYWVB6/b/rkRYU7EX7G9z2T+oOMjUx3IsiCXKm4nNg5a9ocjuh9h
r4E94L/bLr92JFJD+QCehasti95J7NUnnESYJW6vz/iM77QCLFypspwvvLgHIzqZ
9TET9lCCVQXIXzUhpvR6ja2EGldNVUNB+qfi50oHcwYCw85aoLO6tyaadgkQDPp+
X+fnCSDrEOXmoEDRyHi42aFuCaAEVld5+ykcysI6AJBfDIhaCnbSuZOfZmyqg+/m
/k+wYMRPqHX2f2jE+OKW4dtuWRD7QKymfdMrI8ibdm51jtAorTcJBkZd0UBKllyn
AHhJjLGI1C2p+nIuZlUNNfcoIjECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBR5y5TH
Eb/L55v259Bwo1PMOYIhMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzEzNmEzMjItZjlkNC00Yzc3LWI0OGItM2E0YTViMmQzZDU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBCoF0CAw
DQYJKoZIhvcNAQELBQADggEBAI0XKULe6yakUogJMBAM9nGku2kb2OBuOZ7j4uzT
uYgXEjryO9Z3lYVogEE0K8i32o5/6u8QrAwAuFo8YnHxNI2FNAORTMx3INpzJyY6
wOR91A0J5blrFH9j2dpB1JX9m0EWCzhR2vY0mRN2qANW6kpPCxkbkQihlH5mgZJt
jcRmmi3STFO4SPt66TFzkUfzMmCe911L4z45lthW167RVa1pIAj/x0p7orQnUso+
11eVsnk7ZmgxXVlBOjGximpem7ChYBy3vY6FWq4lDV2tIQEiIp+wKF1kWIkSNr2i
dOht/pFLDxWokR/WL9IfpgfnSnyU1fyJeozzPLmoLpgzeVg=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:07 2025 by rpki-client