Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
File: 3f1caa71-8276-42c2-bf3a-470ac560fb89.roa (raw, json)
Hash identifier: NJDlu6mLt4Dg98T/7auNTjvGSvQl7SRbbH6ogOuYG70=
Subject key identifier: 40:10:ED:B8:71:44:7B:21:C9:24:88:7A:E5:C1:27:69:A3:0D:D1:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3546ABB525CA2D94B6276EA9FD51F029BE3FF0AD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
Signing time: Mon 16 Jun 2025 21:40:51 +0000
ROA not before: Mon 16 Jun 2025 21:40:51 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:46:ab:b5:25:ca:2d:94:b6:27:6e:a9:fd:51:f0:29:be:3f:f0:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:40:51 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=5633400055322320d77e0915eec42953ac7cbef94c4942ba3ed98b8006612db5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8a:64:31:3f:89:1f:e9:d6:1f:68:a1:b3:04:
96:58:99:3d:c2:a1:b5:00:77:58:f5:19:d6:ee:eb:
70:97:fd:d8:e5:ca:06:da:2f:f6:87:9b:65:36:f3:
9c:88:67:29:7c:dd:a2:d0:88:3d:69:af:af:b8:72:
a7:4f:af:b3:1c:89:b5:82:99:dd:71:6d:ff:7e:3e:
52:1d:b6:5c:0f:89:6d:ad:44:6f:86:ad:e8:30:83:
66:a6:69:4f:1e:7e:42:6f:57:d5:2d:12:cb:5c:c5:
73:7f:e9:11:4e:77:45:d3:10:c7:c7:75:5f:3b:79:
11:7c:c8:d3:3f:f9:70:ff:09:57:1f:5d:b3:d6:53:
57:fb:3e:da:2e:28:16:a2:99:84:b6:2b:97:e5:2b:
03:4c:ce:0b:0f:75:e5:bc:93:9c:c0:e5:83:68:a5:
6e:0c:80:4a:50:cc:c6:5b:b7:e5:f6:9a:70:fe:e0:
78:a1:d8:a3:c5:bd:2c:3a:ab:6a:6a:ff:0b:e2:2e:
65:cf:74:8f:ae:c0:8c:f1:de:15:86:6a:77:a0:48:
4f:42:0b:7e:0a:3f:97:34:8e:63:de:5b:fe:8d:9b:
3e:37:5f:b2:ea:4d:b1:25:79:cb:43:7e:a4:98:a3:
a2:03:0e:c6:a1:47:02:32:2a:9b:56:fd:3a:21:37:
91:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:10:ED:B8:71:44:7B:21:C9:24:88:7A:E5:C1:27:69:A3:0D:D1:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d::/37
Signature Algorithm: sha256WithRSAEncryption
4c:2f:7a:ce:af:35:02:21:12:03:7e:d2:2a:ce:49:5b:d3:b9:
f4:c0:08:c3:b5:3d:c2:7c:65:86:2d:49:9b:0c:e6:ac:db:5c:
fb:12:d2:83:ba:d2:8b:b4:cd:a0:b7:52:2c:a1:00:48:eb:34:
10:fe:2e:70:66:39:74:9e:30:e0:30:b5:e3:d6:84:92:84:c2:
d8:36:dd:c0:4f:e9:d6:f4:7e:42:f0:71:d5:12:fd:7e:1c:36:
c4:f2:1d:c8:5c:03:14:84:10:d0:00:4c:7f:00:db:4d:d3:10:
9d:f0:68:47:92:ce:9d:82:97:e8:4a:e3:00:ff:89:84:96:25:
b3:d4:23:cb:80:73:d0:a3:b5:e0:02:a2:b7:6c:78:7d:9c:0f:
50:31:53:6e:fc:4a:5d:64:f6:3c:cd:a5:53:8f:b7:63:48:33:
2a:b2:17:85:1f:49:03:d9:bb:f9:e0:97:5e:93:80:49:3d:50:
a3:7d:35:91:27:2f:dd:bd:d9:f5:af:76:8e:7a:e8:4c:03:40:
0f:a5:f4:c4:cf:56:56:2f:66:e1:c3:47:3b:0d:5c:1b:6e:44:
a8:e1:5c:8d:a1:b8:d2:19:5a:e2:30:0e:88:8f:2d:30:d7:70:
3a:73:60:49:1e:f6:cd:ad:32:13:6b:64:48:d6:60:26:5c:48:
44:d7:8c:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNUartSXKLZS2J26p/VHwKb4/8K0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQwNTFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2MzM0MDAwNTUzMjIzMjBkNzdlMDkxNWVlYzQyOTUzYWM3Y2JlZjk0YzQ5
NDJiYTNlZDk4YjgwMDY2MTJkYjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6KZDE/iR/p1h9oobMElliZPcKhtQB3WPUZ1u7rcJf92OXKBtov9oebZTbz
nIhnKXzdotCIPWmvr7hyp0+vsxyJtYKZ3XFt/34+Uh22XA+Jba1Eb4at6DCDZqZp
Tx5+Qm9X1S0Sy1zFc3/pEU53RdMQx8d1Xzt5EXzI0z/5cP8JVx9ds9ZTV/s+2i4o
FqKZhLYrl+UrA0zOCw915byTnMDlg2ilbgyASlDMxlu35faacP7geKHYo8W9LDqr
amr/C+IuZc90j67AjPHeFYZqd6BIT0ILfgo/lzSOY95b/o2bPjdfsupNsSV5y0N+
pJijogMOxqFHAjIqm1b9OiE3kc0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRAEO24
cUR7IckkiHrlwSdpow3RBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2YxY2FhNzEtODI3Ni00MmMyLWJmM2EtNDcwYWM1NjBmYjg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0A
MA0GCSqGSIb3DQEBCwUAA4IBAQBML3rOrzUCIRIDftIqzklb07n0wAjDtT3CfGWG
LUmbDOas21z7EtKDutKLtM2gt1IsoQBI6zQQ/i5wZjl0njDgMLXj1oSShMLYNt3A
T+nW9H5C8HHVEv1+HDbE8h3IXAMUhBDQAEx/ANtN0xCd8GhHks6dgpfoSuMA/4mE
liWz1CPLgHPQo7XgAqK3bHh9nA9QMVNu/EpdZPY8zaVTj7djSDMqsheFH0kD2bv5
4Jdek4BJPVCjfTWRJy/dvdn1r3aOeuhMA0APpfTEz1ZWL2bhw0c7DVwbbkSo4VyN
objSGVriMA6Ijy0w13A6c2BJHvbNrTITa2RI1mAmXEhE14xE
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:04:42 2025 by rpki-client