Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/417101f4-2159-4c08-aa5e-b16ba0461450.roa
File: 417101f4-2159-4c08-aa5e-b16ba0461450.roa (raw, json)
Hash identifier: bbR+DEXsqnIjtXZyNdpYJEv2RTnVZlPDqP1plevdrxw=
Subject key identifier: 39:1D:53:CD:4C:AE:63:86:8A:34:41:E2:EE:F5:AD:FC:94:04:37:77
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32948E4E41799AD92A0169E2AA81A25336AD3E01
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/417101f4-2159-4c08-aa5e-b16ba0461450.roa
Signing time: Mon 16 Jun 2025 20:50:21 +0000
ROA not before: Mon 16 Jun 2025 20:50:21 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:94:8e:4e:41:79:9a:d9:2a:01:69:e2:aa:81:a2:53:36:ad:3e:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:50:21 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=958cff001fdb9294cd572bc9068017318dfd2fedd84c31676ba43757adaefff9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:64:d0:8d:5e:86:ac:b0:ad:62:71:a3:7e:82:
26:57:be:f5:f3:32:e5:fd:97:4e:73:a6:cd:f5:85:
78:7d:60:f9:9d:47:2a:39:b9:c4:5f:69:f8:8b:86:
12:d1:19:7c:13:8a:c8:24:d5:10:4d:2b:c4:8f:92:
f7:00:5a:78:06:9c:00:d0:b3:99:a4:a5:8a:a4:89:
44:bf:6f:7b:c1:83:d4:2e:58:9e:1f:e0:b1:35:94:
72:ef:c5:d5:68:6e:fe:5f:4d:c1:ba:73:83:32:12:
25:69:a5:a3:73:d2:c1:ed:27:d3:2f:22:74:82:2a:
a4:23:2f:ab:50:fe:f7:ec:07:ce:13:7a:25:a2:78:
bf:5c:ab:5b:28:db:a0:7a:81:f8:b8:40:b3:c4:d0:
f9:b9:20:75:40:a9:ba:35:6e:8a:5e:60:7f:85:27:
c5:d6:a7:d5:50:01:48:9f:22:af:81:55:22:a0:37:
00:86:5f:3d:f9:94:8f:8e:f3:04:51:52:8e:a6:92:
a2:e1:7d:75:aa:b9:64:32:44:78:89:4c:ff:9e:63:
94:ea:2c:5c:99:88:8e:a6:63:3d:0e:be:5b:f4:6f:
be:95:c7:79:a4:24:d2:25:cd:2a:48:dd:8c:c8:15:
fb:11:fb:2f:88:ad:1a:7c:63:2f:f9:7d:e6:9a:6b:
48:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:1D:53:CD:4C:AE:63:86:8A:34:41:E2:EE:F5:AD:FC:94:04:37:77
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/417101f4-2159-4c08-aa5e-b16ba0461450.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:2000::/40
Signature Algorithm: sha256WithRSAEncryption
21:ac:30:07:15:f3:ec:be:05:9c:ec:7b:be:fb:85:c6:11:f7:
61:78:92:4b:09:3b:55:98:cb:51:a5:ba:8b:03:da:7c:53:b8:
d5:ee:11:b2:69:6a:e2:b3:58:02:67:e3:04:3b:32:e9:b3:b8:
94:08:50:a2:e1:77:c3:6a:16:c2:78:72:a5:b3:d7:16:17:b9:
ae:70:e0:3d:29:da:ac:a1:1f:19:d9:40:a5:b5:f6:c7:4d:68:
24:22:f7:bd:57:fa:53:9e:3a:33:5a:0d:6d:1d:d8:2a:23:32:
40:4f:39:c1:8b:2e:e0:05:8a:44:6f:b7:80:b8:a9:43:02:3b:
14:5a:7a:46:5c:97:4a:58:82:00:c2:a0:a0:c3:c1:3c:35:9d:
24:9a:c6:7a:cf:c4:18:81:bf:f2:e6:d2:fe:b0:13:06:58:f7:
ec:f0:df:a1:42:09:de:06:5b:c1:41:e8:15:6f:a5:d4:e7:ad:
65:7a:c3:a5:e1:5c:7e:d0:6f:bb:8c:37:a7:62:af:ba:3f:ae:
4a:fb:1d:5e:c6:f3:c0:fa:d6:17:41:0e:9d:d1:e0:29:00:84:
7b:41:27:d6:88:a5:a9:15:ac:29:c6:30:df:a3:06:5c:7d:d5:
1b:84:84:87:ce:1d:2d:01:d0:f1:1e:60:4c:a1:a1:37:e8:53:
37:76:c6:a6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMpSOTkF5mtkqAWniqoGiUzatPgEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDUwMjFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1OGNmZjAwMWZkYjkyOTRjZDU3MmJjOTA2ODAxNzMxOGRmZDJmZWRkODRj
MzE2NzZiYTQzNzU3YWRhZWZmZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI5k0I1ehqywrWJxo36CJle+9fMy5f2XTnOmzfWFeH1g+Z1HKjm5xF9p+IuG
EtEZfBOKyCTVEE0rxI+S9wBaeAacANCzmaSliqSJRL9ve8GD1C5Ynh/gsTWUcu/F
1Whu/l9NwbpzgzISJWmlo3PSwe0n0y8idIIqpCMvq1D+9+wHzhN6JaJ4v1yrWyjb
oHqB+LhAs8TQ+bkgdUCpujVuil5gf4Unxdan1VABSJ8ir4FVIqA3AIZfPfmUj47z
BFFSjqaSouF9daq5ZDJEeIlM/55jlOosXJmIjqZjPQ6+W/RvvpXHeaQk0iXNKkjd
jMgV+xH7L4itGnxjL/l95pprSPkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ5HVPN
TK5jhoo0QeLu9a38lAQ3dzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDE3MTAxZjQtMjE1OS00YzA4LWFhNWUtYjE2YmEwNDYxNDUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hcg
MA0GCSqGSIb3DQEBCwUAA4IBAQAhrDAHFfPsvgWc7Hu++4XGEfdheJJLCTtVmMtR
pbqLA9p8U7jV7hGyaWris1gCZ+MEOzLps7iUCFCi4XfDahbCeHKls9cWF7mucOA9
KdqsoR8Z2UCltfbHTWgkIve9V/pTnjozWg1tHdgqIzJATznBiy7gBYpEb7eAuKlD
AjsUWnpGXJdKWIIAwqCgw8E8NZ0kmsZ6z8QYgb/y5tL+sBMGWPfs8N+hQgneBlvB
QegVb6XU561lesOl4Vx+0G+7jDenYq+6P65K+x1exvPA+tYXQQ6d0eApAIR7QSfW
iKWpFawpxjDfowZcfdUbhISHzh0tAdDxHmBMoaE36FM3dsam
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:08:47 2025 by rpki-client