Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
File: 538037c5-70a6-4b45-b84c-b4af8015af39.roa (raw, json)
Hash identifier: og2XjqFAhyxbl0Em6TjrwckTTFg5hQkVGOsjEMlb4Lo=
Subject key identifier: F3:C8:77:62:31:3B:9B:E6:E6:42:CA:D1:2E:7D:96:13:18:AA:36:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B3E2A53C009B025410428C2EB446F1837B0DF08
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
Signing time: Mon 16 Jun 2025 21:41:02 +0000
ROA not before: Mon 16 Jun 2025 21:41:02 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d029::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:3e:2a:53:c0:09:b0:25:41:04:28:c2:eb:44:6f:18:37:b0:df:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:41:02 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=a8a9acb82d02f86e73a8f20e7a846ca2e88199594f930efbd693e8344af0e9a2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:eb:8e:12:a3:5b:16:b7:1b:ae:e6:e0:a8:32:
13:0d:22:8d:ce:39:6b:8b:98:53:08:85:3a:db:e5:
29:85:93:93:ef:ea:86:2f:80:41:6c:d6:17:f9:2c:
8f:c7:33:59:d4:44:e1:fc:59:f1:39:c9:34:21:ec:
bd:d3:40:83:27:62:08:a1:81:3f:14:0f:09:e4:a8:
92:0e:7f:6a:ca:2d:66:76:66:1e:7d:7b:52:47:07:
32:53:2a:b2:0c:06:5b:ec:35:34:f8:21:78:38:b2:
cb:58:a5:74:03:86:19:ba:aa:b8:59:77:c6:22:e6:
07:15:07:df:18:4c:33:51:ef:c6:67:5d:37:e3:d3:
5c:c3:65:84:a3:e9:f6:2e:fa:9f:c1:9a:de:bd:4b:
8a:d5:fc:52:9a:6f:ea:35:57:8e:36:7f:9f:53:01:
4c:24:c9:38:6a:da:4a:15:d5:c2:51:01:46:1e:52:
91:84:d4:e6:8f:c9:53:73:fd:0a:5a:1e:8e:6c:bf:
8f:07:11:0a:93:9c:75:37:74:cd:46:b6:fe:2e:5c:
f3:25:93:5c:74:cb:08:6d:ae:2f:55:9b:57:d5:17:
72:54:ff:b6:29:9f:2c:38:3f:f7:03:60:b7:28:3c:
5d:27:fb:c2:37:37:39:12:a0:95:84:eb:6b:aa:fa:
d8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:C8:77:62:31:3B:9B:E6:E6:42:CA:D1:2E:7D:96:13:18:AA:36:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d029::/36
Signature Algorithm: sha256WithRSAEncryption
4c:42:49:83:06:4e:22:08:b5:4b:c0:0b:5b:0f:cb:bc:0b:3b:
7f:56:13:11:1f:31:bd:43:30:25:4a:47:27:be:1f:3c:15:38:
0a:f0:3d:6e:a0:51:c4:7c:c6:d3:c1:a6:75:8e:cf:a1:54:2c:
89:5d:e7:d4:4e:b0:ac:75:61:25:4c:bb:45:1a:bb:6e:5f:37:
1b:15:84:08:07:4d:9e:87:2e:29:67:35:1d:ce:da:2d:da:48:
1b:25:de:67:c4:74:fc:aa:66:7f:c2:1a:fe:3a:24:51:eb:52:
4b:12:e5:ce:ed:f8:80:0f:64:a1:17:96:04:ed:fc:d3:c4:29:
3d:18:8a:a9:d5:25:a7:92:c3:a8:62:c9:63:17:0c:5e:e0:da:
09:d5:e0:64:4d:18:b4:51:a1:ff:80:f6:d8:b3:b6:bb:2c:60:
38:9b:6f:e5:38:c8:08:6f:f9:bd:30:a3:54:c4:96:d7:f7:f3:
9c:f5:7d:71:f4:3f:62:38:ad:6b:ee:69:6b:c6:c8:6e:a2:c8:
4c:d8:39:09:bf:c9:3b:f0:b9:9f:e7:4a:c4:d7:ea:8c:2b:95:
1e:2a:03:54:01:99:46:89:72:ee:e9:c2:3b:fc:d4:a3:9b:7a:
f8:1d:5e:aa:c3:2a:70:cc:24:dd:6a:ca:45:8a:fb:6c:a8:7a:
15:a1:78:0b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSz4qU8AJsCVBBCjC60RvGDew3wgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQxMDJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4YTlhY2I4MmQwMmY4NmU3M2E4ZjIwZTdhODQ2Y2EyZTg4MTk5NTk0Zjkz
MGVmYmQ2OTNlODM0NGFmMGU5YTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvrjhKjWxa3G67m4KgyEw0ijc45a4uYUwiFOtvlKYWTk+/qhi+AQWzWF/ks
j8czWdRE4fxZ8TnJNCHsvdNAgydiCKGBPxQPCeSokg5/asotZnZmHn17UkcHMlMq
sgwGW+w1NPgheDiyy1ildAOGGbqquFl3xiLmBxUH3xhMM1HvxmddN+PTXMNlhKPp
9i76n8Ga3r1LitX8Uppv6jVXjjZ/n1MBTCTJOGraShXVwlEBRh5SkYTU5o/JU3P9
Cloejmy/jwcRCpOcdTd0zUa2/i5c8yWTXHTLCG2uL1WbV9UXclT/timfLDg/9wNg
tyg8XSf7wjc3ORKglYTra6r62A0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTzyHdi
MTub5uZCytEufZYTGKo2KzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4MDM3YzUtNzBhNi00YjQ1LWI4NGMtYjRhZjgwMTVhZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CkA
MA0GCSqGSIb3DQEBCwUAA4IBAQBMQkmDBk4iCLVLwAtbD8u8Czt/VhMRHzG9QzAl
Skcnvh88FTgK8D1uoFHEfMbTwaZ1js+hVCyJXefUTrCsdWElTLtFGrtuXzcbFYQI
B02ehy4pZzUdztot2kgbJd5nxHT8qmZ/whr+OiRR61JLEuXO7fiAD2ShF5YE7fzT
xCk9GIqp1SWnksOoYsljFwxe4NoJ1eBkTRi0UaH/gPbYs7a7LGA4m2/lOMgIb/m9
MKNUxJbX9/Oc9X1x9D9iOK1r7mlrxshuoshM2DkJv8k78Lmf50rE1+qMK5UeKgNU
AZlGiXLu6cI7/NSjm3r4HV6qwypwzCTdaspFivtsqHoVoXgL
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:23:25 2025 by rpki-client