Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
File: 57b964c4-07ca-4501-bd01-5cb8936846cc.roa (raw, json)
Hash identifier: Xs4wCisc5x5oRJwU3A37dRsbaBIl6BxY28hque4fiDc=
Subject key identifier: 8E:E6:E4:E9:9C:D8:35:EF:D7:90:21:C0:8D:2E:BC:26:EA:0A:22:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D610324806E6311BDE21CC33535F657178D37DD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
Signing time: Tue 17 Jun 2025 00:41:19 +0000
ROA not before: Tue 17 Jun 2025 00:41:19 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:61:03:24:80:6e:63:11:bd:e2:1c:c3:35:35:f6:57:17:8d:37:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:41:19 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=543343fd56425caa4359af7eafe7799a1a963fb54b433604b862c949eed3bcca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:80:97:e0:03:93:9e:3d:85:8c:18:46:02:71:
05:f7:82:77:28:b2:4a:dd:73:e7:9d:dd:ef:3f:08:
d5:7a:b5:a3:3e:6b:ba:52:1a:34:81:13:97:78:92:
53:5e:a1:8b:de:48:34:98:ee:4e:25:a6:a2:c3:e3:
fe:18:b5:da:5b:35:2a:03:02:b8:3c:18:c0:94:c8:
54:90:da:82:26:1d:9c:10:6c:93:cd:a4:ba:78:9c:
93:e7:2c:6b:69:7b:15:93:fa:1d:2f:fd:08:3a:56:
c3:1a:8a:ca:f8:85:c2:3d:c6:ea:a4:73:33:e4:cc:
c4:91:74:9b:62:06:50:d2:91:95:d8:59:08:be:15:
60:3b:68:3a:28:c9:05:a6:bb:ae:31:05:f3:3f:ef:
4a:d9:ea:62:4c:40:91:05:e0:b2:76:83:0e:b5:07:
54:20:5d:ae:18:82:68:45:c1:f8:d6:58:83:2c:ac:
40:8d:48:28:7c:b1:3e:af:05:76:b5:48:5d:0e:a3:
39:d9:e9:d0:df:4a:c7:5f:38:75:f8:6d:1f:f0:37:
f5:4e:3e:a8:83:2a:e2:cd:fa:8e:ea:28:2d:1d:ec:
41:99:3c:c8:e6:1b:bf:3a:23:9f:46:f0:de:72:e6:
56:4b:be:fa:a8:6f:95:21:d5:b2:2e:8f:fc:d4:70:
ed:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:E6:E4:E9:9C:D8:35:EF:D7:90:21:C0:8D:2E:BC:26:EA:0A:22:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
17:44:fc:84:48:46:57:04:bf:d1:99:fe:62:74:49:7b:9a:77:
4c:e5:fe:15:20:12:f4:3c:3f:34:6c:95:d9:f8:ec:ff:52:58:
68:a8:a7:e4:ea:d2:8c:f5:f0:f9:ef:db:b7:da:5f:3c:f4:86:
86:5d:76:88:11:34:e0:09:84:dc:66:3e:8b:47:37:82:a6:cc:
45:b1:49:97:04:5b:3b:59:77:cf:71:be:96:22:7e:40:70:45:
9c:56:d3:ad:72:fa:10:f1:59:bc:ac:cb:77:3c:86:76:7d:61:
fb:6c:11:93:83:86:28:d1:0f:ac:d7:87:59:00:06:aa:06:56:
63:66:ff:dc:b4:90:38:d8:ca:7c:f4:cb:59:8b:1c:35:44:fd:
c8:c0:33:9a:74:3a:5e:15:df:55:67:c3:71:5b:87:c4:32:63:
16:74:d0:7c:52:00:a9:89:97:f8:51:0f:f2:65:c8:5e:0e:82:
1c:42:c5:a7:f1:09:53:e9:99:84:d8:96:36:70:53:f8:a7:65:
dd:c1:9a:45:fa:3f:92:9a:33:01:ab:1e:61:c3:5a:41:7d:fd:
6e:69:3f:3f:95:af:50:88:d4:71:6d:49:b0:43:77:31:2c:94:
56:f7:40:b9:fb:f8:78:2f:3a:b7:21:1d:26:17:94:c9:c9:b1:
b8:a6:18:f3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULWEDJIBuYxG94hzDNTX2VxeNN90wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQxMTlaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0MzM0M2ZkNTY0MjVjYWE0MzU5YWY3ZWFmZTc3OTlhMWE5NjNmYjU0YjQz
MzYwNGI4NjJjOTQ5ZWVkM2JjY2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeAl+ADk549hYwYRgJxBfeCdyiySt1z553d7z8I1Xq1oz5rulIaNIETl3iS
U16hi95INJjuTiWmosPj/hi12ls1KgMCuDwYwJTIVJDagiYdnBBsk82kunick+cs
a2l7FZP6HS/9CDpWwxqKyviFwj3G6qRzM+TMxJF0m2IGUNKRldhZCL4VYDtoOijJ
Baa7rjEF8z/vStnqYkxAkQXgsnaDDrUHVCBdrhiCaEXB+NZYgyysQI1IKHyxPq8F
drVIXQ6jOdnp0N9Kx184dfhtH/A39U4+qIMq4s36juooLR3sQZk8yOYbvzojn0bw
3nLmVku++qhvlSHVsi6P/NRw7QsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSO5uTp
nNg179eQIcCNLrwm6goi9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTdiOTY0YzQtMDdjYS00NTAxLWJkMDEtNWNiODkzNjg0NmNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+w
MA0GCSqGSIb3DQEBCwUAA4IBAQAXRPyESEZXBL/Rmf5idEl7mndM5f4VIBL0PD80
bJXZ+Oz/UlhoqKfk6tKM9fD579u32l889IaGXXaIETTgCYTcZj6LRzeCpsxFsUmX
BFs7WXfPcb6WIn5AcEWcVtOtcvoQ8Vm8rMt3PIZ2fWH7bBGTg4Yo0Q+s14dZAAaq
BlZjZv/ctJA42Mp89MtZixw1RP3IwDOadDpeFd9VZ8NxW4fEMmMWdNB8UgCpiZf4
UQ/yZcheDoIcQsWn8QlT6ZmE2JY2cFP4p2XdwZpF+j+SmjMBqx5hw1pBff1uaT8/
la9QiNRxbUmwQ3cxLJRW90C5+/h4Lzq3IR0mF5TJybG4phjz
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:59:42 2025 by rpki-client