Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
File: 595250c3-e9f2-4e23-9779-87c47497f520.roa (raw, json)
Hash identifier: SX4F7RtNNpqzKvMzc/nkOLlB/FJzOW6NgCo9srNVPhg=
Subject key identifier: 0D:C7:40:D8:67:4F:E9:86:DE:F6:0C:FC:77:BB:C3:ED:34:64:03:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 09E1827D54539AADEA9BC6CF2F0F2220201F73C0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
Signing time: Mon 16 Jun 2025 21:11:23 +0000
ROA not before: Mon 16 Jun 2025 21:11:23 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:e1:82:7d:54:53:9a:ad:ea:9b:c6:cf:2f:0f:22:20:20:1f:73:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:11:23 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=4aeb63d78fa8ccc392658592b3557c6449ab7ca491efbfd2ad10d59b4bfe67e3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:06:1f:c4:1c:36:08:ca:cd:4d:f7:0f:6d:1c:
54:2c:a6:4f:02:ac:68:a5:c2:7c:30:9b:c5:a3:c2:
ca:a2:89:e2:75:fe:1a:7e:8f:ef:75:51:0f:5b:4b:
5b:a5:ba:a4:30:48:62:ae:13:f4:ab:da:69:85:73:
a3:5f:98:e3:27:f4:e8:62:85:1d:c6:28:22:ad:8d:
6d:00:6f:78:17:ef:8a:ce:b0:09:e5:6f:29:86:4d:
76:59:2a:53:2e:d8:08:ef:af:22:2d:9c:f6:d5:27:
86:5f:96:6c:86:e4:20:26:ce:ac:05:07:38:73:af:
3e:bd:6e:c9:8c:2a:f0:ae:64:b5:55:80:76:93:b4:
ac:ad:6a:3a:29:8f:d9:c6:54:6d:03:7a:65:aa:4c:
8a:d7:9c:6b:39:cf:20:72:dc:09:62:63:ea:52:a2:
f4:24:2b:fd:c6:c4:67:48:01:45:00:e0:6c:86:80:
87:5c:db:00:e6:e1:b4:c3:31:c0:2a:15:0d:24:8c:
ac:be:05:b2:03:27:88:c2:3a:29:23:cf:9d:4b:a8:
04:ad:df:3d:e4:19:e1:71:44:a0:ae:34:97:e0:37:
86:cb:5b:af:3c:1f:54:b4:ce:39:a1:97:cc:1f:70:
98:66:cb:6c:a5:25:48:f9:5a:87:7a:68:5a:4e:89:
26:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:C7:40:D8:67:4F:E9:86:DE:F6:0C:FC:77:BB:C3:ED:34:64:03:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:5000::/40
Signature Algorithm: sha256WithRSAEncryption
73:91:5f:13:32:92:cb:8e:0c:d1:f3:8b:7e:c8:e3:97:5f:d9:
9a:f4:07:09:a9:39:e5:b1:df:04:99:89:d0:63:42:01:16:9c:
2c:2c:a5:00:eb:18:e3:00:f0:e1:91:1f:f2:91:38:8e:0a:ec:
ff:a4:25:55:64:d4:82:19:21:be:94:15:a1:0e:64:85:8f:da:
48:cb:d7:51:d6:b5:92:72:cd:b1:66:ac:a5:d1:cb:ff:01:af:
6c:6d:d4:a6:5b:ec:cd:a9:91:e1:e0:43:7c:9a:ab:a5:16:77:
0d:a1:a0:d0:99:b1:6c:f5:85:10:51:d1:eb:12:83:57:f4:0d:
4f:99:78:dd:3d:e2:54:2c:89:69:b8:5e:d1:43:47:5d:cc:73:
df:90:9b:bf:e8:9c:bf:ca:a4:aa:b2:45:64:3a:52:8b:60:98:
72:d1:3d:79:cd:31:46:cb:56:ec:ad:85:75:12:f5:48:1a:4c:
6d:6a:59:8a:d6:b0:7c:b6:46:b5:5f:9f:e4:4d:f6:0e:3b:cb:
c2:05:30:89:5c:d7:1c:bf:ac:16:e8:24:78:8d:38:eb:df:c8:
c9:02:38:49:92:cc:a1:ed:74:cb:48:08:81:b0:59:31:d7:a9:
35:89:bb:a5:52:68:2d:ef:25:68:3a:a9:b6:49:9d:d9:f7:61:
3b:0d:ba:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCeGCfVRTmq3qm8bPLw8iICAfc8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTExMjNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhZWI2M2Q3OGZhOGNjYzM5MjY1ODU5MmIzNTU3YzY0NDlhYjdjYTQ5MWVm
YmZkMmFkMTBkNTliNGJmZTY3ZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQGH8QcNgjKzU33D20cVCymTwKsaKXCfDCbxaPCyqKJ4nX+Gn6P73VRD1tL
W6W6pDBIYq4T9KvaaYVzo1+Y4yf06GKFHcYoIq2NbQBveBfvis6wCeVvKYZNdlkq
Uy7YCO+vIi2c9tUnhl+WbIbkICbOrAUHOHOvPr1uyYwq8K5ktVWAdpO0rK1qOimP
2cZUbQN6ZapMitecaznPIHLcCWJj6lKi9CQr/cbEZ0gBRQDgbIaAh1zbAObhtMMx
wCoVDSSMrL4FsgMniMI6KSPPnUuoBK3fPeQZ4XFEoK40l+A3hstbrzwfVLTOOaGX
zB9wmGbLbKUlSPlah3poWk6JJhcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQNx0DY
Z0/pht72DPx3u8PtNGQDIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTk1MjUwYzMtZTlmMi00ZTIzLTk3NzktODdjNDc0OTdmNTIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBzkV8TMpLLjgzR84t+yOOXX9ma9AcJqTnlsd8E
mYnQY0IBFpwsLKUA6xjjAPDhkR/ykTiOCuz/pCVVZNSCGSG+lBWhDmSFj9pIy9dR
1rWScs2xZqyl0cv/Aa9sbdSmW+zNqZHh4EN8mqulFncNoaDQmbFs9YUQUdHrEoNX
9A1PmXjdPeJULIlpuF7RQ0ddzHPfkJu/6Jy/yqSqskVkOlKLYJhy0T15zTFGy1bs
rYV1EvVIGkxtalmK1rB8tka1X5/kTfYOO8vCBTCJXNccv6wW6CR4jTjr38jJAjhJ
ksyh7XTLSAiBsFkx16k1ibulUmgt7yVoOqm2SZ3Z92E7Dbqc
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:56:48 2025 by rpki-client