Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
File: 6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa (raw, json)
Hash identifier: HuxWZSV+Pg9ZXzojTdM30xIetEWrjSsbrzvAbwppjJM=
Subject key identifier: 56:F4:58:E3:B8:48:17:D1:F5:30:7B:50:D0:7C:7D:01:C3:A4:1E:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7156C782CD2939A4A70BAA727A8EE16112E7EC1C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
Signing time: Mon 16 Jun 2025 20:00:51 +0000
ROA not before: Mon 16 Jun 2025 20:00:51 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:56:c7:82:cd:29:39:a4:a7:0b:aa:72:7a:8e:e1:61:12:e7:ec:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:51 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=008b9576a17b28e6049f22ced8c4145a5d79fd9000a080da6bea2ffbdf3af2b3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:6a:fd:79:41:9f:ad:4f:91:e3:3f:71:b1:a5:
3b:e6:15:2c:94:85:2b:3a:21:25:fd:db:76:8e:c6:
3e:4f:97:2e:4f:0b:bf:a2:7e:6e:91:b8:c0:fc:ea:
72:e3:aa:90:d5:d1:90:98:d6:f4:ec:d1:06:48:12:
51:aa:37:63:4a:41:59:1c:06:c8:a3:a8:e3:99:5a:
6b:2d:b2:b1:79:0a:14:90:be:91:6e:fd:ba:2a:16:
d6:e9:22:e2:13:2f:34:68:77:ee:aa:f7:98:70:62:
7b:18:34:30:72:2b:5d:ce:77:dc:1a:6c:1c:4e:a4:
1a:0a:fd:85:be:13:1c:00:7f:fb:b6:fa:a0:d5:75:
cd:0c:bb:69:0c:a2:d0:47:14:b3:05:41:f9:6b:21:
ad:7f:a8:82:f1:b3:63:b6:01:d8:7b:fb:c2:46:bb:
3c:8e:9a:ce:82:10:76:0d:ad:1a:35:88:7b:01:53:
b3:bc:fd:8e:c9:60:6f:5f:81:0a:b3:95:a6:a5:45:
58:c5:35:e9:b7:cc:3c:15:37:22:fe:35:bd:f0:9c:
86:6b:cb:0f:4e:dd:c0:04:96:f8:c9:47:1e:2e:e9:
56:07:b8:3e:ec:1f:c7:51:11:1c:57:46:02:47:57:
7a:c0:2c:aa:4c:95:60:b5:d1:5b:ac:3e:12:99:e3:
10:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:F4:58:E3:B8:48:17:D1:F5:30:7B:50:D0:7C:7D:01:C3:A4:1E:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2080::/48
Signature Algorithm: sha256WithRSAEncryption
9d:03:78:4f:4d:39:f4:b5:d1:ec:c3:ef:01:32:27:a3:71:19:
8c:a2:c1:48:5c:6f:d0:e7:88:db:39:1d:2c:ba:9b:43:44:0c:
d7:8e:8c:41:48:5d:d6:5b:18:0b:90:9a:78:b3:02:3e:c3:02:
86:24:7d:5c:86:5c:c6:04:9d:a2:d1:e3:54:94:7c:cf:fc:22:
7c:86:3f:93:b3:ff:0c:f6:7e:01:c2:02:ae:36:a1:91:fc:b1:
ba:12:98:5e:29:2c:09:ce:ff:21:29:5c:e5:53:3b:67:f9:a1:
1a:21:68:da:f3:6f:23:89:c8:4f:65:35:5f:4c:32:b6:86:8f:
bf:58:5e:cf:31:11:aa:fc:85:06:6c:a8:c5:b4:9f:f9:ff:be:
30:10:8c:0f:86:64:9f:d7:f6:bf:e2:df:3e:1e:9d:57:e4:c2:
ef:e3:2f:3f:ac:5d:dd:2e:83:33:30:73:30:fd:25:ec:06:dc:
46:8d:46:59:89:08:23:21:5c:c8:11:98:09:16:c6:8d:b2:ba:
91:04:e8:0f:f4:9a:cb:07:b6:f4:c9:82:51:46:49:fd:3a:1a:
04:aa:26:6f:36:8a:0d:76:ea:48:7d:98:a2:b9:2c:e1:d2:a6:
78:a9:da:23:5a:c3:4d:7b:74:f7:b6:5e:ad:e4:27:b2:23:a9:
2e:a9:98:d1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcVbHgs0pOaSnC6pyeo7hYRLn7BwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwNTFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwOGI5NTc2YTE3YjI4ZTYwNDlmMjJjZWQ4YzQxNDVhNWQ3OWZkOTAwMGEw
ODBkYTZiZWEyZmZiZGYzYWYyYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOdq/XlBn61PkeM/cbGlO+YVLJSFKzohJf3bdo7GPk+XLk8Lv6J+bpG4wPzq
cuOqkNXRkJjW9OzRBkgSUao3Y0pBWRwGyKOo45laay2ysXkKFJC+kW79uioW1uki
4hMvNGh37qr3mHBiexg0MHIrXc533BpsHE6kGgr9hb4THAB/+7b6oNV1zQy7aQyi
0EcUswVB+WshrX+ogvGzY7YB2Hv7wka7PI6azoIQdg2tGjWIewFTs7z9jslgb1+B
CrOVpqVFWMU16bfMPBU3Iv41vfCchmvLD07dwASW+MlHHi7pVge4Puwfx1ERHFdG
AkdXesAsqkyVYLXRW6w+EpnjEBMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRW9Fjj
uEgX0fUwe1DQfH0Bw6QexjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmI0ZjViMDYtZWJkOS00NjczLThkYjEtOGU3MmRmOTljOTk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
gDANBgkqhkiG9w0BAQsFAAOCAQEAnQN4T0059LXR7MPvATIno3EZjKLBSFxv0OeI
2zkdLLqbQ0QM146MQUhd1lsYC5CaeLMCPsMChiR9XIZcxgSdotHjVJR8z/wifIY/
k7P/DPZ+AcICrjahkfyxuhKYXiksCc7/ISlc5VM7Z/mhGiFo2vNvI4nIT2U1X0wy
toaPv1hezzERqvyFBmyoxbSf+f++MBCMD4Zkn9f2v+LfPh6dV+TC7+MvP6xd3S6D
MzBzMP0l7AbcRo1GWYkIIyFcyBGYCRbGjbK6kQToD/Saywe29MmCUUZJ/ToaBKom
bzaKDXbqSH2Yorks4dKmeKnaI1rDTXt097ZereQnsiOpLqmY0Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:54:02 2025 by rpki-client