Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ec34216-a73a-4f02-b92a-08993431272e.roa
File: 6ec34216-a73a-4f02-b92a-08993431272e.roa (raw, json)
Hash identifier: U/luoL893eGf50pszPhv5/JnsDQyMECJmekF4M8ncRU=
Subject key identifier: E5:82:14:7B:C7:B9:94:EB:F6:86:36:73:AF:3C:12:B0:2B:BA:0B:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35997CA44F040EF34872E543F4CECC13BE4DE7A9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ec34216-a73a-4f02-b92a-08993431272e.roa
Signing time: Mon 16 Jun 2025 20:40:13 +0000
ROA not before: Mon 16 Jun 2025 20:40:13 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:e080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:99:7c:a4:4f:04:0e:f3:48:72:e5:43:f4:ce:cc:13:be:4d:e7:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:40:13 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=38ab761a0f4bef22861f67485919db64d0bb99bc46a066454fa1c57ad5961539, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c2:a5:6d:9f:e3:2c:df:bf:6a:0b:3c:ab:a3:
da:9d:97:d6:2c:e5:fd:f6:89:e5:4f:0c:58:8e:ae:
87:ae:03:d2:08:49:2f:a8:ab:86:38:c4:1f:73:15:
e9:4b:20:66:7c:9a:b6:50:7a:ba:1a:0e:ab:a7:f7:
f5:4d:27:53:f7:85:24:9d:98:da:58:d9:f4:a7:25:
c4:59:5f:56:aa:01:a2:4c:61:a6:82:8f:64:46:de:
81:95:73:98:bd:ec:ac:23:91:06:ae:5e:2e:96:bd:
78:98:be:a3:64:20:40:cf:68:3d:31:3c:3c:f5:b4:
4f:64:2c:67:8a:56:6d:62:bc:4e:8b:10:b0:b9:60:
12:52:48:c5:68:98:2f:4c:cc:4a:e6:d7:57:78:a9:
f5:ef:1b:5b:a6:b2:df:ec:6c:dd:8f:7c:3f:1d:34:
e9:80:36:b6:fd:c7:c5:de:4c:fb:27:f2:ac:1b:e2:
4f:91:d0:f0:7e:86:47:3c:4d:b8:54:f9:06:d3:25:
42:20:f3:16:20:ed:49:2e:57:b9:b7:a8:79:0f:e9:
4e:78:14:ea:d9:73:ba:1e:25:17:1c:77:8f:20:b8:
cd:e2:6e:59:72:ba:ac:b2:21:6a:0a:68:33:3b:2d:
a6:24:53:0e:75:fa:6e:1e:c4:f7:8d:bc:75:06:70:
3f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:82:14:7B:C7:B9:94:EB:F6:86:36:73:AF:3C:12:B0:2B:BA:0B:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ec34216-a73a-4f02-b92a-08993431272e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:e080::/46
Signature Algorithm: sha256WithRSAEncryption
35:41:3b:77:1f:2e:3b:ee:92:14:f2:2f:d3:b0:04:7d:dc:4e:
a2:1e:77:3f:f9:87:55:c1:ad:5a:f9:47:88:fd:cf:f1:a5:5e:
01:8d:75:20:4b:45:32:04:7a:70:a1:d5:e1:e9:9c:c5:6f:45:
8b:53:b7:4f:5e:0b:0a:ad:16:58:55:2a:c1:ac:12:2a:49:48:
1c:8b:ab:32:7e:eb:96:e5:a0:6f:24:ef:2a:37:63:8f:99:d4:
3a:17:79:01:b2:fd:a0:87:48:2d:4d:76:3b:4e:2e:74:5e:da:
30:70:27:36:1a:54:c0:ca:9c:a5:68:f7:b3:a9:a1:c8:5a:b0:
7d:15:b7:83:5c:a0:63:12:3e:33:9f:88:13:5e:5d:22:01:03:
07:70:5a:d1:4f:fd:74:89:b1:23:7e:00:f1:d8:47:a0:4a:56:
4b:d0:41:d5:8a:7a:b1:87:75:59:80:bb:69:75:20:1e:8e:b1:
2b:c7:3b:b6:fc:4c:1a:82:3a:64:60:31:b4:bf:2b:bf:fb:e2:
2a:88:89:b0:14:67:a7:7a:4e:87:f4:3f:82:e1:be:f8:0e:af:
a1:62:d3:dd:23:64:22:ff:52:98:13:8c:2a:e2:dd:1e:63:96:
60:2e:9e:62:c2:0b:9c:91:63:8f:c3:1a:54:3d:65:dc:e3:3c:
79:64:85:d3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNZl8pE8EDvNIcuVD9M7ME75N56kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDQwMTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4YWI3NjFhMGY0YmVmMjI4NjFmNjc0ODU5MTlkYjY0ZDBiYjk5YmM0NmEw
NjY0NTRmYTFjNTdhZDU5NjE1MzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMnCpW2f4yzfv2oLPKuj2p2X1izl/faJ5U8MWI6uh64D0ghJL6irhjjEH3MV
6UsgZnyatlB6uhoOq6f39U0nU/eFJJ2Y2ljZ9KclxFlfVqoBokxhpoKPZEbegZVz
mL3srCORBq5eLpa9eJi+o2QgQM9oPTE8PPW0T2QsZ4pWbWK8TosQsLlgElJIxWiY
L0zMSubXV3ip9e8bW6ay3+xs3Y98Px006YA2tv3Hxd5M+yfyrBviT5HQ8H6GRzxN
uFT5BtMlQiDzFiDtSS5XubeoeQ/pTngU6tlzuh4lFxx3jyC4zeJuWXK6rLIhagpo
MzstpiRTDnX6bh7E9428dQZwP00CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTlghR7
x7mU6/aGNnOvPBKwK7oLHDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmVjMzQyMTYtYTczYS00ZjAyLWI5MmEtMDg5OTM0MzEyNzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hvg
gDANBgkqhkiG9w0BAQsFAAOCAQEANUE7dx8uO+6SFPIv07AEfdxOoh53P/mHVcGt
WvlHiP3P8aVeAY11IEtFMgR6cKHV4emcxW9Fi1O3T14LCq0WWFUqwawSKklIHIur
Mn7rluWgbyTvKjdjj5nUOhd5AbL9oIdILU12O04udF7aMHAnNhpUwMqcpWj3s6mh
yFqwfRW3g1ygYxI+M5+IE15dIgEDB3Ba0U/9dImxI34A8dhHoEpWS9BB1Yp6sYd1
WYC7aXUgHo6xK8c7tvxMGoI6ZGAxtL8rv/viKoiJsBRnp3pOh/Q/guG++A6voWLT
3SNkIv9SmBOMKuLdHmOWYC6eYsILnJFjj8MaVD1l3OM8eWSF0w==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:56:53 2025 by rpki-client