Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7381c075-d96b-43bf-8a89-25dbab9a1a8d.roa
File: 7381c075-d96b-43bf-8a89-25dbab9a1a8d.roa (raw, json)
Hash identifier: 1UNKXMb/U/1ED0Gza+QXtzwMZClhLQ9CO+cwq4I4oiE=
Subject key identifier: 68:EB:21:D1:A4:20:02:9D:C2:46:6E:A8:83:4B:0B:3F:E9:5A:ED:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F9C0508E15B7EAC79930952A8BA25C155665503
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7381c075-d96b-43bf-8a89-25dbab9a1a8d.roa
Signing time: Fri 20 Jun 2025 00:10:39 +0000
ROA not before: Fri 20 Jun 2025 00:10:39 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:9c:05:08:e1:5b:7e:ac:79:93:09:52:a8:ba:25:c1:55:66:55:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 20 00:10:39 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=b4adc17daa81fa38cb4f799e756517c96ad63bd16f07859c566c3f26f9f8a09c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e5:5b:f6:0d:62:2d:2e:cd:3e:bf:b9:31:0a:
22:32:2a:9d:38:05:36:c4:9a:8c:17:45:72:35:a7:
e1:4f:44:c4:12:54:fe:f3:fc:e3:69:f8:4e:4d:fb:
92:e9:15:f3:61:ae:c1:93:bd:ea:58:4e:9e:e2:9b:
6d:37:e2:a3:4b:a9:6d:03:2d:30:8c:40:4a:72:63:
3b:38:ff:46:a2:e3:b6:6d:16:c2:47:bb:cb:fa:df:
78:0a:0d:ef:4d:7a:2f:5e:68:d3:af:41:60:be:fb:
06:4f:38:0a:75:1a:7c:a4:53:69:f0:10:5c:5c:b7:
e0:4d:69:04:78:25:bd:b1:3c:4f:ad:be:b8:b0:ec:
e7:04:60:66:45:41:f2:b3:7a:ff:ef:e2:83:ac:c0:
06:e8:86:93:7c:cc:cf:56:ab:ec:95:07:00:96:bd:
c1:b1:17:62:23:2e:12:bf:62:30:87:f3:d5:d9:41:
24:48:f6:02:55:08:e7:ba:cc:d9:c0:ce:71:3e:57:
7e:bd:15:9b:05:e8:05:40:02:44:fe:aa:b6:86:dc:
61:11:c6:92:fd:fa:90:c9:a7:0c:97:f1:76:d4:a6:
c4:85:0e:01:ac:86:bb:c6:03:60:5c:9f:f1:0a:96:
e1:e1:f1:73:03:84:18:5c:64:2b:30:33:42:7d:a1:
9f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EB:21:D1:A4:20:02:9D:C2:46:6E:A8:83:4B:0B:3F:E9:5A:ED:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7381c075-d96b-43bf-8a89-25dbab9a1a8d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010::/28
Signature Algorithm: sha256WithRSAEncryption
36:31:47:31:03:dd:6c:79:fd:da:1b:0d:60:38:ab:1b:e9:3c:
35:29:77:a3:86:e5:6d:71:70:0f:65:1b:90:3a:53:47:ea:33:
6b:f0:b9:ad:b1:7f:0d:3a:d8:c6:0f:c1:3c:86:55:46:b6:8e:
50:b1:0f:8c:39:6c:7f:b9:65:b9:83:c9:a7:53:dc:f4:68:66:
54:0a:5f:86:1f:b3:e6:77:a6:06:af:5a:f9:67:57:eb:e3:96:
e5:c9:fc:c2:95:f2:2a:e8:25:07:72:fa:9b:78:7e:f3:38:fc:
c3:68:cf:8e:74:a5:f3:b6:e0:de:e2:f4:6c:7a:12:44:4e:81:
1e:ae:88:44:b6:8b:52:39:ed:f6:b4:ee:4f:67:e8:d6:e5:17:
fc:a6:dd:d4:6e:85:7d:2f:03:48:93:9a:62:b4:95:09:25:1a:
e0:08:77:2b:d7:df:c6:45:6a:85:90:ee:f8:fe:ce:f0:76:05:
2d:64:b8:bd:04:fd:14:92:1e:34:24:54:44:30:7b:16:01:17:
03:d8:04:89:2f:80:57:28:49:be:eb:63:e5:b1:d5:93:64:95:
7c:35:10:03:83:c7:d8:6d:63:70:33:5c:66:a4:74:09:cb:6b:
42:01:e6:03:e3:78:df:2b:85:de:30:7a:df:b2:5f:1b:9f:cf:
1e:4d:11:67
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUH5wFCOFbfqx5kwlSqLolwVVmVQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjAwMDEwMzlaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0YWRjMTdkYWE4MWZhMzhjYjRmNzk5ZTc1NjUxN2M5NmFkNjNiZDE2ZjA3
ODU5YzU2NmMzZjI2ZjlmOGEwOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnlW/YNYi0uzT6/uTEKIjIqnTgFNsSajBdFcjWn4U9ExBJU/vP842n4Tk37
kukV82GuwZO96lhOnuKbbTfio0upbQMtMIxASnJjOzj/RqLjtm0Wwke7y/rfeAoN
7016L15o069BYL77Bk84CnUafKRTafAQXFy34E1pBHglvbE8T62+uLDs5wRgZkVB
8rN6/+/ig6zABuiGk3zMz1ar7JUHAJa9wbEXYiMuEr9iMIfz1dlBJEj2AlUI57rM
2cDOcT5Xfr0VmwXoBUACRP6qtobcYRHGkv36kMmnDJfxdtSmxIUOAayGu8YDYFyf
8QqW4eHxcwOEGFxkKzAzQn2hn30CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRo6yHR
pCACncJGbqiDSws/6Vrt9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM4MWMwNzUtZDk2Yi00M2JmLThhODktMjVkYmFiOWExYThkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBCoF0BAw
DQYJKoZIhvcNAQELBQADggEBADYxRzED3Wx5/dobDWA4qxvpPDUpd6OG5W1xcA9l
G5A6U0fqM2vwua2xfw062MYPwTyGVUa2jlCxD4w5bH+5ZbmDyadT3PRoZlQKX4Yf
s+Z3pgavWvlnV+vjluXJ/MKV8iroJQdy+pt4fvM4/MNoz450pfO24N7i9Gx6EkRO
gR6uiES2i1I57fa07k9n6NblF/ym3dRuhX0vA0iTmmK0lQklGuAIdyvX38ZFaoWQ
7vj+zvB2BS1kuL0E/RSSHjQkVEQwexYBFwPYBIkvgFcoSb7rY+Wx1ZNklXw1EAOD
x9htY3AzXGakdAnLa0IB5gPjeN8rhd4wet+yXxufzx5NEWc=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:37 2025 by rpki-client