Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa
File: 7af2d4a0-df22-4933-b605-1ecbbd66f982.roa (raw, json)
Hash identifier: 2G5vCMlFR/vobE7fdPlVal583hpILmlwW3e+LlGrrz0=
Subject key identifier: DD:70:A0:CD:9B:60:CE:D0:18:E2:66:6F:10:C1:53:80:56:C1:77:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 472C3B2B611A21767FAB0080CE6E3FCB755C1D1E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa
Signing time: Mon 16 Jun 2025 21:31:06 +0000
ROA not before: Mon 16 Jun 2025 21:31:06 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:2c:3b:2b:61:1a:21:76:7f:ab:00:80:ce:6e:3f:cb:75:5c:1d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:06 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=1d2a3dda785762b15ef223573e086ef48ad0e877800f70929347d9ee07fdb233, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:97:20:1c:74:fb:a0:16:e6:93:51:f1:f8:6c:
83:98:2a:08:52:b8:91:67:fd:df:52:39:38:59:dd:
3a:d4:3f:68:91:9d:b0:6e:b0:17:d0:cf:c1:6e:70:
3e:4d:bd:0e:e6:e3:f1:72:d5:3b:1f:d2:0a:35:22:
3a:47:7a:8d:28:45:b3:37:cd:08:aa:5a:81:19:b2:
80:f5:7b:e6:80:0b:75:75:e3:81:e9:06:9e:10:78:
c9:ce:0f:77:7a:a4:f0:ed:6b:9a:3a:59:ff:5a:fd:
2a:94:e2:c3:0d:44:30:74:64:a7:0a:25:13:0e:c1:
54:d8:7a:4a:76:90:76:d7:98:a2:a9:ea:57:41:a0:
81:0d:b2:89:9d:dc:30:28:64:a4:d6:f1:17:55:a8:
7a:2f:e4:fc:39:76:2f:97:b0:5e:de:dc:e9:1a:a3:
3f:d1:c6:d6:fa:f0:db:08:1f:0a:ff:e4:13:fb:28:
1e:15:c3:d8:57:94:54:db:fc:d6:fe:fa:5d:e0:c3:
39:41:9e:66:85:18:94:9c:6c:18:65:bd:f6:51:b2:
dc:1c:91:79:ec:1c:b4:e2:4c:17:d9:17:68:f9:0e:
34:7a:41:26:67:26:66:fc:60:04:56:5c:95:a4:d0:
de:7d:11:d2:4d:78:ab:18:f5:99:96:75:12:33:70:
b3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:70:A0:CD:9B:60:CE:D0:18:E2:66:6F:10:C1:53:80:56:C1:77:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015:c00::/38
Signature Algorithm: sha256WithRSAEncryption
16:90:00:7e:bd:b8:43:05:2f:95:b5:f5:b3:89:3f:a0:c6:52:
20:4d:ae:db:0c:38:26:34:b1:bd:52:e4:45:a5:5c:0c:13:22:
e3:c5:ad:cc:98:36:17:1f:8b:e4:82:63:fc:b9:7a:2e:af:3c:
92:b1:f3:02:95:5c:00:ce:57:b4:48:d5:e3:1a:5e:4e:62:7a:
06:f0:5d:08:a7:22:a6:81:2b:3a:b8:64:89:f8:93:b7:f9:3b:
49:3f:9d:b7:42:d0:b5:c9:5f:69:ea:67:c6:50:cc:7e:24:48:
ca:e4:5a:29:52:55:02:23:1d:8f:d6:31:64:45:b5:15:b2:43:
98:92:4d:28:1c:cf:e1:cd:6d:6a:56:32:a1:d2:72:fa:c2:77:
2b:b3:18:43:0f:b0:ea:6c:f6:9b:0b:51:47:0d:f9:34:64:20:
47:8b:e8:85:06:d0:93:e6:b1:fd:b3:6e:1a:e7:c3:88:8b:ac:
74:f5:ff:76:e7:39:6d:9e:22:e6:aa:c5:43:c1:c6:d8:68:04:
4e:8c:81:ee:4f:a2:e4:2e:7e:2e:af:de:c5:b4:0b:82:78:ad:
aa:99:9b:f5:98:a9:f0:35:e4:32:6c:37:42:fc:90:d5:b1:53:
3a:fb:68:5a:2b:76:98:ba:59:73:7d:c9:79:2c:2d:c3:97:93:
73:2c:b7:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURyw7K2EaIXZ/qwCAzm4/y3VcHR4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxMDZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkMmEzZGRhNzg1NzYyYjE1ZWYyMjM1NzNlMDg2ZWY0OGFkMGU4Nzc4MDBm
NzA5MjkzNDdkOWVlMDdmZGIyMzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJmXIBx0+6AW5pNR8fhsg5gqCFK4kWf931I5OFndOtQ/aJGdsG6wF9DPwW5w
Pk29Dubj8XLVOx/SCjUiOkd6jShFszfNCKpagRmygPV75oALdXXjgekGnhB4yc4P
d3qk8O1rmjpZ/1r9KpTiww1EMHRkpwolEw7BVNh6SnaQdteYoqnqV0GggQ2yiZ3c
MChkpNbxF1Woei/k/Dl2L5ewXt7c6RqjP9HG1vrw2wgfCv/kE/soHhXD2FeUVNv8
1v76XeDDOUGeZoUYlJxsGGW99lGy3ByReewctOJMF9kXaPkONHpBJmcmZvxgBFZc
laTQ3n0R0k14qxj1mZZ1EjNws8cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTdcKDN
m2DO0BjiZm8QwVOAVsF3iDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2FmMmQ0YTAtZGYyMi00OTMzLWI2MDUtMWVjYmJkNjZmOTgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUM
MA0GCSqGSIb3DQEBCwUAA4IBAQAWkAB+vbhDBS+VtfWziT+gxlIgTa7bDDgmNLG9
UuRFpVwMEyLjxa3MmDYXH4vkgmP8uXourzySsfMClVwAzle0SNXjGl5OYnoG8F0I
pyKmgSs6uGSJ+JO3+TtJP523QtC1yV9p6mfGUMx+JEjK5FopUlUCIx2P1jFkRbUV
skOYkk0oHM/hzW1qVjKh0nL6wncrsxhDD7DqbPabC1FHDfk0ZCBHi+iFBtCT5rH9
s24a58OIi6x09f925zltniLmqsVDwcbYaAROjIHuT6LkLn4ur97FtAuCeK2qmZv1
mKnwNeQybDdC/JDVsVM6+2haK3aYullzfcl5LC3Dl5NzLLfQ
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:08 2025 by rpki-client