Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa
File: 7ce413ad-560d-4eb8-915b-8c6e01d97910.roa (raw, json)
Hash identifier: ZniFqQ7sjIgPwrqnmJCvtqPB9DXdwY8gmkqZ22AkmZM=
Subject key identifier: BD:6C:F1:EA:B6:6E:2B:94:C0:72:37:5E:5E:D9:8E:8A:87:FB:0C:70
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33F31F815EC1600915631A09CD5A2559B73DD083
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa
Signing time: Mon 16 Jun 2025 20:21:11 +0000
ROA not before: Mon 16 Jun 2025 20:21:11 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:f3:1f:81:5e:c1:60:09:15:63:1a:09:cd:5a:25:59:b7:3d:d0:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:21:11 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=002beef0db519d9fdfe7af2d5848d30717483e95854c63ffe4cf12d8d169b8d7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:5e:8a:b3:20:f5:13:fc:31:a2:90:c3:4f:95:
6d:e9:1a:34:f4:4f:26:b8:53:fe:5d:97:9d:bf:85:
00:3b:43:97:3c:1a:d0:23:2c:56:ca:fa:77:30:bf:
03:10:33:7b:bb:46:62:b0:55:ad:a7:bc:d7:c4:42:
a5:22:ce:5a:9c:20:f0:49:fb:2a:75:d8:51:46:aa:
a6:f3:0e:f8:91:77:1b:ae:cc:c6:1a:25:6e:ea:3f:
93:4b:bc:9b:84:b9:c1:dc:cc:44:41:45:2d:81:59:
af:d4:43:40:19:dd:13:70:6c:32:2b:5c:04:27:d5:
47:31:63:da:98:77:20:c4:e6:72:3e:6c:09:0c:30:
5f:2e:73:5f:52:55:cd:a6:b1:c1:1d:e0:cd:e9:bc:
ee:48:1f:6c:ea:53:f2:40:d2:bd:77:e2:4a:55:05:
06:7d:e4:a9:d7:5e:1d:81:80:fd:6c:2d:a7:a7:44:
78:cb:13:28:ce:96:70:e5:69:7b:7b:01:5e:f9:92:
d0:20:1c:4e:b6:0a:c8:8f:5f:97:e9:40:cb:4c:14:
cf:b6:25:8f:bb:90:84:da:4b:91:00:07:7d:92:29:
48:ac:f7:dc:d0:90:7f:78:48:c9:4e:27:be:e3:df:
34:3f:bd:76:31:b1:aa:5f:d6:7b:ec:9f:d6:5f:16:
bb:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:6C:F1:EA:B6:6E:2B:94:C0:72:37:5E:5E:D9:8E:8A:87:FB:0C:70
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:5000::/40
Signature Algorithm: sha256WithRSAEncryption
75:2b:4a:cc:5b:df:2c:04:7d:04:cd:ff:f7:15:68:b5:85:e2:
2e:e1:87:ac:df:d7:9a:56:67:eb:4b:8f:2f:e9:d6:c3:66:cd:
e7:e6:25:d8:0c:22:55:bf:69:ce:b2:cb:0d:e6:d9:55:81:7d:
09:bc:62:21:05:bc:cb:a9:df:3b:1d:96:ca:6a:c8:b2:9c:ab:
9b:09:14:7b:0e:01:71:78:72:85:ff:fb:0c:f6:f4:87:33:18:
f5:5d:a7:c9:5c:ad:91:65:39:35:9b:6a:98:75:1c:b4:23:c1:
f5:86:a1:29:cc:9f:75:0a:e2:5c:80:b6:7d:81:42:12:7f:16:
02:0f:4a:57:d5:b6:df:60:c5:49:0d:63:2a:f1:1b:80:10:3c:
07:6b:fb:99:c4:5f:6d:ba:a7:99:d6:06:dc:dc:a5:7b:38:65:
19:7b:f5:c4:8c:15:64:f6:9f:74:58:bd:77:76:d8:6d:a9:b6:
41:7e:13:9f:9b:93:cd:f1:7a:ae:c1:d3:29:e7:59:20:7c:58:
16:8d:aa:96:81:ee:e3:ef:38:7c:0f:54:22:a1:2c:55:08:dd:
86:ce:90:0e:3e:e5:03:e5:01:48:98:14:cd:27:14:c4:a1:36:
76:4a:58:74:5b:31:65:0f:ee:6f:d8:3c:85:0f:b1:d1:9d:29:
d8:ce:00:5b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM/MfgV7BYAkVYxoJzVolWbc90IMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIxMTFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwMmJlZWYwZGI1MTlkOWZkZmU3YWYyZDU4NDhkMzA3MTc0ODNlOTU4NTRj
NjNmZmU0Y2YxMmQ4ZDE2OWI4ZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN9eirMg9RP8MaKQw0+VbekaNPRPJrhT/l2Xnb+FADtDlzwa0CMsVsr6dzC/
AxAze7tGYrBVrae818RCpSLOWpwg8En7KnXYUUaqpvMO+JF3G67Mxholbuo/k0u8
m4S5wdzMREFFLYFZr9RDQBndE3BsMitcBCfVRzFj2ph3IMTmcj5sCQwwXy5zX1JV
zaaxwR3gzem87kgfbOpT8kDSvXfiSlUFBn3kqddeHYGA/Wwtp6dEeMsTKM6WcOVp
e3sBXvmS0CAcTrYKyI9fl+lAy0wUz7Ylj7uQhNpLkQAHfZIpSKz33NCQf3hIyU4n
vuPfND+9djGxql/We+yf1l8Wu3UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS9bPHq
tm4rlMByN15e2Y6Kh/sMcDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NlNDEzYWQtNTYwZC00ZWI4LTkxNWItOGM2ZTAxZDk3OTEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB1K0rMW98sBH0Ezf/3FWi1heIu4Yes39eaVmfr
S48v6dbDZs3n5iXYDCJVv2nOsssN5tlVgX0JvGIhBbzLqd87HZbKasiynKubCRR7
DgFxeHKF//sM9vSHMxj1XafJXK2RZTk1m2qYdRy0I8H1hqEpzJ91CuJcgLZ9gUIS
fxYCD0pX1bbfYMVJDWMq8RuAEDwHa/uZxF9tuqeZ1gbc3KV7OGUZe/XEjBVk9p90
WL13dthtqbZBfhOfm5PN8XquwdMp51kgfFgWjaqWge7j7zh8D1QioSxVCN2GzpAO
PuUD5QFImBTNJxTEoTZ2Slh0WzFlD+5v2DyFD7HRnSnYzgBb
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:38 2025 by rpki-client