Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cfb4167-bb34-4b3d-8c92-bcd5cab97a46.roa
File: 7cfb4167-bb34-4b3d-8c92-bcd5cab97a46.roa (raw, json)
Hash identifier: tuEgWOIp5ZGFUbepyH8LLVKDEkHSeIBk6dkiZeBcW3M=
Subject key identifier: 9D:94:42:70:E5:AE:93:B9:78:0E:60:D2:75:FE:F1:61:6D:D3:00:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A8F1403B5BAB6D7D062C52D8FE7CFFEA1A7AED3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cfb4167-bb34-4b3d-8c92-bcd5cab97a46.roa
Signing time: Mon 16 Jun 2025 20:50:05 +0000
ROA not before: Mon 16 Jun 2025 20:50:05 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:1040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:8f:14:03:b5:ba:b6:d7:d0:62:c5:2d:8f:e7:cf:fe:a1:a7:ae:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:50:05 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=7503c47a1233336b4f5a76ebf550a115dab9340cc005683814f6e37fe89bd7b9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:46:bc:ea:68:0d:99:5e:9a:ea:53:14:fd:94:
41:1e:84:c0:a7:31:ce:44:5b:ce:3d:6d:00:70:f9:
9a:bb:d4:37:e3:1b:01:99:03:dd:c6:10:08:53:3c:
32:eb:aa:ed:40:05:19:71:0e:0a:0b:8f:ca:d9:8d:
50:7e:d1:c2:55:a9:82:d7:de:d9:8f:ca:6d:bd:4d:
7a:d5:93:db:15:1e:5b:95:46:b8:06:6a:40:bf:8b:
3c:9b:7b:b9:2a:1f:ac:15:8c:f4:db:4f:3e:12:7a:
bb:3c:a1:89:32:03:67:dd:ff:ea:b2:7d:71:d3:a0:
fe:c5:c2:99:3e:9f:55:72:c7:e0:0a:ed:0c:05:5e:
a2:37:ae:8f:91:1a:d9:a6:67:bf:81:3b:f2:1c:d5:
0d:91:eb:24:e1:6e:5d:6f:fc:1e:2f:17:78:67:ce:
13:90:50:c0:aa:d2:44:2d:13:37:94:d6:b2:4e:9a:
1a:1c:92:25:bc:28:d2:c5:d5:d8:1e:3a:2a:8c:a8:
a8:5c:87:bd:1d:a7:ad:22:2e:e9:20:44:6f:33:70:
17:18:77:b7:b3:0a:d7:4a:8f:b4:3b:b6:9b:58:5b:
00:af:cc:39:c2:05:63:c7:0c:0d:4b:29:a0:3f:8e:
b2:6c:cc:b8:5e:2b:28:13:4c:2d:d2:f1:2f:ed:e1:
ae:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:94:42:70:E5:AE:93:B9:78:0E:60:D2:75:FE:F1:61:6D:D3:00:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cfb4167-bb34-4b3d-8c92-bcd5cab97a46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:1040::/46
Signature Algorithm: sha256WithRSAEncryption
5c:f1:7a:cc:86:d1:90:09:34:3e:11:f7:33:3b:75:26:85:20:
cb:98:64:f0:21:2e:11:1b:69:4b:c1:bb:d2:ae:25:3a:9f:10:
a0:dc:b4:f3:ee:b5:80:ee:b4:04:e3:50:26:0f:8f:cc:36:4f:
03:d4:00:dc:b3:a7:b8:26:2b:93:63:71:01:4e:b4:8d:27:2c:
b1:e4:66:07:5a:b4:dc:c7:5d:8b:1a:88:e4:f7:7f:56:13:07:
a7:c0:b3:87:ee:21:16:28:fd:bb:8b:a9:80:a5:5f:1f:ad:86:
d9:0c:37:65:0f:24:62:0e:01:d6:69:18:1c:7a:db:81:6b:2c:
b5:97:ef:04:8d:45:77:68:48:3d:29:84:4c:3d:ba:e9:10:3b:
68:66:13:75:c9:38:dd:e9:98:3d:4d:10:8a:1a:b6:9d:9f:a8:
06:32:60:3c:b2:a7:0c:75:0d:4c:eb:6d:6e:3d:56:de:8a:2f:
29:41:23:49:b9:01:6a:98:e4:31:f1:bf:36:1d:3c:56:1a:9e:
8a:7c:9f:fd:9a:28:e9:6c:78:85:a9:ba:00:22:0f:0f:94:5f:
e7:f0:a2:da:27:f2:3d:76:29:e8:96:4b:04:62:4f:96:f7:a8:
7f:87:b8:07:03:12:26:9d:13:b2:e3:15:b7:df:34:e3:20:17:
5c:66:8f:77
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGo8UA7W6ttfQYsUtj+fP/qGnrtMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDUwMDVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1MDNjNDdhMTIzMzMzNmI0ZjVhNzZlYmY1NTBhMTE1ZGFiOTM0MGNjMDA1
NjgzODE0ZjZlMzdmZTg5YmQ3YjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1GvOpoDZlemupTFP2UQR6EwKcxzkRbzj1tAHD5mrvUN+MbAZkD3cYQCFM8
Muuq7UAFGXEOCguPytmNUH7RwlWpgtfe2Y/Kbb1NetWT2xUeW5VGuAZqQL+LPJt7
uSofrBWM9NtPPhJ6uzyhiTIDZ93/6rJ9cdOg/sXCmT6fVXLH4ArtDAVeojeuj5Ea
2aZnv4E78hzVDZHrJOFuXW/8Hi8XeGfOE5BQwKrSRC0TN5TWsk6aGhySJbwo0sXV
2B46KoyoqFyHvR2nrSIu6SBEbzNwFxh3t7MK10qPtDu2m1hbAK/MOcIFY8cMDUsp
oD+OsmzMuF4rKBNMLdLxL+3hrjUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSdlEJw
5a6TuXgOYNJ1/vFhbdMAvDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NmYjQxNjctYmIzNC00YjNkLThjOTItYmNkNWNhYjk3YTQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HcQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAXPF6zIbRkAk0PhH3Mzt1JoUgy5hk8CEuERtp
S8G70q4lOp8QoNy08+61gO60BONQJg+PzDZPA9QA3LOnuCYrk2NxAU60jScsseRm
B1q03MddixqI5Pd/VhMHp8Czh+4hFij9u4upgKVfH62G2Qw3ZQ8kYg4B1mkYHHrb
gWsstZfvBI1Fd2hIPSmETD266RA7aGYTdck43emYPU0Qihq2nZ+oBjJgPLKnDHUN
TOttbj1W3oovKUEjSbkBapjkMfG/Nh08Vhqeinyf/Zoo6Wx4ham6ACIPD5Rf5/Ci
2ifyPXYp6JZLBGJPlveof4e4BwMSJp0TsuMVt9804yAXXGaPdw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:00 2025 by rpki-client