Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
File: 84822380-4084-4c46-8745-4e82faaddd84.roa (raw, json)
Hash identifier: QQ0IEv6+//4387ewEuh1bkXPAduOXBeabPN/Jtu3Pu4=
Subject key identifier: 12:6C:22:7C:1C:09:6C:20:E9:DE:54:47:5E:9D:97:50:6E:96:E7:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37D01183C6068928F4777698EEB07F7B93B83A2B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
Signing time: Mon 16 Jun 2025 21:31:09 +0000
ROA not before: Mon 16 Jun 2025 21:31:09 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:d0:11:83:c6:06:89:28:f4:77:76:98:ee:b0:7f:7b:93:b8:3a:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:09 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=75bec937f497107b2b6446d18eeeb3b5af10275d1f9243cab7823e1da69c72cf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:95:4d:e2:92:45:c6:cc:f1:58:b8:e3:d3:24:
0b:c8:e7:82:48:b6:75:bd:a2:ec:4c:29:c3:7b:5a:
fe:25:f7:0f:6c:90:86:06:d8:45:27:4d:93:79:c9:
6f:98:36:2c:78:2c:5a:1a:51:e6:29:5a:e5:93:02:
47:28:34:54:fb:d5:38:94:13:a6:f4:76:be:17:dc:
44:f9:75:27:5e:67:5b:ed:9e:b4:12:29:54:36:fb:
3f:68:ef:00:41:e9:0d:db:b0:28:e3:6d:ce:60:47:
5c:fb:8c:33:94:25:c4:10:54:5e:fc:d9:bf:07:09:
9b:b2:49:9c:4e:b4:3c:f9:45:28:e4:5e:45:50:7a:
95:65:aa:21:9a:50:fd:b9:d7:c7:21:3b:66:47:bb:
17:94:6a:ee:f7:d5:5b:c4:9a:fd:53:bf:5e:17:e7:
c5:1e:92:a2:7b:d0:6f:86:b7:5c:ff:78:71:a5:62:
49:4b:52:5f:76:02:6a:9b:11:17:87:18:aa:48:39:
1b:26:5d:1a:82:c3:ee:ac:83:87:8e:77:ec:63:3d:
69:13:2b:2e:1a:15:36:ee:3a:8b:49:11:20:e6:98:
f5:1c:53:ec:4a:ca:01:8e:89:fa:22:62:b6:11:82:
5b:3f:7f:95:6a:80:4d:b6:62:66:93:a2:24:0d:da:
d0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:6C:22:7C:1C:09:6C:20:E9:DE:54:47:5E:9D:97:50:6E:96:E7:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:800::/38
Signature Algorithm: sha256WithRSAEncryption
8d:e3:ed:bd:1d:e4:6c:35:ab:92:d0:45:0b:c6:3c:1b:84:15:
4f:32:2a:22:f1:01:93:89:8a:72:9f:cd:f3:18:c5:c1:de:5e:
f0:f4:06:c7:64:91:7c:c1:b1:25:e8:d7:da:a3:42:a4:da:4e:
70:7b:c9:81:d8:44:ca:97:05:78:7f:a5:25:c7:2c:8c:b0:2e:
51:a6:e3:96:4f:a1:79:ed:b7:a8:7e:a0:99:6d:48:96:2c:35:
b1:15:55:df:dd:6d:a0:88:e2:c9:3e:22:05:09:86:b8:3c:2f:
e9:26:c1:74:07:fd:1a:c3:77:55:f1:bf:c8:f0:60:df:9b:ce:
13:96:da:66:4c:2f:31:29:9f:7a:6a:2a:de:52:e1:98:5a:04:
53:af:79:df:99:26:bf:2b:9f:74:37:88:b8:15:81:5d:dc:96:
c9:85:db:04:d0:ed:fc:34:8d:c7:e8:3d:6f:87:d6:03:67:a2:
71:05:55:5b:4c:57:7f:42:94:18:f0:7b:4d:ac:ca:d7:51:6c:
3f:c2:ed:e2:ac:0c:f9:be:8f:db:9d:c7:f8:68:c4:ac:32:09:
90:8f:94:bb:6c:10:28:81:45:02:f6:3a:93:cc:87:de:eb:f2:
57:c4:e1:10:d4:ae:ac:c5:76:d4:f1:d4:fb:39:d2:49:56:42:
7a:b2:c2:6f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN9ARg8YGiSj0d3aY7rB/e5O4OiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxMDlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1YmVjOTM3ZjQ5NzEwN2IyYjY0NDZkMThlZWViM2I1YWYxMDI3NWQxZjky
NDNjYWI3ODIzZTFkYTY5YzcyY2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaVTeKSRcbM8Vi449MkC8jngki2db2i7Ewpw3ta/iX3D2yQhgbYRSdNk3nJ
b5g2LHgsWhpR5ila5ZMCRyg0VPvVOJQTpvR2vhfcRPl1J15nW+2etBIpVDb7P2jv
AEHpDduwKONtzmBHXPuMM5QlxBBUXvzZvwcJm7JJnE60PPlFKOReRVB6lWWqIZpQ
/bnXxyE7Zke7F5Rq7vfVW8Sa/VO/XhfnxR6SonvQb4a3XP94caViSUtSX3YCapsR
F4cYqkg5GyZdGoLD7qyDh4537GM9aRMrLhoVNu46i0kRIOaY9RxT7ErKAY6J+iJi
thGCWz9/lWqATbZiZpOiJA3a0LkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQSbCJ8
HAlsIOneVEdenZdQbpbnPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQ4MjIzODAtNDA4NC00YzQ2LTg3NDUtNGU4MmZhYWRkZDg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQI
MA0GCSqGSIb3DQEBCwUAA4IBAQCN4+29HeRsNauS0EULxjwbhBVPMioi8QGTiYpy
n83zGMXB3l7w9AbHZJF8wbEl6Nfao0Kk2k5we8mB2ETKlwV4f6UlxyyMsC5RpuOW
T6F57beofqCZbUiWLDWxFVXf3W2giOLJPiIFCYa4PC/pJsF0B/0aw3dV8b/I8GDf
m84TltpmTC8xKZ96aireUuGYWgRTr3nfmSa/K590N4i4FYFd3JbJhdsE0O38NI3H
6D1vh9YDZ6JxBVVbTFd/QpQY8HtNrMrXUWw/wu3irAz5vo/bncf4aMSsMgmQj5S7
bBAogUUC9jqTzIfe6/JXxOEQ1K6sxXbU8dT7OdJJVkJ6ssJv
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:58:52 2025 by rpki-client