Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa
File: 8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa (raw, json)
Hash identifier: Imd5kaeMYtATDtTy8nzZbRgNj7zD5TSujYZovZPv02Y=
Subject key identifier: 20:2F:B2:AD:4D:70:7A:99:C1:37:1E:12:1D:83:75:C4:27:E6:90:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2FEBE5167F6A166EF8B98AFD9465286630D512F9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa
Signing time: Mon 16 Jun 2025 21:10:20 +0000
ROA not before: Mon 16 Jun 2025 21:10:20 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:eb:e5:16:7f:6a:16:6e:f8:b9:8a:fd:94:65:28:66:30:d5:12:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:10:20 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=661bf4da3d37040971299707d0b022e651b1f81b64197c0de38be24c94b82c90, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:64:5d:0b:33:9b:98:24:03:3d:34:67:17:c5:
d5:09:41:35:87:d5:45:69:72:87:2c:dc:86:5e:94:
ad:99:1f:a4:fc:e6:2e:62:ee:40:43:fe:0e:19:6e:
db:00:18:f4:2b:30:ec:4c:82:da:14:27:0d:47:03:
40:32:32:6c:05:37:a1:ca:b4:62:04:29:7b:75:e1:
e5:79:57:2f:fa:2e:93:5f:84:d6:83:53:2a:e5:ff:
aa:01:28:f6:16:52:2f:92:0b:45:40:41:aa:ca:bc:
fd:92:31:6e:e9:6c:48:8e:2f:b7:d4:43:83:dc:fb:
ff:1d:d2:54:5a:20:7c:9c:57:1c:0c:38:6e:a3:98:
71:6a:f9:69:53:c4:ed:5d:e9:65:96:55:0e:de:5f:
75:43:ac:90:d2:e7:c0:50:86:21:f7:9b:35:96:87:
ff:d1:a2:10:49:6b:e7:4d:8f:c1:8b:89:66:f9:d0:
b2:4b:b4:c4:9f:9e:42:23:ba:20:6b:3d:ca:5c:8a:
d8:93:14:0f:db:57:75:c7:3a:46:b9:97:2e:d8:82:
b3:d5:f0:c3:51:09:d6:5d:ca:bd:ff:75:00:7e:32:
55:a4:05:6e:d3:75:a9:3f:34:bb:b8:42:87:96:4b:
96:b0:55:2e:89:66:50:08:bb:ca:d0:f7:37:49:a8:
57:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:2F:B2:AD:4D:70:7A:99:C1:37:1E:12:1D:83:75:C4:27:E6:90:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b2:9f:9f:02:08:71:79:49:25:9b:97:44:95:ed:d8:e2:48:e8:
56:05:96:40:2c:92:eb:2d:6c:20:8d:98:3b:31:04:98:37:15:
1b:5c:da:c7:ae:89:e8:bf:a8:89:5d:e5:c0:b9:a2:3e:28:58:
ea:39:c4:52:df:52:69:7b:05:20:1e:95:ae:1d:14:db:aa:69:
65:27:69:ef:31:00:99:ca:52:db:0c:01:b5:10:62:9d:d9:2c:
7d:42:0d:6b:a9:2f:05:0d:2d:92:7f:dc:17:f4:d3:62:49:ea:
b1:a0:e4:6d:d9:da:7d:47:cb:6e:d8:4b:7c:50:d4:1a:a5:52:
b7:99:4e:8c:0d:ec:8a:d6:b8:b9:c9:09:30:b3:f0:66:86:6a:
3c:30:3a:1c:51:ba:4b:22:0c:fc:86:2d:6a:9a:af:7a:ca:9e:
e0:c7:fb:54:98:ee:ad:4f:91:c5:da:c9:00:7f:15:44:37:a6:
5f:18:79:ee:b8:aa:0f:1b:8d:e4:9f:3c:90:86:a9:02:5b:00:
a4:d4:5a:99:7a:7b:e5:1e:4f:18:cf:56:c6:1c:df:06:09:f6:
58:24:dc:ea:0b:4f:46:05:07:d9:1a:36:e3:ae:67:ab:35:42:
43:27:c9:2c:90:f6:57:5c:99:c6:6c:77:e1:0f:96:27:3a:9f:
c8:91:f1:df
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUL+vlFn9qFm74uYr9lGUoZjDVEvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTEwMjBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2MWJmNGRhM2QzNzA0MDk3MTI5OTcwN2QwYjAyMmU2NTFiMWY4MWI2NDE5
N2MwZGUzOGJlMjRjOTRiODJjOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9kXQszm5gkAz00ZxfF1QlBNYfVRWlyhyzchl6UrZkfpPzmLmLuQEP+Dhlu
2wAY9Csw7EyC2hQnDUcDQDIybAU3ocq0YgQpe3Xh5XlXL/ouk1+E1oNTKuX/qgEo
9hZSL5ILRUBBqsq8/ZIxbulsSI4vt9RDg9z7/x3SVFogfJxXHAw4bqOYcWr5aVPE
7V3pZZZVDt5fdUOskNLnwFCGIfebNZaH/9GiEElr502PwYuJZvnQsku0xJ+eQiO6
IGs9ylyK2JMUD9tXdcc6RrmXLtiCs9Xww1EJ1l3Kvf91AH4yVaQFbtN1qT80u7hC
h5ZLlrBVLolmUAi7ytD3N0moVz8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQgL7Kt
TXB6mcE3HhIdg3XEJ+aQlzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGRjN2Q1YmEtYjFlOS00YzFjLWExOTAtMjE0NzMxYjcxYjQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dbg
MA0GCSqGSIb3DQEBCwUAA4IBAQCyn58CCHF5SSWbl0SV7djiSOhWBZZALJLrLWwg
jZg7MQSYNxUbXNrHronov6iJXeXAuaI+KFjqOcRS31JpewUgHpWuHRTbqmllJ2nv
MQCZylLbDAG1EGKd2Sx9Qg1rqS8FDS2Sf9wX9NNiSeqxoORt2dp9R8tu2Et8UNQa
pVK3mU6MDeyK1ri5yQkws/Bmhmo8MDocUbpLIgz8hi1qmq96yp7gx/tUmO6tT5HF
2skAfxVEN6ZfGHnuuKoPG43knzyQhqkCWwCk1FqZenvlHk8Yz1bGHN8GCfZYJNzq
C09GBQfZGjbjrmerNUJDJ8kskPZXXJnGbHfhD5YnOp/IkfHf
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:05 2025 by rpki-client