Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
File: a7031a07-12ba-45f8-a53b-6bd5b713c999.roa (raw, json)
Hash identifier: Q/jaamNILdPzF9Y2uOQ/kqbFwBhX726et32jV0wN0+0=
Subject key identifier: ED:E0:71:78:5D:17:E9:05:CE:F7:07:F4:FD:86:53:44:B9:56:6C:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C74F99992EFE2F160CB6D8C4585F147F15F62D0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
Signing time: Mon 16 Jun 2025 21:30:19 +0000
ROA not before: Mon 16 Jun 2025 21:30:19 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:74:f9:99:92:ef:e2:f1:60:cb:6d:8c:45:85:f1:47:f1:5f:62:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:30:19 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=a475bd61fc5e58bd9a4047ca4b36a7571b6441c7420b7efb88cb1ea0fc776d55, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:26:5a:a4:64:78:f0:b9:08:aa:5a:01:ba:51:
8a:15:39:79:c2:af:06:2a:7b:64:fd:8e:6e:e3:ec:
13:f1:76:1e:1d:99:f5:cd:c3:f3:3d:09:7c:6e:a5:
11:c6:5a:73:f5:4b:e7:b6:2a:ea:a8:4d:34:cf:dc:
d0:f7:67:42:18:e9:f1:53:98:cb:74:3f:2c:55:b2:
61:86:42:aa:53:ae:fc:8b:03:69:17:ba:68:59:76:
75:55:76:b5:5f:3c:13:23:4a:50:64:51:d4:0b:39:
b4:bd:c6:ad:a3:97:fe:35:f2:c7:1d:4b:50:64:15:
de:38:41:1c:7f:e7:67:5e:01:cf:3b:14:f2:d0:b2:
c9:4f:85:78:50:ad:8a:c9:8d:cb:51:ec:d4:86:f9:
8b:85:a8:ff:68:3c:0a:5b:c1:9f:0f:11:aa:35:1d:
e4:f0:ee:f1:88:d8:b5:7b:88:9b:ac:bc:84:2b:de:
4a:fc:d8:3d:47:d1:d0:b4:29:0d:0c:94:ac:dd:43:
99:0e:35:e6:a6:40:20:d6:c8:3f:e1:47:5a:c3:0f:
fb:ef:88:cc:e9:eb:8b:7f:32:c6:a5:d2:e2:4c:95:
9e:27:62:2e:72:fc:b0:92:05:a2:8c:53:e7:0a:11:
48:f8:0f:fd:92:ab:4e:54:44:76:ae:d3:81:bb:40:
b0:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:E0:71:78:5D:17:E9:05:CE:F7:07:F4:FD:86:53:44:B9:56:6C:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:400::/38
Signature Algorithm: sha256WithRSAEncryption
ba:8a:24:3e:f6:62:87:59:4d:ab:65:0d:7a:6f:24:0a:4c:84:
5c:bb:fe:7c:19:9f:d4:c4:8b:f9:e4:fb:79:92:e8:50:d3:52:
8c:fc:bd:46:d6:b1:e6:2b:cd:71:a8:aa:59:e8:1c:87:39:c6:
15:d3:22:83:0b:4b:53:0b:d6:10:a8:24:e1:ae:a1:73:11:0d:
95:44:dc:fd:de:93:9b:c4:1a:0e:f1:ec:cc:f9:4f:0f:96:bc:
38:75:15:94:86:09:93:28:69:b2:00:fd:36:08:99:18:5f:ef:
1a:aa:7a:0f:3e:10:4b:5f:0d:4c:db:ec:fb:e5:59:e7:24:d6:
83:dc:05:28:07:3a:d7:94:4d:52:51:21:2c:49:ab:c7:f5:cb:
93:cf:3b:b8:09:79:7d:28:17:37:77:33:50:b3:54:60:9f:59:
29:62:ed:2b:ce:39:6b:a7:0e:6b:be:35:fd:fc:cf:10:96:cb:
11:cf:9b:1e:c1:9c:21:02:31:03:22:ee:c6:9c:26:23:c1:00:
58:da:06:1a:99:b4:f3:65:9d:4c:56:02:80:f7:d0:f8:4b:4c:
aa:df:74:af:88:c1:46:f5:cf:95:f6:88:83:2f:0a:98:45:5f:
9f:7a:29:b0:92:2b:30:7f:00:13:03:64:6a:f2:ab:91:a2:49:
27:cd:46:40
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULHT5mZLv4vFgy22MRYXxR/FfYtAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMwMTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0NzViZDYxZmM1ZTU4YmQ5YTQwNDdjYTRiMzZhNzU3MWI2NDQxYzc0MjBi
N2VmYjg4Y2IxZWEwZmM3NzZkNTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALImWqRkePC5CKpaAbpRihU5ecKvBip7ZP2ObuPsE/F2Hh2Z9c3D8z0JfG6l
EcZac/VL57Yq6qhNNM/c0PdnQhjp8VOYy3Q/LFWyYYZCqlOu/IsDaRe6aFl2dVV2
tV88EyNKUGRR1As5tL3GraOX/jXyxx1LUGQV3jhBHH/nZ14BzzsU8tCyyU+FeFCt
ismNy1Hs1Ib5i4Wo/2g8ClvBnw8RqjUd5PDu8YjYtXuIm6y8hCveSvzYPUfR0LQp
DQyUrN1DmQ415qZAINbIP+FHWsMP+++IzOnri38yxqXS4kyVnidiLnL8sJIFooxT
5woRSPgP/ZKrTlREdq7TgbtAsFsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTt4HF4
XRfpBc73B/T9hlNEuVZsBzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTcwMzFhMDctMTJiYS00NWY4LWE1M2ItNmJkNWI3MTNjOTk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoE
MA0GCSqGSIb3DQEBCwUAA4IBAQC6iiQ+9mKHWU2rZQ16byQKTIRcu/58GZ/UxIv5
5Pt5kuhQ01KM/L1G1rHmK81xqKpZ6ByHOcYV0yKDC0tTC9YQqCThrqFzEQ2VRNz9
3pObxBoO8ezM+U8Plrw4dRWUhgmTKGmyAP02CJkYX+8aqnoPPhBLXw1M2+z75Vnn
JNaD3AUoBzrXlE1SUSEsSavH9cuTzzu4CXl9KBc3dzNQs1Rgn1kpYu0rzjlrpw5r
vjX9/M8QlssRz5sewZwhAjEDIu7GnCYjwQBY2gYambTzZZ1MVgKA99D4S0yq33Sv
iMFG9c+V9oiDLwqYRV+feimwkiswfwATA2Rq8quRokknzUZA
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:26 2025 by rpki-client