Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3515426-a058-439f-a8fc-e68eaafc8806.roa
File: b3515426-a058-439f-a8fc-e68eaafc8806.roa (raw, json)
Hash identifier: mKUnaRxqSBRZORko+TAUfv3AwlNulci4+yd6L7URqQI=
Subject key identifier: A9:52:76:6E:57:81:C8:FB:18:E6:50:9F:14:36:F2:53:59:F5:65:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E5286E56B41A26800CC489E3B492155F678A1D8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3515426-a058-439f-a8fc-e68eaafc8806.roa
Signing time: Tue 17 Jun 2025 00:41:21 +0000
ROA not before: Tue 17 Jun 2025 00:41:21 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:52:86:e5:6b:41:a2:68:00:cc:48:9e:3b:49:21:55:f6:78:a1:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:41:21 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=6ee4823d53d5709761edd72f72d637c51f90205b9966fe6f49eae4aba4b642d3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6a:b2:2e:4b:23:a7:90:31:4c:cb:4a:b6:05:
cb:ae:0a:d5:4d:61:66:e5:f6:f6:4b:d9:a4:4f:6c:
c2:15:7a:9a:80:fc:9e:4d:2c:2e:4f:0c:0e:30:fc:
c2:c0:82:77:ed:26:1a:9b:e4:06:d3:ab:76:64:fb:
d5:db:5a:9e:cb:e7:42:36:8a:3b:3e:d5:66:33:79:
d9:6b:ce:8f:74:c0:1a:17:bf:87:6e:14:1f:9a:33:
33:2d:55:94:36:2b:d4:92:86:20:fb:6d:c8:f0:ad:
1c:ac:71:b8:23:86:35:1e:7e:94:79:4b:55:92:a6:
94:67:27:8e:86:f1:9c:73:20:1f:55:03:bd:51:35:
22:47:ad:a9:c1:87:f1:d9:88:81:b4:0e:1d:e3:7d:
bf:93:e2:2b:0c:8a:46:04:4f:92:a8:71:9e:69:6a:
1b:a9:62:9d:63:fa:7c:b2:57:5b:4e:17:c4:d6:50:
b3:a4:34:f0:3e:b6:c0:45:cb:3e:ac:ea:60:ec:01:
ef:89:75:1a:86:11:3c:94:af:27:de:e9:fa:29:a7:
2d:a5:68:f7:94:4c:bd:99:5f:ab:09:8c:66:24:5e:
b4:c4:3a:e5:af:21:52:ee:41:c0:55:ba:f2:21:ac:
28:08:8f:48:99:55:d6:ba:cd:49:0f:d0:d3:93:87:
74:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:52:76:6E:57:81:C8:FB:18:E6:50:9F:14:36:F2:53:59:F5:65:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3515426-a058-439f-a8fc-e68eaafc8806.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:8000::/40
Signature Algorithm: sha256WithRSAEncryption
25:d8:50:f0:d7:ff:23:e4:ad:82:af:ab:fe:6e:33:7a:b8:aa:
85:07:38:d7:e7:8c:c4:70:17:9e:3e:78:33:21:66:01:8e:aa:
a9:1d:ff:b5:6b:2f:b0:eb:00:ba:f1:3c:4d:d5:68:8c:0c:f7:
d6:64:25:d3:12:72:c7:41:c6:a5:ce:06:fc:a8:28:3a:1e:b2:
fa:66:b9:4a:00:db:25:f3:60:0b:27:e2:c4:a0:99:f8:58:db:
04:73:97:b1:18:31:b0:59:c3:85:17:42:79:cf:9d:51:4d:0b:
f4:ff:6f:9e:86:f2:cb:13:bf:90:b3:9f:62:04:53:ff:6e:e5:
52:01:1a:05:87:f5:1c:ad:5b:6d:3e:90:b3:7f:c5:05:2b:88:
58:fb:37:f2:b6:9b:14:43:d4:0f:8b:5b:64:fe:f5:9b:38:f3:
e8:d4:cf:0c:6d:ec:60:fb:c4:ef:88:ac:77:95:2b:76:ad:32:
2b:60:ac:8b:f2:9d:cf:9c:c2:a9:6e:61:15:13:7b:c5:6b:0d:
55:12:4b:82:01:50:b9:66:f2:b3:8c:cc:24:88:5c:40:29:79:
6c:5c:56:eb:f1:5c:77:9a:4b:ba:f5:05:d1:94:72:38:4e:e8:
34:d3:b1:22:6a:7a:38:1b:0b:63:75:ef:0d:f9:7e:33:ad:c6:
29:b6:0f:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTlKG5WtBomgAzEieO0khVfZ4odgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQxMjFaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlZTQ4MjNkNTNkNTcwOTc2MWVkZDcyZjcyZDYzN2M1MWY5MDIwNWI5OTY2
ZmU2ZjQ5ZWFlNGFiYTRiNjQyZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVqsi5LI6eQMUzLSrYFy64K1U1hZuX29kvZpE9swhV6moD8nk0sLk8MDjD8
wsCCd+0mGpvkBtOrdmT71dtansvnQjaKOz7VZjN52WvOj3TAGhe/h24UH5ozMy1V
lDYr1JKGIPttyPCtHKxxuCOGNR5+lHlLVZKmlGcnjobxnHMgH1UDvVE1IketqcGH
8dmIgbQOHeN9v5PiKwyKRgRPkqhxnmlqG6linWP6fLJXW04XxNZQs6Q08D62wEXL
PqzqYOwB74l1GoYRPJSvJ97p+imnLaVo95RMvZlfqwmMZiRetMQ65a8hUu5BwFW6
8iGsKAiPSJlV1rrNSQ/Q05OHdFECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSpUnZu
V4HI+xjmUJ8UNvJTWfVlQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjM1MTU0MjYtYTA1OC00MzlmLWE4ZmMtZTY4ZWFhZmM4ODA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+A
MA0GCSqGSIb3DQEBCwUAA4IBAQAl2FDw1/8j5K2Cr6v+bjN6uKqFBzjX54zEcBee
PngzIWYBjqqpHf+1ay+w6wC68TxN1WiMDPfWZCXTEnLHQcalzgb8qCg6HrL6ZrlK
ANsl82ALJ+LEoJn4WNsEc5exGDGwWcOFF0J5z51RTQv0/2+ehvLLE7+Qs59iBFP/
buVSARoFh/UcrVttPpCzf8UFK4hY+zfytpsUQ9QPi1tk/vWbOPPo1M8Mbexg+8Tv
iKx3lSt2rTIrYKyL8p3PnMKpbmEVE3vFaw1VEkuCAVC5ZvKzjMwkiFxAKXlsXFbr
8Vx3mku69QXRlHI4Tug007Eiano4Gwtjde8N+X4zrcYptg8D
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:49:02 2025 by rpki-client