Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf1db0f3-6cad-4fcc-96c5-ddde700e6264.roa
File: bf1db0f3-6cad-4fcc-96c5-ddde700e6264.roa (raw, json)
Hash identifier: KETlDWBUJ8fym3zGCVLEJM2uZN+v86rZXBB5uL7PLOc=
Subject key identifier: 40:A6:E7:80:0E:89:4F:12:F1:34:57:C4:DF:25:0C:46:19:A5:DF:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C671ABE1FFBCBCDF334B7CD3B7D3B8BA28646C4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf1db0f3-6cad-4fcc-96c5-ddde700e6264.roa
Signing time: Mon 16 Jun 2025 21:10:13 +0000
ROA not before: Mon 16 Jun 2025 21:10:13 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:67:1a:be:1f:fb:cb:cd:f3:34:b7:cd:3b:7d:3b:8b:a2:86:46:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:10:13 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=31896d50d8f31db209a8381f1e25a248fa5e6f61de6ece41ebf4bf59b976e759, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:22:10:aa:68:65:f3:a2:b9:02:6e:18:aa:ad:
b9:77:6c:96:0f:1d:34:84:1a:21:6c:50:2e:c0:69:
b2:a0:6a:5b:5d:cd:c3:68:32:d3:01:eb:a8:21:a0:
e4:96:7e:0f:26:1c:8e:cc:09:2d:cd:82:0f:9d:18:
59:60:e4:c5:eb:5d:69:ba:0a:df:56:af:60:1b:d0:
38:dc:62:71:c1:67:f5:4a:ca:77:e0:8c:bc:2c:ca:
dd:0f:f3:bb:80:51:94:65:57:3b:38:35:95:04:6e:
39:8f:0a:a6:d7:f1:98:0f:33:b7:f3:27:b2:5e:56:
60:cd:aa:24:c3:a4:0c:45:f2:ba:0a:a3:73:62:66:
a7:ff:67:64:a0:d6:41:0c:e9:19:7c:39:c3:54:b1:
b2:65:57:75:7f:9f:d6:93:98:41:37:f6:00:c4:19:
95:4e:f2:8b:04:08:0f:6b:39:34:12:85:db:15:73:
95:e5:4d:0a:7c:58:45:2c:d0:db:2f:e4:c8:e7:6b:
7c:2a:23:29:58:e6:53:dc:54:7a:68:5d:05:23:fc:
f0:c2:2b:d9:89:54:96:25:b2:f2:4c:43:ea:73:ac:
a1:63:a0:85:a8:62:25:88:aa:39:61:0b:5b:ba:23:
aa:ad:3e:6e:33:34:f2:4b:52:01:03:5b:d8:29:a5:
b6:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A6:E7:80:0E:89:4F:12:F1:34:57:C4:DF:25:0C:46:19:A5:DF:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf1db0f3-6cad-4fcc-96c5-ddde700e6264.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:b000::/40
Signature Algorithm: sha256WithRSAEncryption
9e:b7:c1:63:29:5f:45:0a:5a:af:15:01:25:0f:3a:21:17:7a:
55:b0:14:d5:c9:1e:9c:4e:32:30:e0:c3:b7:8c:d4:ba:5d:e2:
86:d0:de:ba:40:bb:cd:5c:d2:52:74:9e:a9:07:89:e1:84:dc:
76:2b:cb:18:f4:d7:5c:32:6c:6a:ab:eb:98:35:db:93:93:fc:
cc:c6:97:51:af:69:2d:b9:69:ba:5d:cb:c4:bc:fc:bf:0f:c1:
e5:33:3d:b5:d6:a1:0a:42:9d:41:62:e8:f9:e5:f5:fd:0c:71:
fe:d6:ad:c7:5f:b3:6e:aa:71:9d:11:8e:4d:6c:28:b0:d5:dd:
55:4f:5d:4a:ba:e8:d9:28:15:f1:97:f9:a5:7a:ff:7d:f8:7d:
8e:91:7a:b6:4c:6e:a6:a4:be:e1:2d:e7:03:e5:41:ce:ce:96:
e2:a2:8c:eb:d3:c0:27:6a:42:ee:36:75:9a:fc:0e:ea:74:24:
a3:54:86:42:c4:e3:b5:48:c5:2d:b7:9e:c7:35:f5:30:df:77:
fe:73:c1:69:2e:57:f4:1f:ea:4c:9f:94:b4:91:6a:1c:86:ac:
00:ab:4a:66:e5:51:2e:d8:04:77:57:2e:18:83:81:dd:56:48:
a2:6c:88:8a:85:03:b0:ad:1a:56:e8:39:e3:19:f7:01:b0:94:
d5:64:ba:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULGcavh/7y83zNLfNO307i6KGRsQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTEwMTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxODk2ZDUwZDhmMzFkYjIwOWE4MzgxZjFlMjVhMjQ4ZmE1ZTZmNjFkZTZl
Y2U0MWViZjRiZjU5Yjk3NmU3NTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgiEKpoZfOiuQJuGKqtuXdslg8dNIQaIWxQLsBpsqBqW13Nw2gy0wHrqCGg
5JZ+DyYcjswJLc2CD50YWWDkxetdaboK31avYBvQONxiccFn9UrKd+CMvCzK3Q/z
u4BRlGVXOzg1lQRuOY8KptfxmA8zt/Mnsl5WYM2qJMOkDEXyugqjc2Jmp/9nZKDW
QQzpGXw5w1SxsmVXdX+f1pOYQTf2AMQZlU7yiwQID2s5NBKF2xVzleVNCnxYRSzQ
2y/kyOdrfCojKVjmU9xUemhdBSP88MIr2YlUliWy8kxD6nOsoWOghahiJYiqOWEL
W7ojqq0+bjM08ktSAQNb2CmltvsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRApueA
DolPEvE0V8TfJQxGGaXf5jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmYxZGIwZjMtNmNhZC00ZmNjLTk2YzUtZGRkZTcwMGU2MjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWw
MA0GCSqGSIb3DQEBCwUAA4IBAQCet8FjKV9FClqvFQElDzohF3pVsBTVyR6cTjIw
4MO3jNS6XeKG0N66QLvNXNJSdJ6pB4nhhNx2K8sY9NdcMmxqq+uYNduTk/zMxpdR
r2ktuWm6XcvEvPy/D8HlMz211qEKQp1BYuj55fX9DHH+1q3HX7NuqnGdEY5NbCiw
1d1VT11KuujZKBXxl/mlev99+H2OkXq2TG6mpL7hLecD5UHOzpbioozr08AnakLu
NnWa/A7qdCSjVIZCxOO1SMUtt57HNfUw33f+c8FpLlf0H+pMn5S0kWochqwAq0pm
5VEu2AR3Vy4Yg4HdVkiibIiKhQOwrRpW6DnjGfcBsJTVZLp0
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:26 2025 by rpki-client