Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
File: c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa (raw, json)
Hash identifier: lxcFlcyLsHQwYAOIrCojCRd6YmRsnecYrHYWgxB02CQ=
Subject key identifier: FD:CC:DC:6E:BC:9E:F1:32:DC:72:79:B4:E2:11:81:40:C3:E6:6F:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11CD4CAF069857019E5A6A07FB33D744F6165DF5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
Signing time: Mon 16 Jun 2025 20:20:12 +0000
ROA not before: Mon 16 Jun 2025 20:20:12 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:cd:4c:af:06:98:57:01:9e:5a:6a:07:fb:33:d7:44:f6:16:5d:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:20:12 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=82ab787cc2f3797636d15f6e67b040fd6152b57075f854713e61c9dfeccac15d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a4:07:2e:e0:28:cf:cf:40:4c:3a:59:ea:44:
73:bf:25:62:4b:9f:08:d3:ce:8d:83:e3:7b:79:8d:
fc:0b:45:ef:d9:d5:89:5b:5a:ab:ca:a8:45:42:d2:
72:95:b9:b6:61:b4:dd:f6:02:6b:df:6c:7d:fa:83:
e5:d3:04:15:74:47:be:8f:97:3e:e7:d8:08:e7:cc:
64:2a:dc:c5:b6:09:c2:b7:af:d7:78:ed:4c:3f:3f:
6d:46:fb:bc:1d:7e:77:f1:63:45:c9:b1:e1:27:dd:
d8:93:90:9d:06:5d:6e:c8:c0:1c:1e:06:56:8f:f8:
9d:7c:a5:2a:c8:f9:12:17:05:ec:95:72:f6:8e:8e:
21:f4:30:91:81:3b:20:1e:b6:05:43:ad:66:24:c2:
ae:06:34:e8:72:32:fc:17:3b:3b:a9:2a:41:90:ed:
88:b0:14:fe:34:60:65:44:ef:39:8d:ec:1f:05:20:
68:df:62:d7:7e:0f:83:95:54:58:bc:1e:39:9a:71:
13:a2:98:0f:80:3b:10:e1:20:54:3f:92:1d:0c:6d:
64:9f:a2:2a:f1:39:69:d9:22:9b:2a:24:ee:a7:d3:
68:22:5a:76:87:e6:13:7e:1d:bb:50:bd:60:e2:75:
30:04:f9:42:a2:26:0a:cb:be:c6:01:26:12:5c:4a:
e8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:CC:DC:6E:BC:9E:F1:32:DC:72:79:B4:E2:11:81:40:C3:E6:6F:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2000::/40
Signature Algorithm: sha256WithRSAEncryption
5d:f7:a3:14:98:8c:b9:33:92:96:56:05:e6:27:b2:77:73:6c:
68:bf:8a:50:b9:bb:e5:b0:f1:21:01:9b:33:38:71:26:7f:ba:
8c:17:64:d2:4e:33:ef:bf:a6:b7:bc:50:af:4d:e7:7b:b8:1f:
8b:bc:32:4a:75:d3:c0:d2:05:6c:c8:57:ca:30:d1:05:6f:26:
b5:f0:b8:0a:27:56:8a:81:54:3d:74:de:c7:89:a8:19:c7:60:
37:a0:e3:81:b2:15:c3:bc:c7:25:23:7b:2a:6e:4a:fa:1f:d0:
4c:3f:fd:66:bf:47:9c:04:d1:d3:a1:95:d5:cd:3d:9d:df:9b:
fd:5f:df:b7:11:b9:92:08:1b:c9:f9:bb:32:6b:f0:68:19:0e:
b7:de:45:5d:50:01:82:75:94:85:3a:c7:93:81:0a:b9:a5:a9:
56:59:57:42:59:d3:e0:d4:42:9d:bb:04:f1:6e:93:d6:9d:c1:
f7:bf:43:d8:a1:0a:db:88:ce:14:e0:c8:73:e6:dd:c3:4d:1a:
87:48:5e:3b:1b:9b:38:75:f7:df:5c:55:77:3b:0a:47:2a:fd:
47:ad:03:ac:7b:80:66:41:cd:af:1b:d9:67:8c:68:dc:a3:0e:
11:d7:64:45:88:a2:57:54:c6:0b:f2:32:82:83:53:be:1a:90:
90:cd:9d:7a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEc1MrwaYVwGeWmoH+zPXRPYWXfUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIwMTJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyYWI3ODdjYzJmMzc5NzYzNmQxNWY2ZTY3YjA0MGZkNjE1MmI1NzA3NWY4
NTQ3MTNlNjFjOWRmZWNjYWMxNWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOGkBy7gKM/PQEw6WepEc78lYkufCNPOjYPje3mN/AtF79nViVtaq8qoRULS
cpW5tmG03fYCa99sffqD5dMEFXRHvo+XPufYCOfMZCrcxbYJwrev13jtTD8/bUb7
vB1+d/FjRcmx4Sfd2JOQnQZdbsjAHB4GVo/4nXylKsj5EhcF7JVy9o6OIfQwkYE7
IB62BUOtZiTCrgY06HIy/Bc7O6kqQZDtiLAU/jRgZUTvOY3sHwUgaN9i134Pg5VU
WLweOZpxE6KYD4A7EOEgVD+SHQxtZJ+iKvE5adkimyok7qfTaCJadofmE34du1C9
YOJ1MAT5QqImCsu+xgEmElxK6OMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT9zNxu
vJ7xMtxyebTiEYFAw+ZvazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzNmNGIwZTAtZGY2ZC00ODFhLThkNzUtNzcwOWU1NDVkMWU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIg
MA0GCSqGSIb3DQEBCwUAA4IBAQBd96MUmIy5M5KWVgXmJ7J3c2xov4pQubvlsPEh
AZszOHEmf7qMF2TSTjPvv6a3vFCvTed7uB+LvDJKddPA0gVsyFfKMNEFbya18LgK
J1aKgVQ9dN7HiagZx2A3oOOBshXDvMclI3sqbkr6H9BMP/1mv0ecBNHToZXVzT2d
35v9X9+3EbmSCBvJ+bsya/BoGQ633kVdUAGCdZSFOseTgQq5palWWVdCWdPg1EKd
uwTxbpPWncH3v0PYoQrbiM4U4Mhz5t3DTRqHSF47G5s4dfffXFV3OwpHKv1HrQOs
e4BmQc2vG9lnjGjcow4R12RFiKJXVMYL8jKCg1O+GpCQzZ16
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:05 2025 by rpki-client