Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c5796c8a-c7f2-4888-9a17-c80093c07957.roa
File: c5796c8a-c7f2-4888-9a17-c80093c07957.roa (raw, json)
Hash identifier: POOsJqnvDYRPpKMEJMFPQUbg5+mRpJqCF4pva0Slda8=
Subject key identifier: F1:E9:17:5A:3D:C4:07:46:3A:AC:CA:49:B1:28:18:71:9E:91:BD:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 57936788B87C5F8B12D4CC8BB373BAC01F4AB4E7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c5796c8a-c7f2-4888-9a17-c80093c07957.roa
Signing time: Mon 16 Jun 2025 20:50:08 +0000
ROA not before: Mon 16 Jun 2025 20:50:08 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:80c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:93:67:88:b8:7c:5f:8b:12:d4:cc:8b:b3:73:ba:c0:1f:4a:b4:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:50:08 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=052ffa97ac60d17ad5e8d24c816f466297a4dd75dfcd478ca88df42987511f16, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b1:bc:30:f1:99:f5:db:45:53:4b:4c:d4:d7:
2d:a8:c6:3a:0d:bc:6a:ce:17:82:70:08:57:0a:53:
bb:74:db:63:94:ce:b8:8f:97:84:d1:85:c9:79:34:
8e:84:59:76:c4:a7:6d:81:dd:f5:a7:54:0e:70:55:
bd:a6:f4:fc:7c:5e:09:cd:d8:80:bd:2d:3b:b0:48:
76:33:40:2a:92:4c:3b:c5:af:00:a6:81:08:e9:ca:
09:56:18:ed:17:0a:e4:ac:13:4d:a7:eb:fc:2e:7b:
f5:2a:dc:bb:4c:65:71:cd:53:c5:54:90:64:02:e8:
12:6d:14:6b:4b:0b:c0:a4:e9:6e:25:96:c6:31:ae:
72:21:45:75:9d:08:5a:3a:f3:3a:49:4d:0f:a2:10:
5d:0e:e0:d6:79:3c:f6:80:ca:00:2a:65:d8:f0:b7:
c3:d8:54:09:68:5e:8b:a8:8e:1f:64:f2:29:94:1f:
b7:16:f7:39:16:44:a9:54:d0:a5:40:54:7f:f5:16:
ac:71:a9:e4:1d:0a:15:99:8b:0b:92:94:54:64:88:
d8:46:c4:61:90:1d:2a:70:6a:58:fa:c7:0a:c2:e7:
fd:21:73:95:5b:99:96:d9:d2:05:f8:1f:6a:0e:4e:
34:2f:d5:24:0d:08:67:b1:ab:67:d0:c9:40:4e:a9:
06:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E9:17:5A:3D:C4:07:46:3A:AC:CA:49:B1:28:18:71:9E:91:BD:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c5796c8a-c7f2-4888-9a17-c80093c07957.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:80c0::/46
Signature Algorithm: sha256WithRSAEncryption
66:8c:61:b6:65:51:b6:8f:c6:9c:a0:2c:17:de:a0:fe:9e:3a:
d2:ce:29:9f:53:ed:7c:f9:1c:6c:4b:e1:86:73:a9:0b:35:3d:
19:a5:76:cc:8f:63:9b:0a:0a:e0:b6:38:89:15:76:e2:91:e1:
d1:eb:11:28:5e:1a:66:25:3b:02:d1:15:de:5e:62:50:a5:22:
c4:ec:59:72:41:91:ff:17:91:5e:e2:02:e4:51:12:57:8f:0d:
b7:1f:96:54:b9:29:c7:ad:b9:6c:2a:6a:07:c7:0f:7b:c0:5b:
34:33:14:6b:73:2b:f6:87:3e:7e:d0:3c:14:15:f3:06:04:75:
87:66:22:21:bf:c9:76:46:4a:1a:a0:42:29:ef:02:03:7d:e3:
15:26:9f:91:2f:4e:ac:8f:39:61:54:f8:0f:9a:f2:21:b1:77:
78:7f:e7:1d:a0:e2:98:da:d1:ef:1a:eb:46:3f:bf:8e:41:6d:
45:59:7d:07:d2:1b:ba:8f:d9:24:0e:56:cc:2b:0c:6a:89:4e:
db:51:29:81:4b:fd:cf:3b:e2:98:98:fd:a5:d6:03:fa:b7:c8:
db:df:a3:94:31:3e:bf:2e:02:a6:8a:ce:3f:70:f3:bd:5e:3e:
5e:70:89:56:3c:dd:be:48:fe:64:34:cb:d3:71:1a:d1:c9:3a:
d3:4c:4d:c7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUV5NniLh8X4sS1MyLs3O6wB9KtOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDUwMDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1MmZmYTk3YWM2MGQxN2FkNWU4ZDI0YzgxNmY0NjYyOTdhNGRkNzVkZmNk
NDc4Y2E4OGRmNDI5ODc1MTFmMTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKixvDDxmfXbRVNLTNTXLajGOg28as4XgnAIVwpTu3TbY5TOuI+XhNGFyXk0
joRZdsSnbYHd9adUDnBVvab0/HxeCc3YgL0tO7BIdjNAKpJMO8WvAKaBCOnKCVYY
7RcK5KwTTafr/C579Srcu0xlcc1TxVSQZALoEm0Ua0sLwKTpbiWWxjGuciFFdZ0I
WjrzOklND6IQXQ7g1nk89oDKACpl2PC3w9hUCWhei6iOH2TyKZQftxb3ORZEqVTQ
pUBUf/UWrHGp5B0KFZmLC5KUVGSI2EbEYZAdKnBqWPrHCsLn/SFzlVuZltnSBfgf
ag5ONC/VJA0IZ7GrZ9DJQE6pBpMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTx6Rda
PcQHRjqsykmxKBhxnpG9wzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzU3OTZjOGEtYzdmMi00ODg4LTlhMTctYzgwMDkzYzA3OTU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWA
wDANBgkqhkiG9w0BAQsFAAOCAQEAZoxhtmVRto/GnKAsF96g/p460s4pn1PtfPkc
bEvhhnOpCzU9GaV2zI9jmwoK4LY4iRV24pHh0esRKF4aZiU7AtEV3l5iUKUixOxZ
ckGR/xeRXuIC5FESV48Ntx+WVLkpx625bCpqB8cPe8BbNDMUa3Mr9oc+ftA8FBXz
BgR1h2YiIb/JdkZKGqBCKe8CA33jFSafkS9OrI85YVT4D5ryIbF3eH/nHaDimNrR
7xrrRj+/jkFtRVl9B9Ibuo/ZJA5WzCsMaolO21EpgUv9zzvimJj9pdYD+rfI29+j
lDE+vy4CporOP3DzvV4+XnCJVjzdvkj+ZDTL03Ea0ck600xNxw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:35 2025 by rpki-client