Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e17dcec5-9d55-4765-8f83-957d1f5c0010.roa
File: e17dcec5-9d55-4765-8f83-957d1f5c0010.roa (raw, json)
Hash identifier: R7GfJ4ly7IH0HNGogUIRf6a+1Opbc6ZL6mCRy3qCH8Y=
Subject key identifier: 48:F9:9F:68:3D:16:F4:A2:7C:F1:E1:A7:D8:CC:D3:A5:02:9C:19:F1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7DCA3C9F6E0F12C41E58EA2FD94681ECEDA55720
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e17dcec5-9d55-4765-8f83-957d1f5c0010.roa
Signing time: Mon 16 Jun 2025 20:41:21 +0000
ROA not before: Mon 16 Jun 2025 20:41:21 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:ca:3c:9f:6e:0f:12:c4:1e:58:ea:2f:d9:46:81:ec:ed:a5:57:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:41:21 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=c1268ff3bcff5b389d2e822dc32df7a36c465742438bcc255cdf4d83d7405a0a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:24:16:71:40:29:9b:ce:10:8a:34:05:cd:0d:
27:e5:0a:10:2f:c2:89:06:06:11:35:36:65:22:65:
5f:ff:07:1b:b5:f6:fe:b5:82:bb:86:ea:a7:fe:86:
d4:6c:99:12:53:33:10:f8:86:17:2c:16:51:38:a6:
e5:33:93:25:ea:dc:17:e2:52:89:2b:52:57:4b:a0:
c3:bd:e0:f6:7d:2d:77:f4:b0:fe:83:a1:ae:71:98:
98:1c:88:54:2e:5f:8c:4c:a5:1d:95:e1:28:84:7b:
f1:1b:d7:33:74:c4:fb:6a:bf:d4:25:04:15:bf:d2:
f1:fe:44:6c:71:cf:bb:77:d8:bb:ff:67:b3:d8:a6:
52:35:24:94:e0:8b:05:a4:f6:09:a9:00:e6:7d:28:
5d:13:2e:1a:3c:b3:ff:68:ed:0d:3c:55:d5:55:09:
d8:f1:64:03:8a:2a:ad:dd:88:19:3f:6a:21:5b:04:
73:1b:3f:b7:9c:0a:ab:85:af:46:31:65:3e:1f:e5:
a4:f4:d6:d7:e0:a8:98:68:8d:94:10:a0:28:e1:6f:
73:26:c1:e0:75:2d:95:21:d5:9a:27:c3:07:d9:58:
3e:18:e3:91:f2:e3:b6:54:0e:25:9a:5e:53:3f:49:
4c:fc:12:89:f6:9b:4d:ce:76:41:36:9c:9b:36:b3:
fa:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:F9:9F:68:3D:16:F4:A2:7C:F1:E1:A7:D8:CC:D3:A5:02:9C:19:F1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e17dcec5-9d55-4765-8f83-957d1f5c0010.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8020::/46
Signature Algorithm: sha256WithRSAEncryption
51:3d:27:c5:96:de:d9:f2:f0:96:dc:6a:b9:f3:2f:ac:9a:7e:
2f:4e:5a:7f:97:f4:ed:ac:a9:e4:f2:0f:32:18:c9:2d:c1:4d:
8f:9e:cc:64:8d:b2:ff:16:1c:65:05:41:ed:f8:61:dc:34:e2:
c4:50:43:e5:f4:74:34:76:3d:a0:44:cf:5a:85:b6:aa:dd:60:
29:f4:c8:f9:a8:ff:59:d8:5c:ae:76:5d:b9:ad:81:0b:cd:90:
be:b1:dc:f2:d6:cc:cf:73:df:08:c5:ee:7a:66:43:34:99:27:
dc:a7:3d:0e:a7:2f:e4:2d:63:f1:2d:11:8c:4d:e5:ce:a9:06:
a2:85:90:bd:72:0b:43:d0:cd:0d:1e:6c:23:57:90:ea:42:ea:
49:42:74:e1:cc:06:8b:37:92:eb:1b:f1:c9:88:c7:a4:d2:76:
08:ff:72:e2:fe:8d:a5:e7:b1:48:09:9e:9c:b7:88:9a:e7:3d:
dc:34:ff:ea:5e:bb:2f:37:f3:16:ce:63:14:e8:01:e3:df:50:
18:3a:ba:4d:d4:3c:b5:cd:d6:68:3d:0b:5e:63:b4:bd:18:9f:
a0:c8:61:3d:0d:ca:59:c0:a8:41:b1:c4:7b:80:69:ac:9f:a4:
f6:9e:8d:85:fd:36:56:f5:ed:a7:15:ad:3b:a8:f7:a9:37:2c:
1e:c1:ed:4c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfco8n24PEsQeWOov2UaB7O2lVyAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDQxMjFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxMjY4ZmYzYmNmZjViMzg5ZDJlODIyZGMzMmRmN2EzNmM0NjU3NDI0Mzhi
Y2MyNTVjZGY0ZDgzZDc0MDVhMGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIkFnFAKZvOEIo0Bc0NJ+UKEC/CiQYGETU2ZSJlX/8HG7X2/rWCu4bqp/6G
1GyZElMzEPiGFywWUTim5TOTJercF+JSiStSV0ugw73g9n0td/Sw/oOhrnGYmByI
VC5fjEylHZXhKIR78RvXM3TE+2q/1CUEFb/S8f5EbHHPu3fYu/9ns9imUjUklOCL
BaT2CakA5n0oXRMuGjyz/2jtDTxV1VUJ2PFkA4oqrd2IGT9qIVsEcxs/t5wKq4Wv
RjFlPh/lpPTW1+ComGiNlBCgKOFvcybB4HUtlSHVmifDB9lYPhjjkfLjtlQOJZpe
Uz9JTPwSifabTc52QTacmzaz+lsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRI+Z9o
PRb0onzx4afYzNOlApwZ8TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTE3ZGNlYzUtOWQ1NS00NzY1LThmODMtOTU3ZDFmNWMwMDEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWA
IDANBgkqhkiG9w0BAQsFAAOCAQEAUT0nxZbe2fLwltxqufMvrJp+L05af5f07ayp
5PIPMhjJLcFNj57MZI2y/xYcZQVB7fhh3DTixFBD5fR0NHY9oETPWoW2qt1gKfTI
+aj/WdhcrnZdua2BC82QvrHc8tbMz3PfCMXuemZDNJkn3Kc9Dqcv5C1j8S0RjE3l
zqkGooWQvXILQ9DNDR5sI1eQ6kLqSUJ04cwGizeS6xvxyYjHpNJ2CP9y4v6Npeex
SAmenLeImuc93DT/6l67LzfzFs5jFOgB499QGDq6TdQ8tc3WaD0LXmO0vRifoMhh
PQ3KWcCoQbHEe4BprJ+k9p6Nhf02VvXtpxWtO6j3qTcsHsHtTA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:00 2025 by rpki-client