Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5df7952-9afa-44d3-8d00-72b89f047d7c.roa
File: f5df7952-9afa-44d3-8d00-72b89f047d7c.roa (raw, json)
Hash identifier: cqTWt5W7YlFXSXVjj/2EiwoQ69acjZ4a3+iCDuVeQHg=
Subject key identifier: 75:B7:47:66:22:F5:C0:0D:96:65:72:B2:4C:EE:65:59:70:B9:E6:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E5C26E3885A42D94AD5C8AA989CC8C57AFD743C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5df7952-9afa-44d3-8d00-72b89f047d7c.roa
Signing time: Mon 16 Jun 2025 20:40:21 +0000
ROA not before: Mon 16 Jun 2025 20:40:21 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:60c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:5c:26:e3:88:5a:42:d9:4a:d5:c8:aa:98:9c:c8:c5:7a:fd:74:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:40:21 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=b08426ce32bf8c5fc7c2140e389182df78d34b91c08ba474ff216f484575c4a9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:3c:e5:5a:cb:d1:35:b7:f0:0e:33:cf:df:fe:
00:19:72:0c:69:cc:2b:69:71:82:58:e4:37:c4:62:
45:5c:b8:56:3f:30:9d:34:be:e3:85:7e:7a:41:fa:
c7:e8:df:b1:90:51:b8:a9:29:fe:5f:ee:c3:b0:8c:
d0:aa:2d:01:44:b4:ee:b0:22:2d:dd:fb:6f:73:99:
53:04:41:8a:e4:33:12:bf:3c:e7:2b:31:f7:84:92:
8f:5e:30:5d:2c:6d:c4:64:d6:5f:dd:43:55:fc:9a:
5f:d0:c6:ce:ee:d8:35:09:7f:15:2c:b8:dd:a9:3d:
20:55:04:c4:f9:f4:b0:40:ba:03:ec:d1:ee:a5:93:
60:69:77:ea:d0:72:47:f3:62:b8:55:b5:a7:4f:c0:
96:75:1e:3e:5b:a7:92:12:da:ac:2f:c2:6b:14:6d:
f6:fc:cd:9b:a1:95:84:94:f8:15:f1:6f:c7:e3:87:
3b:4c:6f:33:15:c1:b6:66:ec:58:df:e2:36:ad:2c:
a2:85:24:0b:c6:f7:13:98:f1:3b:15:a7:f5:dc:76:
09:9d:65:f2:c7:c8:15:43:5f:a8:01:96:ab:27:3e:
55:8f:3f:94:f3:d9:29:45:08:d3:a6:9b:a0:7b:a9:
15:dc:b3:22:45:18:b7:6a:45:bc:77:8f:4d:f7:b6:
90:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B7:47:66:22:F5:C0:0D:96:65:72:B2:4C:EE:65:59:70:B9:E6:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5df7952-9afa-44d3-8d00-72b89f047d7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
a6:0d:c4:61:02:f1:d5:20:2e:c6:13:d0:56:f7:ad:6a:21:f1:
09:30:6d:52:c0:56:bc:b9:2d:e0:3e:91:78:e4:61:f2:d9:d4:
cb:ae:14:20:40:f3:34:a5:09:7d:59:38:1b:54:cb:0f:3a:db:
0f:0e:59:f9:ec:13:30:7d:d6:06:3d:f4:d8:42:51:99:63:b5:
10:12:67:ae:e4:bb:17:03:f6:0c:d9:cf:9a:19:31:bc:39:45:
c7:dc:98:67:9b:5c:62:04:0b:f8:83:14:04:91:08:8a:f8:a1:
cd:2a:1a:86:5d:49:da:29:1b:b3:3e:3a:91:e9:91:0b:f7:6f:
9b:9c:86:fa:e0:16:cc:04:36:d7:f4:55:b6:88:58:3a:d6:63:
95:dd:b5:38:9b:e9:c0:d5:e8:6a:96:f6:ec:b4:d7:bb:33:f8:
75:e5:d9:c3:5b:10:39:e6:ed:aa:c0:90:ff:37:c7:09:80:9e:
13:bc:dd:24:d3:86:ad:92:df:d9:41:c2:11:90:ba:c8:ca:74:
6e:a7:0f:3e:e0:e3:af:8c:a3:23:43:56:41:48:56:ef:c1:b5:
12:b6:83:0e:21:43:d8:34:74:5d:9f:ec:0c:85:7e:74:24:88:
b6:09:17:75:6e:51:74:26:86:cb:76:f6:7b:1f:b2:12:91:77:
2c:de:2d:d2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUflwm44haQtlK1ciqmJzIxXr9dDwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDQwMjFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwODQyNmNlMzJiZjhjNWZjN2MyMTQwZTM4OTE4MmRmNzhkMzRiOTFjMDhi
YTQ3NGZmMjE2ZjQ4NDU3NWM0YTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO885VrL0TW38A4zz9/+ABlyDGnMK2lxgljkN8RiRVy4Vj8wnTS+44V+ekH6
x+jfsZBRuKkp/l/uw7CM0KotAUS07rAiLd37b3OZUwRBiuQzEr885ysx94SSj14w
XSxtxGTWX91DVfyaX9DGzu7YNQl/FSy43ak9IFUExPn0sEC6A+zR7qWTYGl36tBy
R/NiuFW1p0/AlnUePlunkhLarC/CaxRt9vzNm6GVhJT4FfFvx+OHO0xvMxXBtmbs
WN/iNq0sooUkC8b3E5jxOxWn9dx2CZ1l8sfIFUNfqAGWqyc+VY8/lPPZKUUI06ab
oHupFdyzIkUYt2pFvHePTfe2kC0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR1t0dm
IvXADZZlcrJM7mVZcLnmDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjVkZjc5NTItOWFmYS00NGQzLThkMDAtNzJiODlmMDQ3ZDdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Htg
wDANBgkqhkiG9w0BAQsFAAOCAQEApg3EYQLx1SAuxhPQVvetaiHxCTBtUsBWvLkt
4D6ReORh8tnUy64UIEDzNKUJfVk4G1TLDzrbDw5Z+ewTMH3WBj302EJRmWO1EBJn
ruS7FwP2DNnPmhkxvDlFx9yYZ5tcYgQL+IMUBJEIivihzSoahl1J2ikbsz46kemR
C/dvm5yG+uAWzAQ21/RVtohYOtZjld21OJvpwNXoapb27LTXuzP4deXZw1sQOebt
qsCQ/zfHCYCeE7zdJNOGrZLf2UHCEZC6yMp0bqcPPuDjr4yjI0NWQUhW78G1EraD
DiFD2DR0XZ/sDIV+dCSItgkXdW5RdCaGy3b2ex+yEpF3LN4t0g==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:36 2025 by rpki-client