Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa
File: fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa (raw, json)
Hash identifier: FBgLpjBvGEK84ieq0NBMXTkAdmUzok7fNAQHoOQ3wgM=
Subject key identifier: 38:26:E6:86:A5:7E:E1:9B:99:99:BD:39:63:3A:B9:04:05:B3:60:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36F5B89F772E9EB0288502A6A35B35DAE0F9BEB7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa
Signing time: Mon 16 Jun 2025 19:51:04 +0000
ROA not before: Mon 16 Jun 2025 19:51:04 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:f5:b8:9f:77:2e:9e:b0:28:85:02:a6:a3:5b:35:da:e0:f9:be:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:51:04 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=9f0ae41fe8679f6f2e1daf0f16e4badfdad95dc069a4f5b2f024e2d13bcce93c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7c:a2:1f:46:ea:71:b4:88:5e:66:29:5c:b1:
63:4f:d0:6b:f4:a8:5a:9b:e0:ae:28:9c:6a:0c:c1:
b5:88:7b:0c:c9:5a:bc:7e:d5:66:20:57:f1:47:cf:
f0:9f:0a:a2:e3:fa:e5:4f:c1:7f:9d:db:c6:94:72:
1d:a4:72:cc:78:6f:89:6e:3a:07:8a:d1:52:9d:92:
88:8e:2d:58:74:63:f0:1b:89:ff:cd:7c:00:17:51:
42:8e:05:d9:3a:97:9a:0e:38:93:d6:ad:19:81:03:
a4:39:16:0d:d9:80:ee:1d:7e:db:cc:75:04:53:41:
ce:0c:15:3f:19:19:13:3f:a3:41:7b:01:89:19:a0:
a0:c3:4c:1a:9e:fb:16:54:10:b7:08:42:b3:d1:bc:
c6:df:ef:aa:6f:8c:84:2e:37:3c:dc:21:01:ca:83:
29:5f:4e:d9:0f:30:1e:9e:82:43:9c:b8:20:02:c2:
da:00:5a:d8:d0:f2:2f:3c:0b:b7:6a:17:b1:d1:df:
a1:b9:b8:2d:26:f9:17:e1:f1:01:74:e6:fb:ca:2c:
d6:bc:70:70:83:97:fb:e5:d1:ee:46:ae:b1:9c:a4:
c1:80:f9:2e:7c:00:26:ea:26:f8:94:4a:8f:7a:74:
6e:cd:dc:51:f3:ec:f7:42:30:3a:51:60:42:d3:9e:
49:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:26:E6:86:A5:7E:E1:9B:99:99:BD:39:63:3A:B9:04:05:B3:60:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4060::/48
Signature Algorithm: sha256WithRSAEncryption
9d:6d:57:54:bf:4c:d2:f6:2b:38:e3:28:1c:bc:47:12:88:42:
aa:18:c9:c8:24:f1:d6:e5:c8:51:5a:3c:5b:ac:f6:61:b0:4d:
b6:fd:25:c0:75:3f:51:8d:df:f7:48:a1:82:23:37:44:3a:53:
31:dc:eb:8d:89:87:43:d9:00:13:94:77:27:16:6b:71:e2:5d:
4b:3c:17:ef:cc:87:25:5d:c2:be:6d:11:cf:3b:a4:12:59:4e:
67:23:3f:7b:d6:78:bd:65:dd:e4:f4:73:de:0e:28:9e:3a:2f:
14:84:1d:c6:7e:4a:85:a4:2d:46:66:f0:85:d5:1b:58:68:eb:
a7:06:df:42:4f:d2:ed:f5:a0:6c:0e:55:d8:f6:db:be:af:35:
4f:cd:cd:24:32:a0:bf:a0:98:b7:d9:2e:0e:ca:d8:6a:e5:81:
59:21:74:b1:aa:4f:5a:47:ba:90:28:e4:8f:df:0c:db:2c:17:
1b:60:94:bb:7f:ca:ad:e8:a6:7b:9c:dc:b5:05:27:f2:98:16:
1b:32:c3:9a:09:8d:e0:a7:50:53:26:4b:40:65:97:c4:1d:8c:
7f:c7:6b:39:df:71:de:a7:a9:06:f2:9b:91:f2:ce:53:6a:ad:
40:8c:b2:f5:48:ab:d3:a4:b5:3f:1a:41:c5:0d:e0:27:96:4e:
df:5b:d7:fa
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNvW4n3cunrAohQKmo1s12uD5vrcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUxMDRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmMGFlNDFmZTg2NzlmNmYyZTFkYWYwZjE2ZTRiYWRmZGFkOTVkYzA2OWE0
ZjViMmYwMjRlMmQxM2JjY2U5M2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ58oh9G6nG0iF5mKVyxY0/Qa/SoWpvgriicagzBtYh7DMlavH7VZiBX8UfP
8J8KouP65U/Bf53bxpRyHaRyzHhviW46B4rRUp2SiI4tWHRj8BuJ/818ABdRQo4F
2TqXmg44k9atGYEDpDkWDdmA7h1+28x1BFNBzgwVPxkZEz+jQXsBiRmgoMNMGp77
FlQQtwhCs9G8xt/vqm+MhC43PNwhAcqDKV9O2Q8wHp6CQ5y4IALC2gBa2NDyLzwL
t2oXsdHfobm4LSb5F+HxAXTm+8os1rxwcIOX++XR7kausZykwYD5LnwAJuom+JRK
j3p0bs3cUfPs90IwOlFgQtOeSfsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ4JuaG
pX7hm5mZvTljOrkEBbNghDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmI0NTVmNWQtNmNlNi00MzczLWI1YmMtMWMxZTAzNGExNDhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
YDANBgkqhkiG9w0BAQsFAAOCAQEAnW1XVL9M0vYrOOMoHLxHEohCqhjJyCTx1uXI
UVo8W6z2YbBNtv0lwHU/UY3f90ihgiM3RDpTMdzrjYmHQ9kAE5R3JxZrceJdSzwX
78yHJV3Cvm0RzzukEllOZyM/e9Z4vWXd5PRz3g4onjovFIQdxn5KhaQtRmbwhdUb
WGjrpwbfQk/S7fWgbA5V2Pbbvq81T83NJDKgv6CYt9kuDsrYauWBWSF0sapPWke6
kCjkj98M2ywXG2CUu3/Kreime5zctQUn8pgWGzLDmgmN4KdQUyZLQGWXxB2Mf8dr
Od9x3qepBvKbkfLOU2qtQIyy9Uir06S1PxpBxQ3gJ5ZO31vX+g==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:36 2025 by rpki-client