Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14a1cb35-92d7-4bc2-854c-094a3829c73e.roa
File: 14a1cb35-92d7-4bc2-854c-094a3829c73e.roa (raw, json)
Hash identifier: KBzPTK6Dw92HVBA7DKu2T6vDHlX3awVBcZkhZtqPiVQ=
Subject key identifier: 11:00:8C:5F:8E:F4:DD:B7:8E:7E:A1:87:7A:DC:EF:0E:E4:4F:45:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58F91A684E276209394351635A32EEA32CED99BE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14a1cb35-92d7-4bc2-854c-094a3829c73e.roa
Signing time: Fri 11 Jul 2025 19:00:59 +0000
ROA not before: Fri 11 Jul 2025 19:00:59 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:f9:1a:68:4e:27:62:09:39:43:51:63:5a:32:ee:a3:2c:ed:99:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:00:59 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f30eb371ad550a11476645f50a32efa8c3d1817a71f4fb96e12284db3574b9d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8b:cd:0c:a1:19:33:a2:69:26:44:27:0d:2d:
2a:b1:b1:a2:62:20:f8:33:f4:a1:8b:a6:d9:27:aa:
28:f9:52:21:3b:82:50:f4:93:c2:b1:41:0d:35:03:
7c:ce:da:1d:36:96:b9:45:dc:09:01:06:68:e8:e7:
01:5a:fa:c2:27:2a:2a:5b:a7:90:41:2d:7a:67:34:
cf:92:50:ad:49:9f:a9:03:c8:19:c5:a8:77:d7:22:
fe:ae:9c:7b:dc:be:46:77:16:fc:8d:c6:a1:5e:ef:
12:9c:8e:35:89:01:b4:ba:16:3d:74:50:d1:90:cf:
9a:12:33:d6:da:06:ef:ea:91:64:f3:4b:07:42:4b:
34:5e:1e:52:6f:87:99:e8:73:9c:38:34:2b:d9:e6:
08:fc:e8:d3:e4:c8:c2:a3:c9:f4:08:42:46:6d:d9:
da:6b:af:6f:4a:b9:b1:95:20:74:77:37:7c:36:96:
1f:12:aa:11:15:64:06:ac:e1:ff:98:09:b4:0c:47:
c4:0b:4c:36:8f:4b:42:30:27:be:69:b2:9f:be:15:
75:d1:07:38:b3:b2:99:cf:b3:87:0b:72:80:f4:bc:
84:5a:fc:64:a2:37:6c:d4:5c:93:09:df:70:b1:83:
b1:92:39:ec:39:27:73:a4:db:39:ff:aa:1e:cc:4a:
b3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:00:8C:5F:8E:F4:DD:B7:8E:7E:A1:87:7A:DC:EF:0E:E4:4F:45:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14a1cb35-92d7-4bc2-854c-094a3829c73e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8040::/48
Signature Algorithm: sha256WithRSAEncryption
55:18:63:cf:91:9e:77:b0:77:30:d1:61:7e:68:aa:32:c2:3a:
51:d9:00:60:95:e8:e6:ea:a7:a1:7c:87:9b:43:ce:12:f0:97:
20:60:3c:d7:05:00:81:c8:17:be:e3:1d:b7:ff:57:36:1b:98:
b2:55:3c:80:f0:55:1a:ab:b5:d9:eb:a7:50:45:0e:1f:77:f9:
08:6d:ea:2f:06:56:73:ae:bd:2f:41:ac:18:6a:31:47:58:9f:
36:5f:e5:3f:67:03:bc:73:57:9b:34:62:d9:2c:5e:1a:72:4e:
c0:c0:25:1b:4d:12:a0:67:41:0c:9b:6d:27:65:72:b6:65:54:
ff:54:62:a2:1e:be:ca:09:8f:10:c3:ac:75:1f:65:95:fc:92:
5e:4f:17:0b:5f:b7:07:b5:a6:62:92:98:90:3d:92:b9:4c:93:
67:82:79:f8:8a:88:b9:db:63:2b:65:c4:87:da:ab:dd:18:14:
70:1f:b8:f3:51:da:43:32:c2:84:f4:11:42:c5:fe:3d:ba:ac:
12:d1:c7:e7:71:22:af:78:58:1a:b2:c1:c1:75:5e:51:02:66:
de:6a:91:12:58:03:bd:00:ec:6c:f5:d1:50:54:ef:24:3f:18:
7d:90:30:d0:c8:62:00:80:fb:b2:df:8b:b1:ab:f0:ca:be:6e:
8f:cc:f0:23
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWPkaaE4nYgk5Q1FjWjLuoyztmb4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTAwNTlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzMGViMzcxYWQ1NTBhMTE0NzY2NDVmNTBhMzJlZmE4YzNkMTgxN2E3MWY0
ZmI5NmUxMjI4NGRiMzU3NGI5ZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyLzQyhGTOiaSZEJw0tKrGxomIg+DP0oYum2SeqKPlSITuCUPSTwrFBDTUD
fM7aHTaWuUXcCQEGaOjnAVr6wicqKlunkEEtemc0z5JQrUmfqQPIGcWod9ci/q6c
e9y+RncW/I3GoV7vEpyONYkBtLoWPXRQ0ZDPmhIz1toG7+qRZPNLB0JLNF4eUm+H
mehznDg0K9nmCPzo0+TIwqPJ9AhCRm3Z2muvb0q5sZUgdHc3fDaWHxKqERVkBqzh
/5gJtAxHxAtMNo9LQjAnvmmyn74VddEHOLOymc+zhwtygPS8hFr8ZKI3bNRckwnf
cLGDsZI57Dknc6TbOf+qHsxKs9sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQRAIxf
jvTdt45+oYd63O8O5E9FnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTRhMWNiMzUtOTJkNy00YmMyLTg1NGMtMDk0YTM4MjljNzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
QDANBgkqhkiG9w0BAQsFAAOCAQEAVRhjz5Ged7B3MNFhfmiqMsI6UdkAYJXo5uqn
oXyHm0POEvCXIGA81wUAgcgXvuMdt/9XNhuYslU8gPBVGqu12eunUEUOH3f5CG3q
LwZWc669L0GsGGoxR1ifNl/lP2cDvHNXmzRi2SxeGnJOwMAlG00SoGdBDJttJ2Vy
tmVU/1Rioh6+ygmPEMOsdR9llfySXk8XC1+3B7WmYpKYkD2SuUyTZ4J5+IqIudtj
K2XEh9qr3RgUcB+481HaQzLChPQRQsX+PbqsEtHH53Eir3hYGrLBwXVeUQJm3mqR
ElgDvQDsbPXRUFTvJD8YfZAw0MhiAID7st+Lsavwyr5uj8zwIw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:35:23 2025 by rpki-client