Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c57a644-0d1c-4126-9684-e345f93c1560.roa
File: 5c57a644-0d1c-4126-9684-e345f93c1560.roa (raw, json)
Hash identifier: xEQRYzBvUCyYlkDO+yUWFSvi+enc+/sinwGjN+7oHNk=
Subject key identifier: 5E:C6:D5:63:21:BB:C1:81:2F:BD:C0:64:F0:9B:DB:1D:94:31:B0:6E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1160E31306D8ABA7DDD06EB90E97BE9185567CB5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c57a644-0d1c-4126-9684-e345f93c1560.roa
Signing time: Fri 11 Jul 2025 19:21:31 +0000
ROA not before: Fri 11 Jul 2025 19:21:31 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:60:e3:13:06:d8:ab:a7:dd:d0:6e:b9:0e:97:be:91:85:56:7c:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:21:31 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a2f66512659d9de7fe025f7abc37e69293992f6fdf3497cc642c8fbc669f2ed5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ec:a8:b7:4e:6f:10:88:80:ba:eb:02:71:18:
91:b2:5e:5e:38:16:fe:2d:09:bd:bb:27:a9:e0:d8:
0f:f7:c7:c4:1d:52:cb:af:f0:2e:de:cc:d1:60:1a:
df:e1:c9:12:d8:85:26:2a:ce:e4:51:b9:35:d1:a7:
76:f5:e1:d8:e6:3b:39:18:ee:92:dd:c1:59:7a:3f:
b7:97:84:ca:6e:44:e5:7d:86:c5:bb:aa:10:23:f8:
43:d6:f5:b5:7f:29:f3:80:70:11:17:32:3e:2c:84:
fa:a6:53:2b:de:72:59:70:5f:e1:9a:61:21:b3:6f:
b3:2b:16:0c:95:3a:a7:a8:d1:f4:f8:d4:48:96:57:
24:e1:a3:d7:da:7a:30:6c:a9:6b:59:4e:7f:06:f3:
6e:22:76:07:fc:a7:de:b0:31:01:ca:48:1f:9c:c4:
77:0d:a5:a5:19:8d:e3:f0:86:4f:53:ef:88:66:16:
9f:59:92:0b:1a:71:8e:4e:63:15:3c:02:59:22:c8:
12:55:71:66:d3:66:1d:07:a3:2d:aa:df:2e:d0:ab:
bd:f5:86:fa:e1:2b:72:4e:5f:b5:b4:38:da:45:67:
2e:95:c6:9c:cc:59:a0:f1:5c:68:3a:27:0f:87:fe:
d3:ff:d9:51:c8:0c:7b:86:7e:05:d7:6f:72:91:ae:
f1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C6:D5:63:21:BB:C1:81:2F:BD:C0:64:F0:9B:DB:1D:94:31:B0:6E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c57a644-0d1c-4126-9684-e345f93c1560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:9040::/48
Signature Algorithm: sha256WithRSAEncryption
60:a6:d2:4f:6e:9c:a3:85:12:a0:e9:c3:fb:a1:3e:08:58:62:
c1:37:c1:37:3e:0d:11:dd:2d:a8:c5:76:b4:b5:70:42:8e:ca:
aa:40:38:80:be:3e:59:18:10:7b:f3:67:0d:b1:0e:8f:cc:e9:
67:fa:94:50:f8:1b:66:98:f6:26:42:b1:4d:dc:df:c5:7b:bb:
d4:cb:ea:60:00:6a:d9:2f:4a:a0:ce:54:6e:97:e8:09:94:20:
e3:e9:58:ce:02:87:bb:5b:80:d2:79:ad:45:ee:00:23:65:30:
0c:2c:b6:dc:6a:d0:b5:15:be:b9:49:c6:a9:38:ec:c3:f9:02:
6e:91:7a:72:a1:88:f1:ae:e3:12:47:62:f2:62:77:c5:3a:f7:
f0:27:83:da:5c:97:77:af:bf:7d:f9:79:8e:6e:89:ba:e0:be:
c0:24:cd:42:6f:47:d3:d6:66:d8:89:6d:2a:c1:6e:45:87:03:
db:f2:53:82:5b:2c:1a:11:14:3e:54:64:26:e2:19:c8:b2:75:
5a:a8:ba:95:d9:30:e8:45:b0:e6:bb:66:a0:c5:cf:26:cc:18:
ae:0e:07:6b:2f:55:2c:11:99:1c:3c:68:a6:a1:57:32:10:7a:
e3:fc:d7:9c:57:f1:a3:cf:14:d1:85:5f:78:e6:05:06:5b:e1:
65:ea:7c:4d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEWDjEwbYq6fd0G65Dpe+kYVWfLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIxMzFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyZjY2NTEyNjU5ZDlkZTdmZTAyNWY3YWJjMzdlNjkyOTM5OTJmNmZkZjM0
OTdjYzY0MmM4ZmJjNjY5ZjJlZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPsqLdObxCIgLrrAnEYkbJeXjgW/i0JvbsnqeDYD/fHxB1Sy6/wLt7M0WAa
3+HJEtiFJirO5FG5NdGndvXh2OY7ORjukt3BWXo/t5eEym5E5X2GxbuqECP4Q9b1
tX8p84BwERcyPiyE+qZTK95yWXBf4ZphIbNvsysWDJU6p6jR9PjUSJZXJOGj19p6
MGypa1lOfwbzbiJ2B/yn3rAxAcpIH5zEdw2lpRmN4/CGT1PviGYWn1mSCxpxjk5j
FTwCWSLIElVxZtNmHQejLarfLtCrvfWG+uErck5ftbQ42kVnLpXGnMxZoPFcaDon
D4f+0//ZUcgMe4Z+BddvcpGu8RECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRextVj
IbvBgS+9wGTwm9sdlDGwbjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM1N2E2NDQtMGQxYy00MTI2LTk2ODQtZTM0NWY5M2MxNTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAYKbST26co4USoOnD+6E+CFhiwTfBNz4NEd0t
qMV2tLVwQo7KqkA4gL4+WRgQe/NnDbEOj8zpZ/qUUPgbZpj2JkKxTdzfxXu71Mvq
YABq2S9KoM5UbpfoCZQg4+lYzgKHu1uA0nmtRe4AI2UwDCy23GrQtRW+uUnGqTjs
w/kCbpF6cqGI8a7jEkdi8mJ3xTr38CeD2lyXd6+/ffl5jm6JuuC+wCTNQm9H09Zm
2IltKsFuRYcD2/JTglssGhEUPlRkJuIZyLJ1Wqi6ldkw6EWw5rtmoMXPJswYrg4H
ay9VLBGZHDxopqFXMhB64/zXnFfxo88U0YVfeOYFBlvhZep8TQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:47 2025 by rpki-client