Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
File: 5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa (raw, json)
Hash identifier: dYKQKkiPAFBC4Lb3EzlP/Eh7FELNrwzx+KuCtn9u9ro=
Subject key identifier: 46:D0:86:E0:09:CB:2D:D6:50:31:B8:67:F0:26:80:4F:BC:FB:39:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 649ED68870FF5CE5E009C120E2172DC367FD6C72
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
Signing time: Mon 07 Jul 2025 18:20:48 +0000
ROA not before: Mon 07 Jul 2025 18:20:48 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:9e:d6:88:70:ff:5c:e5:e0:09:c1:20:e2:17:2d:c3:67:fd:6c:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:20:48 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=e1039b7f78547ce442781253697879c03472a72591f4c5caf55e70c4f2ef65e4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f6:af:ca:64:d7:9b:80:80:f8:e0:fb:78:3a:
f2:d8:e8:34:41:82:26:b6:f9:c3:a2:1f:0b:da:a9:
2d:71:a4:2b:0f:b3:22:26:a4:76:3f:6c:8a:fe:ba:
3b:dd:db:a6:f3:c3:cb:d8:0b:8b:c7:ce:7a:66:29:
fa:f1:28:b9:44:3e:d6:9b:7a:da:8d:98:72:87:6f:
a0:00:62:23:77:d4:76:4e:80:4f:34:61:22:11:f6:
54:23:d8:1a:bc:a3:58:3c:07:f5:96:e6:f3:36:24:
2a:5f:92:9d:bf:51:a1:e5:60:46:2d:b2:5c:dc:50:
07:0a:16:2c:71:f6:ec:7b:14:1d:0f:1d:48:d3:e2:
b8:c7:fa:2e:67:b0:14:f2:7d:ef:7b:51:ba:f0:9c:
d3:be:10:fe:6e:01:ef:e8:6f:86:fe:0c:96:45:31:
4f:c4:1f:9a:43:1e:86:c6:d9:f8:cb:59:14:29:5f:
dc:f0:3f:69:f5:49:f7:61:07:dd:c5:af:cf:b4:3e:
71:fe:3b:db:cd:b1:d4:75:9b:1c:54:a3:64:c2:c6:
11:59:2f:82:6c:7c:9b:30:d4:3d:e7:f4:48:de:c9:
03:07:5d:89:b6:b8:37:4a:e2:be:c6:b7:9d:05:89:
85:47:52:c8:74:03:e8:d5:dc:03:10:5d:5e:8c:31:
0c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:D0:86:E0:09:CB:2D:D6:50:31:B8:67:F0:26:80:4F:BC:FB:39:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:880::/48
Signature Algorithm: sha256WithRSAEncryption
43:b6:40:36:bd:a2:8f:43:6b:97:a1:37:74:db:60:c2:8f:a8:
d4:e7:cf:82:dc:0a:b8:46:9d:8d:f5:c8:22:d6:0d:f2:1a:ea:
5e:3d:6d:af:ed:39:6b:b8:6c:26:01:65:8a:f5:75:66:24:7f:
80:a8:ee:c5:98:94:53:8e:cc:f1:a9:39:e0:94:97:88:f1:d1:
03:c9:99:8a:04:f0:ce:19:49:ef:f8:7f:fc:e8:ef:fc:23:a6:
75:c4:9c:3d:56:7e:9e:8d:73:d5:95:b0:6e:97:2e:44:3c:ae:
25:d8:b2:89:c2:5a:da:e7:cf:61:ea:4d:14:a2:31:a5:9d:6b:
de:d6:6d:5c:f5:9d:0d:c9:a3:60:66:4c:94:71:15:21:a8:73:
1f:87:8e:66:de:56:02:d1:1f:2d:8c:f3:99:9d:dd:b7:e5:8c:
3c:73:3b:e7:d7:14:db:c9:75:44:e2:93:90:8e:e1:53:bd:15:
fb:1f:88:b5:62:cd:1a:10:91:83:0b:b0:d3:4e:7a:2e:85:d2:
70:65:cf:0b:33:af:b7:93:7e:3e:08:b8:50:a4:34:0a:70:83:
9c:dc:cd:5a:ff:38:f4:a1:dd:ba:1f:1c:cb:07:9f:b7:93:83:
d9:05:4f:9c:03:ba:c2:c5:34:c2:26:2e:08:68:b0:92:d0:7e:
c4:7b:0a:5a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZJ7WiHD/XOXgCcEg4hctw2f9bHIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIwNDhaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxMDM5YjdmNzg1NDdjZTQ0Mjc4MTI1MzY5Nzg3OWMwMzQ3MmE3MjU5MWY0
YzVjYWY1NWU3MGM0ZjJlZjY1ZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKL2r8pk15uAgPjg+3g68tjoNEGCJrb5w6IfC9qpLXGkKw+zIiakdj9siv66
O93bpvPDy9gLi8fOemYp+vEouUQ+1pt62o2YcodvoABiI3fUdk6ATzRhIhH2VCPY
GryjWDwH9Zbm8zYkKl+Snb9RoeVgRi2yXNxQBwoWLHH27HsUHQ8dSNPiuMf6Lmew
FPJ973tRuvCc074Q/m4B7+hvhv4MlkUxT8QfmkMehsbZ+MtZFClf3PA/afVJ92EH
3cWvz7Q+cf47282x1HWbHFSjZMLGEVkvgmx8mzDUPef0SN7JAwddiba4N0rivsa3
nQWJhUdSyHQD6NXcAxBdXowxDMsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRG0Ibg
Ccst1lAxuGfwJoBPvPs5xjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM4YmUxYjEtNWNjOS00MGRjLWEwYzEtOTg5MjBjYzI5M2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII
gDANBgkqhkiG9w0BAQsFAAOCAQEAQ7ZANr2ij0Nrl6E3dNtgwo+o1OfPgtwKuEad
jfXIItYN8hrqXj1tr+05a7hsJgFlivV1ZiR/gKjuxZiUU47M8ak54JSXiPHRA8mZ
igTwzhlJ7/h//Ojv/COmdcScPVZ+no1z1ZWwbpcuRDyuJdiyicJa2ufPYepNFKIx
pZ1r3tZtXPWdDcmjYGZMlHEVIahzH4eOZt5WAtEfLYzzmZ3dt+WMPHM759cU28l1
ROKTkI7hU70V+x+ItWLNGhCRgwuw0056LoXScGXPCzOvt5N+Pgi4UKQ0CnCDnNzN
Wv849KHduh8cyweft5OD2QVPnAO6wsU0wiYuCGiwktB+xHsKWg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:46 2025 by rpki-client