Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/060d4100-8917-4547-940a-7545ce6a0fcb.roa
File: 060d4100-8917-4547-940a-7545ce6a0fcb.roa (raw, json)
Hash identifier: l8M4h61QTGjodt5YSub8h0oQo2RwFG8UyM8YG41RIDQ=
Subject key identifier: 07:61:B0:AF:EE:64:A4:A1:58:92:95:38:93:E3:E7:76:1C:26:3D:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C75FEEA97B4EE599344CC8C3689C061793463D4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/060d4100-8917-4547-940a-7545ce6a0fcb.roa
Signing time: Fri 16 May 2025 17:31:07 +0000
ROA not before: Fri 16 May 2025 17:31:07 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 14:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:75:fe:ea:97:b4:ee:59:93:44:cc:8c:36:89:c0:61:79:34:63:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:31:07 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=b66e1b906592818731f77e5a93f820b857d6c2abc6e5bf6591d9f13c2d065886, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fa:9c:de:af:94:bc:e4:68:0a:d5:ef:ed:5d:
64:96:a1:91:2f:77:5f:87:93:19:31:bc:ba:7b:90:
0d:b9:a1:f9:f5:50:34:e3:94:5b:b9:f5:e4:b4:17:
c2:0f:d5:ee:b9:c3:87:46:46:40:d7:90:ad:b7:b4:
86:1a:43:0f:a4:d6:bc:00:e5:5f:2a:d7:d4:68:f4:
d9:ff:42:68:5e:31:88:7f:de:20:66:b8:bf:5b:6a:
e0:f5:05:c1:8a:d7:9e:84:70:4d:d9:3e:10:85:6a:
88:36:b4:ca:a3:7d:45:7f:36:a4:1a:9d:cb:f5:a1:
fb:50:8f:06:1c:b1:19:3a:12:d2:b7:69:47:37:5d:
ec:a3:6f:83:3d:23:92:f2:00:12:a2:65:80:46:a9:
26:e3:5b:ef:79:1d:a9:ca:8d:da:cb:0f:98:c7:a9:
5c:d6:ff:e8:09:19:eb:b6:b9:ce:1c:04:8b:e6:b2:
ed:c7:0f:8f:9d:53:1b:9b:d0:40:8e:e0:f4:50:dc:
e8:5f:19:e3:6f:00:b7:9e:ba:b6:d3:17:99:ad:8a:
42:db:56:39:83:e3:fd:41:76:1f:ff:83:15:48:d4:
e4:53:b2:6a:6d:a2:7e:0f:0d:c4:7c:6d:0e:74:20:
de:80:4e:f2:78:a7:bd:d7:70:75:e4:03:33:64:ee:
45:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:61:B0:AF:EE:64:A4:A1:58:92:95:38:93:E3:E7:76:1C:26:3D:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/060d4100-8917-4547-940a-7545ce6a0fcb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:880::/46
Signature Algorithm: sha256WithRSAEncryption
16:2c:33:26:4b:00:b2:43:05:60:28:08:ab:61:15:bf:5e:01:
c5:64:cd:08:72:e6:b0:ba:90:cc:5a:60:1a:6c:15:0d:6d:3b:
b9:68:fc:41:a8:05:85:67:5e:e3:6a:55:7e:19:b5:84:aa:ae:
ac:62:91:79:9d:a2:99:b2:a7:85:43:76:cd:ae:0e:44:84:1a:
af:20:c6:43:02:f1:4e:3b:5b:76:da:5d:30:92:12:66:67:62:
23:32:c5:5e:aa:13:73:cf:be:42:d3:28:5f:0b:4b:21:32:ac:
61:91:d6:7c:70:4b:f7:13:4a:3f:76:e3:67:d1:ea:65:b7:2d:
78:0f:fc:c5:23:3d:ea:01:54:77:30:7e:3c:8c:94:ae:79:be:
47:6f:7c:77:2e:7b:9b:cb:d1:87:43:6b:b2:06:cd:e4:2a:20:
e7:50:5e:75:e4:05:8c:83:ac:42:f3:af:4c:d3:01:5a:ae:c9:
ab:21:1b:04:35:b5:58:89:a5:9d:bf:cb:27:46:aa:67:7a:30:
26:cb:51:3e:38:d5:6a:01:fb:be:49:a0:1e:11:ed:80:d2:4e:
53:7f:7c:55:4e:4a:77:69:6f:47:9a:0d:bf:78:d2:d5:fa:ba:
37:26:b1:89:27:6d:96:5f:97:85:e2:a4:f6:9e:18:bf:a0:c6:
87:35:42:1a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULHX+6pe07lmTRMyMNonAYXk0Y9QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzMxMDdaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2NmUxYjkwNjU5MjgxODczMWY3N2U1YTkzZjgyMGI4NTdkNmMyYWJjNmU1
YmY2NTkxZDlmMTNjMmQwNjU4ODYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKn6nN6vlLzkaArV7+1dZJahkS93X4eTGTG8unuQDbmh+fVQNOOUW7n15LQX
wg/V7rnDh0ZGQNeQrbe0hhpDD6TWvADlXyrX1Gj02f9CaF4xiH/eIGa4v1tq4PUF
wYrXnoRwTdk+EIVqiDa0yqN9RX82pBqdy/Wh+1CPBhyxGToS0rdpRzdd7KNvgz0j
kvIAEqJlgEapJuNb73kdqcqN2ssPmMepXNb/6AkZ67a5zhwEi+ay7ccPj51TG5vQ
QI7g9FDc6F8Z428At566ttMXma2KQttWOYPj/UF2H/+DFUjU5FOyam2ifg8NxHxt
DnQg3oBO8ninvddwdeQDM2TuRcMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQHYbCv
7mSkoViSlTiT4+d2HCY99TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDYwZDQxMDAtODkxNy00NTQ3LTk0MGEtNzU0NWNlNmEwZmNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HsI
gDANBgkqhkiG9w0BAQsFAAOCAQEAFiwzJksAskMFYCgIq2EVv14BxWTNCHLmsLqQ
zFpgGmwVDW07uWj8QagFhWde42pVfhm1hKqurGKReZ2imbKnhUN2za4ORIQaryDG
QwLxTjtbdtpdMJISZmdiIzLFXqoTc8++QtMoXwtLITKsYZHWfHBL9xNKP3bjZ9Hq
ZbcteA/8xSM96gFUdzB+PIyUrnm+R298dy57m8vRh0NrsgbN5Cog51BedeQFjIOs
QvOvTNMBWq7JqyEbBDW1WImlnb/LJ0aqZ3owJstRPjjVagH7vkmgHhHtgNJOU398
VU5Kd2lvR5oNv3jS1fq6NyaxiSdtll+XheKk9p4Yv6DGhzVCGg==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:31:26 2025 by rpki-client