Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
File: 575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa (raw, json)
Hash identifier: JG4P85FJ0+EsS0piU5SpLmDbJL+kzEZovJQ3EgYuHw8=
Subject key identifier: 57:97:0B:84:45:B7:DB:FC:6A:61:B2:BD:B7:D1:10:91:4A:30:4C:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3CE253ACE43C6DE02E27E383E66504E89CC10BCC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
Signing time: Tue 20 May 2025 20:01:39 +0000
ROA not before: Tue 20 May 2025 20:01:39 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:e2:53:ac:e4:3c:6d:e0:2e:27:e3:83:e6:65:04:e8:9c:c1:0b:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:01:39 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=d6e57cd166982e344cd17f27b68446a2eec0db9a6af17696f8ffad1a88fcb37b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7f:f8:37:0d:a7:97:45:24:03:42:dc:fe:e7:
c5:78:fe:ae:65:0f:f3:5e:7f:0e:59:84:dd:d8:ec:
ac:d2:24:8d:0e:35:5a:55:9c:9e:1f:b4:5d:50:55:
85:0b:e8:26:5e:fe:34:03:38:81:05:55:e8:ea:2c:
8d:8d:2e:84:fc:75:1a:c5:6c:cf:8b:e1:a5:66:73:
37:3f:5f:23:6b:91:d2:91:a4:f9:40:43:79:ae:01:
5f:f8:67:05:03:29:01:af:63:da:89:80:cc:f2:17:
5d:71:ff:14:99:83:03:9e:54:6d:8b:f4:ca:95:44:
fa:cf:62:09:b1:08:35:c0:19:ea:4b:be:94:ac:dd:
72:58:93:2a:3d:c5:10:06:11:5c:bc:a8:92:ab:e3:
cc:c8:e1:9f:1c:f3:be:93:0e:16:df:ed:99:19:2e:
e2:e8:41:98:d8:82:fa:b9:b3:15:6e:d2:46:06:03:
54:7d:2e:00:ba:58:bc:6e:19:76:50:98:73:6d:0b:
66:39:26:6b:35:ba:85:20:32:4a:1b:b4:ad:a7:ac:
3a:77:66:dd:70:e7:c9:78:a5:39:6b:c4:c9:81:14:
19:f9:0d:65:b2:ed:5f:35:ee:a0:4d:07:08:11:3d:
f3:9b:66:b8:13:f9:28:3f:20:33:26:18:01:f2:fb:
41:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:97:0B:84:45:B7:DB:FC:6A:61:B2:BD:B7:D1:10:91:4A:30:4C:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:4000::/40
Signature Algorithm: sha256WithRSAEncryption
37:46:32:5b:34:52:fa:eb:c2:b5:8e:9c:f5:8f:d7:fb:12:79:
de:db:d0:56:eb:c4:b8:62:a9:06:b5:84:8d:13:08:0d:fd:39:
80:fb:23:f6:08:15:ed:25:a4:cb:96:ce:62:37:ad:6f:2d:e5:
81:8c:c4:f8:36:aa:aa:60:13:c9:65:17:af:cb:b2:d9:b4:0c:
91:6f:2f:9c:50:82:ae:47:54:ca:b8:83:7d:23:44:54:79:36:
5c:61:16:22:b4:80:f8:0a:b6:c0:ea:ca:4a:9f:e3:45:cc:42:
0a:a6:43:a1:6c:06:20:02:06:3f:e7:74:9c:96:be:cc:80:12:
d5:2e:c9:d0:1a:e0:cc:06:74:e5:45:f2:f8:e4:36:75:e1:2f:
37:4a:84:36:83:00:f2:44:c0:28:2b:9d:04:5b:2e:b5:bd:0e:
ea:41:8d:8b:15:39:a8:05:4a:97:f0:20:6d:52:2c:9b:98:33:
51:77:d5:45:95:40:cc:6c:fa:a7:b5:37:f6:66:b0:21:55:57:
d9:4b:6a:c6:5e:bb:22:8a:8b:f6:1c:4d:c2:f4:4f:da:97:c8:
70:01:bf:7f:9e:a1:32:9a:22:b2:68:48:90:81:1b:3d:99:11:
00:d9:eb:cc:45:97:a9:f2:8f:d5:85:6d:f1:67:fa:c8:78:6b:
e1:d8:cf:b8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPOJTrOQ8beAuJ+OD5mUE6JzBC8wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAxMzlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2ZTU3Y2QxNjY5ODJlMzQ0Y2QxN2YyN2I2ODQ0NmEyZWVjMGRiOWE2YWYx
NzY5NmY4ZmZhZDFhODhmY2IzN2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKp/+DcNp5dFJANC3P7nxXj+rmUP815/DlmE3djsrNIkjQ41WlWcnh+0XVBV
hQvoJl7+NAM4gQVV6OosjY0uhPx1GsVsz4vhpWZzNz9fI2uR0pGk+UBDea4BX/hn
BQMpAa9j2omAzPIXXXH/FJmDA55UbYv0ypVE+s9iCbEINcAZ6ku+lKzdcliTKj3F
EAYRXLyokqvjzMjhnxzzvpMOFt/tmRku4uhBmNiC+rmzFW7SRgYDVH0uALpYvG4Z
dlCYc20LZjkmazW6hSAyShu0raesOndm3XDnyXilOWvEyYEUGfkNZbLtXzXuoE0H
CBE985tmuBP5KD8gMyYYAfL7QR8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRXlwuE
Rbfb/Gphsr230RCRSjBMITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTc1ZTMwYzgtMmVhNS00ZTk3LTg3MmItNmFmMGIzZTgzMThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZA
MA0GCSqGSIb3DQEBCwUAA4IBAQA3RjJbNFL668K1jpz1j9f7Enne29BW68S4YqkG
tYSNEwgN/TmA+yP2CBXtJaTLls5iN61vLeWBjMT4NqqqYBPJZRevy7LZtAyRby+c
UIKuR1TKuIN9I0RUeTZcYRYitID4CrbA6spKn+NFzEIKpkOhbAYgAgY/53Sclr7M
gBLVLsnQGuDMBnTlRfL45DZ14S83SoQ2gwDyRMAoK50EWy61vQ7qQY2LFTmoBUqX
8CBtUiybmDNRd9VFlUDMbPqntTf2ZrAhVVfZS2rGXrsiiov2HE3C9E/al8hwAb9/
nqEymiKyaEiQgRs9mREA2evMRZep8o/VhW3xZ/rIeGvh2M+4
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:38 2025 by rpki-client