Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa
File: 7175e6ba-4879-48cc-b428-9cd0d88a156a.roa (raw, json)
Hash identifier: CxXKa6+OqBiCmT0yykAKLZopo+I/Wt0SwF+NJC8lvdU=
Subject key identifier: 60:D1:F3:52:A1:71:E8:11:E3:C5:36:B7:5F:62:28:EB:B6:CA:D3:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52459A187577069ACBF70BC762B042DA5E8F0549
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa
Signing time: Fri 16 May 2025 17:30:28 +0000
ROA not before: Fri 16 May 2025 17:30:28 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:45:9a:18:75:77:06:9a:cb:f7:0b:c7:62:b0:42:da:5e:8f:05:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:30:28 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=258166f6c10056e0cd68a28b7df02096349bbde9ea2c413f655bd48d8a038dfe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fc:9f:57:3c:8a:87:24:4d:76:de:d5:0e:2e:
05:f1:cc:43:53:ce:6c:17:7e:d7:38:f8:45:2c:3f:
f1:13:8a:a8:2d:8c:19:1f:29:5e:de:1a:78:a8:64:
d0:88:ad:9d:13:49:1a:41:ce:d1:27:af:e0:0a:bc:
33:36:c8:29:e4:6c:a0:68:c6:2f:9e:bd:a0:d6:c3:
fb:2f:f2:a7:a1:67:cd:bc:35:b3:31:6a:dc:01:eb:
d9:d9:07:76:8e:d4:13:c5:e7:f1:86:3e:e6:2b:7b:
76:5e:86:40:2d:d6:55:8f:d0:59:ce:53:8e:33:20:
0c:2a:b3:11:10:4c:21:4c:15:78:e5:6d:a4:d2:7a:
15:41:79:4d:9e:88:5e:59:62:cf:01:e0:e1:ed:0a:
56:df:ff:4f:05:ca:07:b4:2e:14:4c:de:2a:d0:d1:
4f:2a:43:a4:ba:79:99:61:10:c8:a3:e2:05:a1:c5:
80:10:d5:1e:67:9b:93:58:aa:6e:33:50:31:82:b1:
3c:dd:7f:05:39:ae:9c:7e:ee:1d:bd:f9:32:bf:ee:
a2:3d:33:3e:45:9a:c9:0b:2e:d0:9b:e4:ae:1f:bf:
fb:23:cf:c5:86:3d:72:28:f0:2b:7d:9e:02:8f:7e:
b0:06:81:dd:c1:79:06:73:31:c0:79:22:70:41:1d:
4d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:D1:F3:52:A1:71:E8:11:E3:C5:36:B7:5F:62:28:EB:B6:CA:D3:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
ac:93:4c:7f:a5:66:db:3f:67:ca:1f:32:73:92:ad:21:e3:84:
4a:01:17:1a:85:66:e8:ba:3d:b9:86:d7:0e:28:ac:cc:01:84:
d0:85:53:ba:64:76:51:bb:35:f6:ee:b7:15:e9:59:65:c3:61:
b8:76:02:67:0f:b8:9b:4f:cf:42:f5:72:e1:1b:99:ac:99:d8:
db:4f:3e:84:7f:bc:a7:87:f7:77:45:df:0f:42:cd:3e:c1:38:
4d:1f:9e:db:a1:b1:f0:a0:8e:ff:cb:07:ab:0e:fa:af:78:55:
87:a1:5f:cb:9d:d0:61:2f:c4:15:e3:49:b3:03:e8:6d:6b:2e:
99:ca:d9:5d:db:92:51:14:89:ba:91:e5:f6:7b:d9:3e:4d:34:
57:8b:64:10:db:a7:18:a1:85:51:52:0d:1d:e6:0a:61:98:82:
fd:32:a7:9e:39:fb:cb:cb:01:c2:b0:c1:77:88:6b:c6:56:73:
3f:d9:9c:a7:e4:20:76:3c:d0:c5:1b:37:9f:c3:d1:6e:35:75:
a0:66:26:17:f2:c8:e8:c1:ad:92:10:b4:d8:51:ed:1c:a7:f2:
cc:99:b1:18:38:60:b4:e7:d9:fd:2c:63:f2:7a:a2:36:7a:06:
b5:33:8c:ce:3f:9e:30:a7:83:43:e0:c2:15:8c:0a:75:75:f8:
a6:a8:28:cb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUkWaGHV3BprL9wvHYrBC2l6PBUkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzMwMjhaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1ODE2NmY2YzEwMDU2ZTBjZDY4YTI4YjdkZjAyMDk2MzQ5YmJkZTllYTJj
NDEzZjY1NWJkNDhkOGEwMzhkZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALb8n1c8iockTXbe1Q4uBfHMQ1PObBd+1zj4RSw/8ROKqC2MGR8pXt4aeKhk
0IitnRNJGkHO0Sev4Aq8MzbIKeRsoGjGL569oNbD+y/yp6Fnzbw1szFq3AHr2dkH
do7UE8Xn8YY+5it7dl6GQC3WVY/QWc5TjjMgDCqzERBMIUwVeOVtpNJ6FUF5TZ6I
XllizwHg4e0KVt//TwXKB7QuFEzeKtDRTypDpLp5mWEQyKPiBaHFgBDVHmebk1iq
bjNQMYKxPN1/BTmunH7uHb35Mr/uoj0zPkWayQsu0Jvkrh+/+yPPxYY9cijwK32e
Ao9+sAaB3cF5BnMxwHkicEEdTb0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRg0fNS
oXHoEePFNrdfYijrtsrTJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzE3NWU2YmEtNDg3OS00OGNjLWI0MjgtOWNkMGQ4OGExNTZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEI
wDANBgkqhkiG9w0BAQsFAAOCAQEArJNMf6Vm2z9nyh8yc5KtIeOESgEXGoVm6Lo9
uYbXDiiszAGE0IVTumR2Ubs19u63FelZZcNhuHYCZw+4m0/PQvVy4RuZrJnY208+
hH+8p4f3d0XfD0LNPsE4TR+e26Gx8KCO/8sHqw76r3hVh6Ffy53QYS/EFeNJswPo
bWsumcrZXduSURSJupHl9nvZPk00V4tkENunGKGFUVINHeYKYZiC/TKnnjn7y8sB
wrDBd4hrxlZzP9mcp+QgdjzQxRs3n8PRbjV1oGYmF/LI6MGtkhC02FHtHKfyzJmx
GDhgtOfZ/Sxj8nqiNnoGtTOMzj+eMKeDQ+DCFYwKdXX4pqgoyw==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:42 2025 by rpki-client