Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a1ea1f2-685a-4073-b22a-0a37f133b9dc.roa
File: 7a1ea1f2-685a-4073-b22a-0a37f133b9dc.roa (raw, json)
Hash identifier: bSyFnOecVlz+e6p9uAGkVBKqutj5KBS1Zp0ShQyEjjI=
Subject key identifier: 48:1D:FE:56:20:45:00:B1:BD:5F:EF:73:9B:AE:AA:F4:00:17:DA:54
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C1DEDA9C711564CEB7ECF00193004AB88768692
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a1ea1f2-685a-4073-b22a-0a37f133b9dc.roa
Signing time: Mon 12 May 2025 16:21:11 +0000
ROA not before: Mon 12 May 2025 16:21:11 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:1d:ed:a9:c7:11:56:4c:eb:7e:cf:00:19:30:04:ab:88:76:86:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:21:11 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=e31d1789902f981b4fc045fece3ca39d786f201dbd2cbde7e8f0cabe8c1f39ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:66:d0:69:0c:83:78:48:64:16:c4:e3:b0:2a:
88:c2:d5:d5:a6:d8:12:87:33:3e:75:69:96:6c:50:
5f:cf:a0:5a:da:5a:15:37:1c:8f:62:02:c7:24:ac:
77:9d:08:34:d9:52:3d:dc:02:95:26:33:cb:48:e6:
b6:a0:d9:20:9b:a8:1f:8d:70:2e:25:4d:49:fa:28:
65:a2:2e:08:6d:6f:3d:50:96:da:a9:c7:96:c0:60:
17:02:66:de:bd:30:7f:07:65:75:04:87:5d:06:d0:
81:cb:b1:3c:b5:9c:ed:28:54:e3:ce:d1:42:e5:97:
8c:3a:82:5f:b5:e8:8f:98:e0:d6:7a:f0:52:1d:bd:
39:94:db:29:55:01:06:b1:30:d9:84:30:f8:5d:ea:
30:ef:8b:0f:fa:7d:bd:46:51:28:72:c8:70:0e:23:
09:bf:36:1c:19:71:ab:21:bf:fb:05:f1:1b:c6:37:
ec:2a:49:da:57:b5:18:b2:f1:95:c4:c3:b3:c4:60:
e0:2d:78:4f:2b:9f:24:d1:01:a5:5f:03:ae:a2:4f:
05:28:34:1c:a2:b9:c6:9e:40:d4:4e:8e:3a:22:39:
82:2e:84:17:d4:b2:ed:78:34:0e:1d:a7:f8:d0:3f:
0e:da:71:b4:01:d3:6e:ad:2e:f7:c5:23:23:b1:7f:
05:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:1D:FE:56:20:45:00:B1:BD:5F:EF:73:9B:AE:AA:F4:00:17:DA:54
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a1ea1f2-685a-4073-b22a-0a37f133b9dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:5000::/40
Signature Algorithm: sha256WithRSAEncryption
5b:c0:ef:2a:05:db:ec:44:67:95:27:25:fc:c3:12:e6:0c:22:
95:c7:3a:54:0b:d2:9b:a5:f7:aa:ba:e1:a9:20:b6:b2:54:f5:
41:97:d8:0c:07:bc:ce:60:8b:16:46:b1:31:3b:37:fb:2f:7b:
f5:10:2d:fe:a0:5d:8b:20:88:19:83:d6:11:00:86:15:55:32:
74:0a:8c:23:ff:18:0f:4a:c2:6a:81:f7:15:36:b2:29:84:0b:
8a:d5:de:12:e3:0d:30:ac:3a:58:df:b1:56:4e:62:1f:68:67:
3d:cc:5a:18:7a:a2:db:5c:57:46:0b:93:1a:de:3b:e0:89:e9:
23:a9:7f:20:42:57:96:87:1a:bc:c4:10:39:7e:c7:3d:72:bc:
2a:31:54:70:30:a2:8b:37:30:1b:bf:7b:a2:54:7e:61:c1:d3:
87:2b:8a:62:71:29:a6:ed:f2:61:2c:95:ca:19:d3:9b:3d:df:
c7:59:8a:5c:82:87:a5:d8:e6:cd:7f:7b:91:ee:69:ab:2a:ba:
26:4d:6c:ea:aa:16:83:c6:0a:2c:02:ea:ef:ca:95:02:33:88:
e0:79:34:56:82:83:e0:6f:4c:8a:52:2a:8c:80:df:89:0b:71:
95:1f:60:cd:2a:69:fa:eb:ce:44:9d:31:f8:a8:9a:0f:75:1a:
ee:0d:42:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPB3tqccRVkzrfs8AGTAEq4h2hpIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIxMTFaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzMWQxNzg5OTAyZjk4MWI0ZmMwNDVmZWNlM2NhMzlkNzg2ZjIwMWRiZDJj
YmRlN2U4ZjBjYWJlOGMxZjM5ZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxm0GkMg3hIZBbE47AqiMLV1abYEoczPnVplmxQX8+gWtpaFTccj2ICxySs
d50INNlSPdwClSYzy0jmtqDZIJuoH41wLiVNSfooZaIuCG1vPVCW2qnHlsBgFwJm
3r0wfwdldQSHXQbQgcuxPLWc7ShU487RQuWXjDqCX7Xoj5jg1nrwUh29OZTbKVUB
BrEw2YQw+F3qMO+LD/p9vUZRKHLIcA4jCb82HBlxqyG/+wXxG8Y37CpJ2le1GLLx
lcTDs8Rg4C14TyufJNEBpV8DrqJPBSg0HKK5xp5A1E6OOiI5gi6EF9Sy7Xg0Dh2n
+NA/DtpxtAHTbq0u98UjI7F/BfsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRIHf5W
IEUAsb1f73Obrqr0ABfaVDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2ExZWExZjItNjg1YS00MDczLWIyMmEtMGEzN2YxMzNiOWRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBbwO8qBdvsRGeVJyX8wxLmDCKVxzpUC9Kbpfeq
uuGpILayVPVBl9gMB7zOYIsWRrExOzf7L3v1EC3+oF2LIIgZg9YRAIYVVTJ0Cowj
/xgPSsJqgfcVNrIphAuK1d4S4w0wrDpY37FWTmIfaGc9zFoYeqLbXFdGC5Ma3jvg
iekjqX8gQleWhxq8xBA5fsc9crwqMVRwMKKLNzAbv3uiVH5hwdOHK4picSmm7fJh
LJXKGdObPd/HWYpcgoel2ObNf3uR7mmrKromTWzqqhaDxgosAurvypUCM4jgeTRW
goPgb0yKUiqMgN+JC3GVH2DNKmn6685EnTH4qJoPdRruDUKe
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:45 2025 by rpki-client