Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d0a7774-67d7-4664-ac0f-4e214b75f1c8.roa
File: 9d0a7774-67d7-4664-ac0f-4e214b75f1c8.roa (raw, json)
Hash identifier: 5vZ5auSSCy105Nz1gZWOn6Rwnex6pmTjAvWtmh6siKY=
Subject key identifier: 91:02:17:53:BC:01:89:CB:BA:B2:CA:1C:34:78:9C:31:1F:21:3C:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27C25911980111E6210166DC53BC992D247FAD79
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d0a7774-67d7-4664-ac0f-4e214b75f1c8.roa
Signing time: Tue 20 May 2025 19:52:02 +0000
ROA not before: Tue 20 May 2025 19:52:02 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:a080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:c2:59:11:98:01:11:e6:21:01:66:dc:53:bc:99:2d:24:7f:ad:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:52:02 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=16d6d949e8409bc4cd326db9fcf00f5e365cfdf7a22a3f2933cba7caddd1afda, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:88:37:ad:4b:33:63:57:7e:bc:80:f4:5a:3d:
b2:06:8b:52:26:fe:5c:4b:b7:44:43:6d:60:0c:03:
2b:97:35:03:9b:3a:35:f3:14:f9:c3:16:b3:4a:71:
cc:27:90:cb:01:50:70:99:01:09:46:cd:8b:6b:5e:
04:23:38:c4:a5:f8:e8:4f:ad:28:5d:33:51:93:11:
50:3b:49:36:65:b8:4d:15:41:75:f9:a9:91:60:52:
5a:5c:80:4e:92:a4:a7:13:45:62:cd:5d:b1:ba:24:
96:f3:7c:ac:aa:7d:f4:2c:83:02:a4:59:f3:f1:39:
1f:24:b8:3d:43:5e:56:b5:61:36:75:15:b4:d3:ec:
41:78:26:20:86:d8:44:75:7e:a8:60:7e:13:8a:ac:
d4:5b:6e:4f:d9:51:fe:c6:4f:81:73:87:c4:4f:b1:
12:04:ee:e3:47:29:d8:37:ad:56:d3:5b:ca:b4:be:
56:81:d6:51:9a:b5:dc:47:d6:5f:88:b1:60:2f:00:
74:9d:65:8d:f9:fd:da:41:2d:3e:7c:6a:5f:6e:d3:
5a:b2:37:26:e4:0c:8e:22:9c:36:d6:3c:17:b5:21:
67:d3:c8:a4:9b:ba:d0:52:7e:ae:ac:b4:43:45:06:
d4:ec:33:73:c1:24:52:6b:09:ce:fd:42:91:0d:b3:
57:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:02:17:53:BC:01:89:CB:BA:B2:CA:1C:34:78:9C:31:1F:21:3C:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d0a7774-67d7-4664-ac0f-4e214b75f1c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:a080::/46
Signature Algorithm: sha256WithRSAEncryption
91:e6:c3:89:0d:ac:ce:d9:5d:22:2c:f4:8d:f8:59:ee:9c:31:
80:5a:7c:38:61:a6:50:46:64:f4:f4:16:e4:f5:be:c7:84:11:
c4:23:e8:93:a5:48:27:be:cd:b8:bd:11:69:e9:e8:13:76:6f:
ac:58:82:65:81:73:cd:4f:87:d1:fd:93:10:36:28:c1:5a:a6:
af:67:b0:b4:11:3a:f8:cc:7a:1a:c7:2d:2a:24:a9:11:ad:79:
6c:af:da:a1:a1:a9:81:f4:08:c7:3d:e5:c4:a2:76:c0:1e:96:
aa:7d:de:43:c1:9c:a8:38:ec:7e:bf:c8:bc:31:80:8f:64:7f:
57:c2:fc:12:8d:9d:2a:43:31:ac:4b:4e:63:fc:17:1b:09:5b:
2a:3b:dd:0d:47:e2:2b:7b:03:5d:cd:b1:6c:59:83:80:91:89:
c0:56:12:6d:11:c5:de:dc:f1:37:ef:4c:a0:ae:5e:80:70:21:
d5:c2:88:f6:4a:ee:8e:c8:8a:28:6d:97:86:c4:8b:8e:12:ed:
12:20:30:19:67:f8:6e:76:db:99:c0:30:e4:14:fa:54:d5:20:
25:8b:e6:7a:ef:24:97:f0:61:75:09:34:93:01:26:4d:30:03:
d8:e2:ca:22:0a:b8:8c:17:3d:10:72:13:33:ac:90:f5:d9:1a:
78:ef:fb:20
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJ8JZEZgBEeYhAWbcU7yZLSR/rXkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUyMDJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2ZDZkOTQ5ZTg0MDliYzRjZDMyNmRiOWZjZjAwZjVlMzY1Y2ZkZjdhMjJh
M2YyOTMzY2JhN2NhZGRkMWFmZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKaIN61LM2NXfryA9Fo9sgaLUib+XEu3RENtYAwDK5c1A5s6NfMU+cMWs0px
zCeQywFQcJkBCUbNi2teBCM4xKX46E+tKF0zUZMRUDtJNmW4TRVBdfmpkWBSWlyA
TpKkpxNFYs1dsboklvN8rKp99CyDAqRZ8/E5HyS4PUNeVrVhNnUVtNPsQXgmIIbY
RHV+qGB+E4qs1FtuT9lR/sZPgXOHxE+xEgTu40cp2DetVtNbyrS+VoHWUZq13EfW
X4ixYC8AdJ1ljfn92kEtPnxqX27TWrI3JuQMjiKcNtY8F7UhZ9PIpJu60FJ+rqy0
Q0UG1Owzc8EkUmsJzv1CkQ2zV/kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSRAhdT
vAGJy7qyyhw0eJwxHyE8IjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQwYTc3NzQtNjdkNy00NjY0LWFjMGYtNGUyMTRiNzVmMWM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hug
gDANBgkqhkiG9w0BAQsFAAOCAQEAkebDiQ2sztldIiz0jfhZ7pwxgFp8OGGmUEZk
9PQW5PW+x4QRxCPok6VIJ77NuL0RaenoE3ZvrFiCZYFzzU+H0f2TEDYowVqmr2ew
tBE6+Mx6GsctKiSpEa15bK/aoaGpgfQIxz3lxKJ2wB6Wqn3eQ8GcqDjsfr/IvDGA
j2R/V8L8Eo2dKkMxrEtOY/wXGwlbKjvdDUfiK3sDXc2xbFmDgJGJwFYSbRHF3tzx
N+9MoK5egHAh1cKI9krujsiKKG2XhsSLjhLtEiAwGWf4bnbbmcAw5BT6VNUgJYvm
eu8kl/BhdQk0kwEmTTAD2OLKIgq4jBc9EHITM6yQ9dkaeO/7IA==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:27:54 2025 by rpki-client