Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9351f0f-1de7-4e75-9502-939a8ea72ee5.roa
File: a9351f0f-1de7-4e75-9502-939a8ea72ee5.roa (raw, json)
Hash identifier: 72NADtfOT9nSxQQaZZAe0SMmeT71DSFdiAn5Q0LQ9M4=
Subject key identifier: 1F:07:D7:8D:4E:74:DC:3D:D0:1A:31:73:ED:33:29:0E:C8:4A:8C:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2379FA0CCAF0C7E556AD2C57C6089431C6181EA4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9351f0f-1de7-4e75-9502-939a8ea72ee5.roa
Signing time: Tue 03 Jun 2025 18:51:55 +0000
ROA not before: Tue 03 Jun 2025 18:51:55 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:79:fa:0c:ca:f0:c7:e5:56:ad:2c:57:c6:08:94:31:c6:18:1e:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 18:51:55 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=f8e060cefaa388376e44181780df89b5ff34edd8119a300df44fa245318cf4c1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:63:eb:4e:1d:a2:da:07:32:e0:e7:e5:22:82:
11:85:59:43:ab:ad:a3:f4:bf:79:3a:8b:c1:fd:48:
5e:86:bf:df:7e:19:60:d1:7d:7f:ec:9c:63:49:5e:
8f:b8:0f:ac:f1:a9:3c:dd:e5:be:23:c5:af:b0:44:
a6:3c:d3:9f:71:1b:53:7c:13:3e:c1:ea:68:64:4a:
e5:4c:72:50:e4:fe:db:44:50:f8:8e:67:31:76:6e:
b0:09:12:af:06:03:92:d9:f5:4b:8c:97:de:79:99:
0f:85:ee:ef:52:1c:04:23:eb:6d:86:45:72:7e:6b:
19:81:d5:44:71:b6:7c:fd:ed:0f:15:9d:9c:13:93:
99:86:6b:2c:14:5c:ba:bd:f7:7e:4f:f5:49:28:bc:
95:d3:df:89:03:96:8b:6c:da:98:8b:73:0b:f5:ff:
17:8a:02:76:a3:04:f8:4c:cd:b5:5b:33:51:60:96:
ba:e9:1f:50:9d:d9:49:5a:41:61:3f:86:4f:5d:6f:
7b:df:db:e1:95:51:b3:e2:b3:44:b0:60:26:b2:fe:
98:e3:c2:94:f3:d8:ba:6e:24:c7:13:a1:d5:e7:17:
91:09:6d:0c:48:61:4c:21:51:85:b1:67:58:75:01:
62:80:f2:33:1b:37:0e:1a:09:d7:6c:c2:21:5e:fb:
74:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:07:D7:8D:4E:74:DC:3D:D0:1A:31:73:ED:33:29:0E:C8:4A:8C:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9351f0f-1de7-4e75-9502-939a8ea72ee5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e::/32
Signature Algorithm: sha256WithRSAEncryption
6f:a6:93:da:8f:cc:6f:f1:d7:d5:ef:66:59:7e:f9:b0:cd:63:
06:ec:8e:03:b0:db:57:41:0f:93:1c:fa:1b:f5:ea:93:71:c0:
fe:93:83:0e:7e:1c:e9:19:d1:12:3b:8b:bc:ba:6e:19:fb:53:
0e:87:b5:6f:09:61:de:e5:3f:76:17:4d:45:47:38:24:8a:1d:
fc:3f:36:69:14:25:5d:97:e4:6b:03:26:32:5c:63:76:9f:65:
a7:6f:25:fe:ff:7b:4f:b7:9e:8d:ae:5b:fd:a2:b8:12:39:14:
3e:e8:73:13:c1:13:34:5a:27:d1:0f:03:68:ff:a8:52:6c:f8:
a4:83:31:be:41:e4:fe:4e:68:ae:e1:54:42:79:4b:26:57:5b:
bb:93:5f:26:f4:88:40:bb:65:42:3c:ab:30:10:62:95:27:8d:
c2:21:2f:37:53:d4:e6:5c:64:92:46:5c:1c:68:a1:aa:18:50:
71:ae:1b:33:50:29:eb:a6:f3:66:4b:d1:90:fe:f0:c6:bf:cd:
33:42:8d:bc:ce:b6:03:36:bd:ce:a4:0e:01:2b:24:90:57:86:
e4:e9:26:94:0f:10:4d:5a:c3:0b:2b:e6:c5:88:af:e0:39:88:
83:0c:65:05:0b:ad:13:78:4e:e5:9d:cb:7a:b2:13:28:68:9d:
91:86:cd:6e
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUI3n6DMrwx+VWrSxXxgiUMcYYHqQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxODUxNTVaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4ZTA2MGNlZmFhMzg4Mzc2ZTQ0MTgxNzgwZGY4OWI1ZmYzNGVkZDgxMTlh
MzAwZGY0NGZhMjQ1MzE4Y2Y0YzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNj604dotoHMuDn5SKCEYVZQ6uto/S/eTqLwf1IXoa/334ZYNF9f+ycY0le
j7gPrPGpPN3lviPFr7BEpjzTn3EbU3wTPsHqaGRK5UxyUOT+20RQ+I5nMXZusAkS
rwYDktn1S4yX3nmZD4Xu71IcBCPrbYZFcn5rGYHVRHG2fP3tDxWdnBOTmYZrLBRc
ur33fk/1SSi8ldPfiQOWi2zamItzC/X/F4oCdqME+EzNtVszUWCWuukfUJ3ZSVpB
YT+GT11ve9/b4ZVRs+KzRLBgJrL+mOPClPPYum4kxxOh1ecXkQltDEhhTCFRhbFn
WHUBYoDyMxs3DhoJ12zCIV77dAUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQfB9eN
TnTcPdAaMXPtMykOyEqMhTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTkzNTFmMGYtMWRlNy00ZTc1LTk1MDItOTM5YThlYTcyZWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0G4w
DQYJKoZIhvcNAQELBQADggEBAG+mk9qPzG/x19XvZll++bDNYwbsjgOw21dBD5Mc
+hv16pNxwP6Tgw5+HOkZ0RI7i7y6bhn7Uw6HtW8JYd7lP3YXTUVHOCSKHfw/NmkU
JV2X5GsDJjJcY3afZadvJf7/e0+3no2uW/2iuBI5FD7ocxPBEzRaJ9EPA2j/qFJs
+KSDMb5B5P5OaK7hVEJ5SyZXW7uTXyb0iEC7ZUI8qzAQYpUnjcIhLzdT1OZcZJJG
XBxooaoYUHGuGzNQKeum82ZL0ZD+8Ma/zTNCjbzOtgM2vc6kDgErJJBXhuTpJpQP
EE1awwsr5sWIr+A5iIMMZQULrRN4TuWdy3qyEyhonZGGzW4=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:52:22 2025 by rpki-client