Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03a11d7d-6d37-488c-8fe1-258c484d1682.roa
File: 03a11d7d-6d37-488c-8fe1-258c484d1682.roa (raw, json)
Hash identifier: VR2DE3d8V+phj1M4q4jbkJLBKQ5FYNE3WE2aAvsUFKw=
Subject key identifier: DB:78:D9:D5:50:C3:E7:20:19:AE:4F:DB:39:24:D0:15:B8:81:F5:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46E57E69CEA70586755EC2691F843876E0F769E7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03a11d7d-6d37-488c-8fe1-258c484d1682.roa
Signing time: Fri 25 Apr 2025 19:51:46 +0000
ROA not before: Fri 25 Apr 2025 19:51:46 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:e5:7e:69:ce:a7:05:86:75:5e:c2:69:1f:84:38:76:e0:f7:69:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:51:46 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=98ea846e64d87d076ab4b3765bfb26cf6f5e286d9692cef6263fea9543e23d5f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a0:f2:33:2e:01:5f:54:34:42:7b:af:24:54:
f5:cf:bd:98:bd:07:82:db:cd:d2:80:3c:61:5b:e7:
30:ea:2a:4c:51:04:d5:86:20:69:6b:61:5b:00:f5:
2d:86:95:4e:bb:5b:8d:e8:21:ac:65:b7:9a:93:ff:
28:10:39:0a:99:af:d1:8c:1a:44:dc:b9:bd:4d:28:
57:ff:68:37:31:11:85:10:1e:19:5e:77:7a:04:50:
09:75:cb:8b:b8:43:b7:8a:26:92:4b:d8:79:90:56:
9c:a5:7e:a9:03:82:a0:b2:2f:02:5c:81:ce:4d:af:
97:26:3a:31:e0:3f:26:38:ab:0f:a0:20:9c:59:53:
ec:98:f3:f6:7c:56:04:38:58:fd:0c:ec:c5:36:7b:
e4:6d:39:d2:d2:a3:32:7b:2c:0c:30:fb:cc:e4:fb:
d7:3b:bb:b9:ba:57:0f:6c:a4:70:21:b3:6c:65:8b:
6d:00:15:b1:6c:17:93:dd:38:75:bb:f5:46:28:cf:
3b:7a:0b:e7:8f:e0:06:fa:c1:d0:2c:ca:3b:be:0d:
2e:e9:ac:be:15:fa:96:a4:19:a5:45:39:09:a3:96:
4b:ed:92:47:27:2e:e2:73:91:26:0f:7d:0d:14:00:
f1:ca:61:59:7f:ad:08:15:80:95:18:a8:ff:aa:8b:
34:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:78:D9:D5:50:C3:E7:20:19:AE:4F:DB:39:24:D0:15:B8:81:F5:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03a11d7d-6d37-488c-8fe1-258c484d1682.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:b000::/40
Signature Algorithm: sha256WithRSAEncryption
4b:b2:5b:d4:03:84:6d:5b:37:11:ff:8c:2e:d0:e8:b7:06:41:
b5:39:6f:4d:58:58:8d:8d:9d:74:86:c6:de:34:5b:ad:ac:ef:
dc:82:fd:db:e0:7e:7f:08:b4:2b:f1:db:00:21:23:f5:80:29:
22:60:5c:f2:d4:2a:4c:80:ca:91:eb:31:63:c3:88:ed:16:46:
73:4f:2b:10:48:ab:07:82:a4:9d:7a:e7:51:e8:24:c2:b6:25:
c8:75:be:ae:61:fe:0c:0d:f6:6d:2e:86:56:0c:98:ab:fd:22:
01:d7:e9:d1:50:a8:da:c7:38:05:5d:3d:46:c4:ce:5e:1e:64:
42:89:06:f1:c4:f8:52:2e:01:56:7b:01:cb:2d:29:32:ce:63:
35:17:3f:db:9e:c0:6c:3f:69:6d:68:97:b4:2f:a4:67:d2:71:
91:8e:e6:b0:29:6d:10:65:54:db:d7:a1:55:66:b3:e8:30:8a:
08:15:c8:aa:10:e7:3e:c6:17:93:ec:9e:5c:20:a6:f3:42:e9:
3b:6a:5d:ba:7b:58:a2:a3:3c:96:42:03:25:14:b6:eb:ae:e6:
40:f8:fd:2a:d2:f5:48:f7:cf:48:1c:a4:da:0c:9c:6d:6d:a4:
f7:c2:ec:5f:0b:c2:01:da:f4:be:c2:b2:43:c3:a1:49:d1:8f:
70:cb:2b:05
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURuV+ac6nBYZ1XsJpH4Q4duD3aecwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUxNDZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4ZWE4NDZlNjRkODdkMDc2YWI0YjM3NjViZmIyNmNmNmY1ZTI4NmQ5Njky
Y2VmNjI2M2ZlYTk1NDNlMjNkNWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWg8jMuAV9UNEJ7ryRU9c+9mL0HgtvN0oA8YVvnMOoqTFEE1YYgaWthWwD1
LYaVTrtbjeghrGW3mpP/KBA5Cpmv0YwaRNy5vU0oV/9oNzERhRAeGV53egRQCXXL
i7hDt4omkkvYeZBWnKV+qQOCoLIvAlyBzk2vlyY6MeA/JjirD6AgnFlT7Jjz9nxW
BDhY/QzsxTZ75G050tKjMnssDDD7zOT71zu7ubpXD2ykcCGzbGWLbQAVsWwXk904
dbv1RijPO3oL54/gBvrB0CzKO74NLumsvhX6lqQZpUU5CaOWS+2SRycu4nORJg99
DRQA8cphWX+tCBWAlRio/6qLNB8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTbeNnV
UMPnIBmuT9s5JNAVuIH1BzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDNhMTFkN2QtNmQzNy00ODhjLThmZTEtMjU4YzQ4NGQxNjgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCw
MA0GCSqGSIb3DQEBCwUAA4IBAQBLslvUA4RtWzcR/4wu0Oi3BkG1OW9NWFiNjZ10
hsbeNFutrO/cgv3b4H5/CLQr8dsAISP1gCkiYFzy1CpMgMqR6zFjw4jtFkZzTysQ
SKsHgqSdeudR6CTCtiXIdb6uYf4MDfZtLoZWDJir/SIB1+nRUKjaxzgFXT1GxM5e
HmRCiQbxxPhSLgFWewHLLSkyzmM1Fz/bnsBsP2ltaJe0L6Rn0nGRjuawKW0QZVTb
16FVZrPoMIoIFciqEOc+xheT7J5cIKbzQuk7al26e1iiozyWQgMlFLbrruZA+P0q
0vVI989IHKTaDJxtbaT3wuxfC8IB2vS+wrJDw6FJ0Y9wyysF
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:05 2025 by rpki-client