Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
File: 04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa (raw, json)
Hash identifier: QIikoWpSxEbguEzSKTDyqkaCsN8VJHvjkEGun/D7UTM=
Subject key identifier: 85:C7:9A:76:14:A8:0A:1E:06:A7:F7:69:5D:65:54:7D:25:38:50:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20EC013E47CD5C193BC17433F49CCAC60F1AF6C2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
Signing time: Wed 02 Apr 2025 18:52:11 +0000
ROA not before: Wed 02 Apr 2025 18:52:11 +0000
ROA not after: Wed 07 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:ec:01:3e:47:cd:5c:19:3b:c1:74:33:f4:9c:ca:c6:0f:1a:f6:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 18:52:11 2025 GMT
Not After : May 7 23:59:59 2025 GMT
Subject: serialNumber=b295bf4d1f665cdf62edc657ed2c6de433bafc7b792287eb7ad8f892b81df949, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:af:a5:2f:38:73:52:b3:62:76:f8:f5:56:b1:
af:ce:2f:53:53:45:1c:fe:67:bd:01:a9:6a:43:e6:
ce:35:a9:cf:1a:be:8a:da:ae:be:64:fa:85:55:c9:
fe:2c:2f:4a:ba:54:4d:04:28:b9:58:4a:32:46:25:
67:cb:f2:a1:d0:0b:3f:3b:28:dc:1b:83:9a:2b:e6:
b6:99:de:42:81:d6:2d:55:b5:53:1f:4d:c9:b0:a2:
d1:b6:d4:2f:48:ac:08:6c:4d:c3:58:84:90:ce:a2:
f5:6c:58:b9:14:f8:8e:93:5c:13:8a:31:3b:c2:60:
bc:c9:04:54:4b:d7:d4:9a:a7:76:65:44:bf:03:13:
1b:e6:8d:96:3c:50:14:0e:6d:e8:6e:e1:51:1c:3a:
6f:2b:3d:5a:b9:a4:1e:4f:ec:db:f8:71:8d:f5:89:
68:7d:78:3f:62:a0:e9:e3:82:b1:b7:17:7e:78:b4:
bc:21:5c:c9:2f:44:9b:24:bc:68:dd:7e:eb:b6:17:
a2:55:3e:03:d6:5c:0a:2a:04:af:24:b0:66:51:92:
e6:d5:87:c5:d3:2d:89:0c:64:2d:0f:bb:d6:05:7c:
67:11:3a:70:66:7f:0f:9d:64:93:4c:9a:83:c2:cb:
ce:c3:3e:8e:5d:b2:5d:a8:f5:30:dd:c6:1b:9f:c5:
61:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:C7:9A:76:14:A8:0A:1E:06:A7:F7:69:5D:65:54:7D:25:38:50:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8800::/38
Signature Algorithm: sha256WithRSAEncryption
67:6e:f8:ff:31:c2:17:c2:6e:16:14:26:a1:75:8d:94:2b:46:
2d:88:25:d7:af:62:06:dd:2b:0d:c7:71:fe:f5:6a:f1:bb:d5:
ea:55:f1:9c:19:88:db:07:d6:f6:24:75:11:2f:2b:e6:71:d6:
88:82:d4:6b:cf:77:a7:5a:02:23:31:14:26:da:9d:03:35:68:
e7:a3:fd:13:a8:f6:1a:ea:39:dc:45:19:e4:0a:32:78:b6:3a:
6a:57:9b:bc:20:14:e9:6a:2b:6b:27:bf:ec:14:4a:07:47:d1:
2e:1e:98:63:f7:7b:1c:38:2f:5f:f1:8e:7c:82:b2:db:95:0d:
38:a2:41:b0:50:e6:64:f0:64:00:f4:0c:f6:a3:36:80:86:95:
88:26:ec:6c:2b:93:0f:f5:ec:79:a9:70:a2:4a:c1:f1:05:58:
5a:9b:9d:bd:af:93:79:fe:c8:8b:cd:d6:86:c5:ca:9a:06:01:
58:1f:5b:61:2a:e5:3f:d8:b9:91:fe:52:3d:0f:38:4e:cc:4a:
33:1e:93:18:a7:f8:3b:61:cc:5e:15:68:7e:4c:5f:7c:0c:aa:
69:ef:5f:e9:13:14:9f:96:e3:6c:7d:49:5e:d3:c2:b7:ff:e8:
b3:ba:da:6c:ae:d3:b6:55:07:64:2f:41:93:0d:06:ca:20:56:
be:b6:09:d8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIOwBPkfNXBk7wXQz9JzKxg8a9sIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDIxODUyMTFaFw0yNTA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyOTViZjRkMWY2NjVjZGY2MmVkYzY1N2VkMmM2ZGU0MzNiYWZjN2I3OTIy
ODdlYjdhZDhmODkyYjgxZGY5NDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWvpS84c1KzYnb49Vaxr84vU1NFHP5nvQGpakPmzjWpzxq+itquvmT6hVXJ
/iwvSrpUTQQouVhKMkYlZ8vyodALPzso3BuDmivmtpneQoHWLVW1Ux9NybCi0bbU
L0isCGxNw1iEkM6i9WxYuRT4jpNcE4oxO8JgvMkEVEvX1JqndmVEvwMTG+aNljxQ
FA5t6G7hURw6bys9WrmkHk/s2/hxjfWJaH14P2Kg6eOCsbcXfni0vCFcyS9EmyS8
aN1+67YXolU+A9ZcCioErySwZlGS5tWHxdMtiQxkLQ+71gV8ZxE6cGZ/D51kk0ya
g8LLzsM+jl2yXaj1MN3GG5/FYakCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSFx5p2
FKgKHgan92ldZVR9JThQPzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRhNDY0ZmYtN2I5ZC00M2YwLTg2OWQtN2U3YzY2YTdhNWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCI
MA0GCSqGSIb3DQEBCwUAA4IBAQBnbvj/McIXwm4WFCahdY2UK0YtiCXXr2IG3SsN
x3H+9Wrxu9XqVfGcGYjbB9b2JHURLyvmcdaIgtRrz3enWgIjMRQm2p0DNWjno/0T
qPYa6jncRRnkCjJ4tjpqV5u8IBTpaitrJ7/sFEoHR9EuHphj93scOC9f8Y58grLb
lQ04okGwUOZk8GQA9Az2ozaAhpWIJuxsK5MP9ex5qXCiSsHxBVham529r5N5/siL
zdaGxcqaBgFYH1thKuU/2LmR/lI9DzhOzEozHpMYp/g7YcxeFWh+TF98DKpp71/p
ExSfluNsfUle08K3/+izutpsrtO2VQdkL0GTDQbKIFa+tgnY
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:59 2025 by rpki-client