Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06cf9d14-d513-496c-9a8e-a1898978658a.roa
File: 06cf9d14-d513-496c-9a8e-a1898978658a.roa (raw, json)
Hash identifier: Us7awUvR9pBV07Rm9Rky3/PNX68Tcg4WIwBN3dsUNZ0=
Subject key identifier: BD:A1:0B:87:D7:5E:84:53:4B:37:88:9B:AD:CD:D3:02:DE:EC:E5:4D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 633EB6DEB6C77DDC11E430E4BEC62E5513A1814D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06cf9d14-d513-496c-9a8e-a1898978658a.roa
Signing time: Fri 25 Apr 2025 19:41:05 +0000
ROA not before: Fri 25 Apr 2025 19:41:05 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:8040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:3e:b6:de:b6:c7:7d:dc:11:e4:30:e4:be:c6:2e:55:13:a1:81:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:41:05 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b1d03792cb5b6fbbeb5f05c58bb57aa5c73e5f20a9d0dbebf98fb763a6ec2fa3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:87:c0:11:98:ca:c6:ee:bc:2d:3f:fb:52:17:
6a:2c:ed:c0:15:82:62:04:7f:48:ca:ac:5c:0b:67:
3f:b9:94:c5:35:0a:f7:1c:11:98:d0:55:ee:6e:70:
a5:25:43:21:a3:df:48:58:9c:94:c9:05:71:46:fa:
e6:46:d8:0b:cb:33:91:80:eb:f6:0f:4f:3e:d3:9d:
e7:d9:24:02:bf:c7:65:d2:d4:2c:59:ef:0f:f4:00:
80:d1:af:9f:21:43:7a:c3:91:4d:6f:69:5d:07:ba:
21:d4:93:7b:a2:2b:9b:3a:02:39:35:63:83:aa:ca:
f6:63:ea:be:e0:69:4c:04:b7:17:dc:d6:e4:7d:17:
52:87:84:52:82:f5:95:4a:a5:86:20:f4:57:74:2b:
d3:73:a6:40:4e:1c:50:0d:4d:73:82:e6:3e:ba:af:
2f:7d:57:05:40:d7:c2:28:5d:1d:66:0e:3d:29:05:
1c:ac:a6:91:43:dc:b9:9d:7a:00:ef:89:94:6e:e3:
c9:12:c4:b2:40:64:ca:a5:91:19:ba:25:b1:d5:09:
94:16:d8:44:e2:4a:92:19:96:79:e2:ca:0b:25:95:
8b:43:77:84:3d:94:5d:be:86:90:38:a4:0f:3b:d1:
4d:55:7c:eb:d1:f4:c5:fd:cb:94:0a:15:24:a1:c4:
dd:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:A1:0B:87:D7:5E:84:53:4B:37:88:9B:AD:CD:D3:02:DE:EC:E5:4D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06cf9d14-d513-496c-9a8e-a1898978658a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:8040::/46
Signature Algorithm: sha256WithRSAEncryption
74:f8:7b:84:bb:12:76:e3:17:a7:f1:0a:ed:8b:6f:be:e1:a1:
a4:e8:18:d7:68:0a:2d:4b:7d:9e:45:88:37:e8:d3:03:ab:1c:
6b:dd:8d:12:4f:d8:e6:7b:10:fa:0b:a0:e1:8f:6e:84:22:64:
a7:5b:2f:f6:fa:52:eb:17:a7:15:d8:2c:33:f0:95:98:5a:f0:
08:11:5c:a2:7f:16:37:d9:72:e4:08:e3:6e:ba:14:8c:ba:78:
e6:bd:f3:d0:41:e9:36:56:29:95:87:40:60:99:e0:00:dd:34:
79:d4:ee:58:32:53:ae:04:be:74:3b:a6:63:d0:7c:27:bc:3b:
72:53:0e:ce:5e:48:86:34:2b:ce:5d:d8:09:bc:2e:61:11:56:
be:09:49:fa:ed:df:8a:f2:ef:bb:64:dc:8c:3a:fb:7e:dd:e0:
d0:57:db:e1:33:63:20:12:63:7a:24:39:93:43:04:b9:17:41:
dd:83:a9:fd:5a:c9:09:94:fa:5f:47:61:00:ac:ae:40:ac:1e:
ab:a0:7a:4a:6b:f5:b2:09:c8:ac:06:93:c1:06:23:b4:d9:78:
09:e0:79:d3:9e:81:8d:6e:5c:ba:5b:0e:f3:17:f8:27:43:16:
f8:34:3d:90:a2:a6:d2:61:85:5d:39:2f:af:51:32:e6:8c:d6:
dc:4c:e2:fa
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYz623rbHfdwR5DDkvsYuVROhgU0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQxMDVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxZDAzNzkyY2I1YjZmYmJlYjVmMDVjNThiYjU3YWE1YzczZTVmMjBhOWQw
ZGJlYmY5OGZiNzYzYTZlYzJmYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaHwBGYysbuvC0/+1IXaiztwBWCYgR/SMqsXAtnP7mUxTUK9xwRmNBV7m5w
pSVDIaPfSFiclMkFcUb65kbYC8szkYDr9g9PPtOd59kkAr/HZdLULFnvD/QAgNGv
nyFDesORTW9pXQe6IdSTe6IrmzoCOTVjg6rK9mPqvuBpTAS3F9zW5H0XUoeEUoL1
lUqlhiD0V3Qr03OmQE4cUA1Nc4LmPrqvL31XBUDXwihdHWYOPSkFHKymkUPcuZ16
AO+JlG7jyRLEskBkyqWRGbolsdUJlBbYROJKkhmWeeLKCyWVi0N3hD2UXb6GkDik
DzvRTVV869H0xf3LlAoVJKHE3RECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS9oQuH
116EU0s3iJutzdMC3uzlTTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDZjZjlkMTQtZDUxMy00OTZjLTlhOGUtYTE4OTg5Nzg2NThhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeA
QDANBgkqhkiG9w0BAQsFAAOCAQEAdPh7hLsSduMXp/EK7YtvvuGhpOgY12gKLUt9
nkWIN+jTA6sca92NEk/Y5nsQ+gug4Y9uhCJkp1sv9vpS6xenFdgsM/CVmFrwCBFc
on8WN9ly5AjjbroUjLp45r3z0EHpNlYplYdAYJngAN00edTuWDJTrgS+dDumY9B8
J7w7clMOzl5IhjQrzl3YCbwuYRFWvglJ+u3fivLvu2TcjDr7ft3g0Ffb4TNjIBJj
eiQ5k0MEuRdB3YOp/VrJCZT6X0dhAKyuQKweq6B6Smv1sgnIrAaTwQYjtNl4CeB5
056BjW5culsO8xf4J0MW+DQ9kKKm0mGFXTkvr1Ey5ozW3Ezi+g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:53 2025 by rpki-client