Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ab48d39-178e-4855-83a6-895690a81d28.roa
File: 0ab48d39-178e-4855-83a6-895690a81d28.roa (raw, json)
Hash identifier: Vo7MpsNLpfyv903gDI6k+MBK9pycne6SXDu+El1jFBk=
Subject key identifier: B1:47:EC:27:6A:BC:B9:FC:B6:31:F9:28:37:82:CD:08:59:BD:35:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71C6F1448A5A95CD99B822740ECD6D99BA3D0AA3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ab48d39-178e-4855-83a6-895690a81d28.roa
Signing time: Fri 25 Apr 2025 19:30:05 +0000
ROA not before: Fri 25 Apr 2025 19:30:05 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:a080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:c6:f1:44:8a:5a:95:cd:99:b8:22:74:0e:cd:6d:99:ba:3d:0a:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:30:05 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=a2bd10024e277cee8f2f133c5e009ed33f93964829cf730333315059a4bd9393, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:63:be:65:60:08:e4:26:7d:4e:15:28:a5:11:
c0:a7:d3:c8:78:f8:98:aa:e8:39:c8:cc:fb:7d:d4:
aa:2e:84:d0:42:d0:95:e1:ad:27:99:5f:bb:1e:79:
93:09:77:92:9c:5a:1c:a9:19:38:41:db:71:1c:0a:
7c:c0:5f:d1:80:a1:75:ee:3e:ae:ee:f8:6f:2f:83:
2b:21:cb:09:ac:30:52:23:2e:14:38:2e:d9:63:a0:
90:2b:27:1f:12:11:37:f0:d2:2e:c1:a1:b4:eb:92:
d6:1e:71:a0:0e:7e:94:3a:6f:89:c0:48:be:55:93:
59:de:61:a6:3e:96:8f:75:2c:20:8e:91:43:a6:e6:
d7:53:91:f9:d4:2a:f0:ab:5d:22:03:9f:e5:e7:ee:
8e:08:c3:f0:13:52:ca:e4:63:b5:57:fe:49:bc:e5:
e7:a1:00:6d:bc:91:d4:51:5a:80:57:2a:fe:72:4f:
a6:03:09:47:f8:05:c0:f5:90:23:b4:c5:34:00:36:
3f:7e:77:ed:84:50:45:23:8e:92:7b:e3:c1:1e:74:
2f:15:da:93:93:cf:4e:bd:fc:30:34:50:44:6c:92:
dd:3c:1b:5a:6d:34:ef:a4:fc:fa:b9:73:89:39:f0:
d2:a1:6c:8f:ee:d6:9e:f5:a4:a3:13:f1:1d:1d:23:
a5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:47:EC:27:6A:BC:B9:FC:B6:31:F9:28:37:82:CD:08:59:BD:35:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ab48d39-178e-4855-83a6-895690a81d28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:a080::/46
Signature Algorithm: sha256WithRSAEncryption
1d:4d:4f:9f:d7:96:f2:58:0e:78:91:82:3c:3c:dc:d3:d5:5e:
67:d7:e3:84:18:8b:e2:26:10:36:9d:53:ac:7c:b8:81:2e:d6:
21:40:60:43:5b:d1:b1:99:1d:6d:de:e3:42:e5:63:b2:73:58:
37:1b:df:b5:b3:4e:00:97:6b:fc:fe:cd:17:da:32:13:04:b4:
93:20:bf:3c:89:74:e2:69:83:3e:e0:59:18:d2:07:93:4b:73:
ae:7a:4c:7a:de:72:12:77:aa:15:80:14:64:17:7e:56:4f:cb:
fd:21:b7:13:1c:fb:a8:1e:89:6a:b6:74:ce:9e:93:c2:8b:67:
7b:65:7b:51:c7:10:4f:d3:25:b9:cf:09:b1:98:17:29:7a:3f:
7f:1f:68:d5:70:aa:82:a8:24:bf:3a:5c:87:21:03:da:c8:4f:
9b:95:a3:a0:93:85:0f:42:e2:df:d3:76:96:94:9f:cc:85:d5:
c1:32:b3:5f:0f:e6:4c:be:06:ad:3e:8c:c8:43:e9:88:ab:e0:
40:37:03:ae:97:1f:ba:39:44:eb:29:18:c2:45:8b:d2:af:fb:
ea:41:b3:86:7b:d4:9b:8b:13:b7:08:0a:ea:c6:af:9f:4b:2b:
5c:66:56:66:0b:c1:19:2c:fc:9d:32:23:d8:f1:06:93:0a:df:
d3:08:fb:11
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUccbxRIpalc2ZuCJ0Ds1tmbo9CqMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMwMDVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyYmQxMDAyNGUyNzdjZWU4ZjJmMTMzYzVlMDA5ZWQzM2Y5Mzk2NDgyOWNm
NzMwMzMzMzE1MDU5YTRiZDkzOTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANtjvmVgCOQmfU4VKKURwKfTyHj4mKroOcjM+33Uqi6E0ELQleGtJ5lfux55
kwl3kpxaHKkZOEHbcRwKfMBf0YChde4+ru74by+DKyHLCawwUiMuFDgu2WOgkCsn
HxIRN/DSLsGhtOuS1h5xoA5+lDpvicBIvlWTWd5hpj6Wj3UsII6RQ6bm11OR+dQq
8KtdIgOf5efujgjD8BNSyuRjtVf+Sbzl56EAbbyR1FFagFcq/nJPpgMJR/gFwPWQ
I7TFNAA2P3537YRQRSOOknvjwR50LxXak5PPTr38MDRQRGyS3TwbWm0076T8+rlz
iTnw0qFsj+7WnvWkoxPxHR0jpfsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSxR+wn
ary5/LYx+Sg3gs0IWb01LzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGFiNDhkMzktMTc4ZS00ODU1LTgzYTYtODk1NjkwYTgxZDI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Heg
gDANBgkqhkiG9w0BAQsFAAOCAQEAHU1Pn9eW8lgOeJGCPDzc09VeZ9fjhBiL4iYQ
Np1TrHy4gS7WIUBgQ1vRsZkdbd7jQuVjsnNYNxvftbNOAJdr/P7NF9oyEwS0kyC/
PIl04mmDPuBZGNIHk0tzrnpMet5yEneqFYAUZBd+Vk/L/SG3Exz7qB6JarZ0zp6T
wotne2V7UccQT9Mluc8JsZgXKXo/fx9o1XCqgqgkvzpchyED2shPm5WjoJOFD0Li
39N2lpSfzIXVwTKzXw/mTL4GrT6MyEPpiKvgQDcDrpcfujlE6ykYwkWL0q/76kGz
hnvUm4sTtwgK6savn0srXGZWZgvBGSz8nTIj2PEGkwrf0wj7EQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:27:06 2025 by rpki-client