Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
File: 10e25f26-1142-4a43-8091-69f9ddd435c1.roa (raw, json)
Hash identifier: ORN2JAv1af5gBhaWgpbtBbL4SecB7F2NUk7IKM2pJUU=
Subject key identifier: 37:11:01:F5:00:0F:11:60:1F:0D:60:08:D3:9A:ED:0B:C7:C4:98:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 458872F80CCA5B0C29C19E1B9C23E15B86326AA4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
Signing time: Fri 25 Apr 2025 20:01:35 +0000
ROA not before: Fri 25 Apr 2025 20:01:35 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:88:72:f8:0c:ca:5b:0c:29:c1:9e:1b:9c:23:e1:5b:86:32:6a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:01:35 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b07bc79cf56e3cfdd14e58692ccdba737e9cd567b62fee7faa3d11e77edb4f60, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:1c:8f:7b:7f:d4:44:32:09:44:49:0e:16:75:
c2:94:9a:8a:d3:fc:53:e3:87:64:6e:86:ff:68:e6:
80:46:67:1e:fe:14:27:80:d3:93:b0:39:14:fb:d0:
de:5f:ca:be:cb:e9:06:c3:db:1b:21:17:5f:fc:c5:
43:ed:b7:c6:bf:b4:8b:c4:19:e9:f8:ed:3a:ad:4b:
b4:a1:11:1f:08:7c:83:34:25:07:b0:ad:7c:18:94:
05:03:c8:58:49:0e:77:b6:25:a1:e3:d3:8b:89:7d:
1b:95:b2:d4:48:4e:3e:bc:fe:d5:e7:0d:96:85:b0:
eb:dd:96:a6:3a:a7:14:34:0f:e7:47:95:6e:ac:d8:
af:1e:14:42:76:cd:fe:90:be:61:c6:46:28:5c:42:
89:6b:d7:f6:72:fb:54:19:e8:e7:32:ef:0f:20:b6:
17:0e:7c:8e:7a:b8:64:0e:f2:a2:cf:cd:26:08:dd:
8c:36:72:3b:88:2a:84:15:9c:2f:67:51:b2:be:84:
af:20:41:95:e1:30:a3:cd:d8:f7:ff:e8:70:58:f8:
47:cc:1c:6a:8c:be:c6:62:59:3f:90:10:f0:b5:3c:
19:65:31:96:ca:c2:49:7e:ea:e6:79:36:2c:90:98:
37:0f:f1:23:85:6a:d0:00:41:5a:80:29:b7:71:f7:
60:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:11:01:F5:00:0F:11:60:1F:0D:60:08:D3:9A:ED:0B:C7:C4:98:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:1000::/40
Signature Algorithm: sha256WithRSAEncryption
a2:c1:5c:b3:b7:73:76:68:1b:f7:c3:2d:9f:b4:51:5f:b6:ce:
82:60:30:7b:ea:dc:56:cf:bd:42:d5:07:71:ab:7f:12:1f:27:
e9:70:4f:08:eb:7b:80:43:54:e5:dd:09:29:be:81:af:0d:1a:
d5:0a:58:dd:ca:ed:ac:65:cf:17:ce:de:66:6f:72:85:a5:40:
95:28:e1:7d:cd:b2:65:ce:bf:ca:e9:42:7b:cb:8e:97:6c:25:
95:c9:8b:f7:f6:e7:60:9c:8a:5d:92:74:ee:fb:3f:3c:78:ac:
7f:84:67:e4:02:6d:f1:70:a6:cd:f0:b3:ac:09:ea:b6:f5:24:
47:8f:97:47:e1:04:4a:27:1b:77:cb:25:9f:9c:01:2b:a4:51:
4d:42:13:88:c1:6c:08:f7:ba:29:fd:f1:91:00:e4:f3:2b:fe:
91:80:4f:fe:54:a6:a1:23:cd:93:a8:f4:c7:91:50:24:e3:0b:
45:74:dc:5f:b3:e9:fa:0f:48:2c:23:09:f3:d5:b8:01:e3:56:
1e:a8:af:34:37:4b:dd:04:33:f2:e0:48:b1:5e:3a:a3:12:77:
4a:5c:6d:84:97:1a:0c:31:b8:00:e8:88:ef:c3:c5:12:bd:f5:
e1:e5:8d:13:01:43:e6:bf:26:cd:1c:3f:7e:1f:0e:07:f8:f6:
34:1c:2d:cb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURYhy+AzKWwwpwZ4bnCPhW4YyaqQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAxMzVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwN2JjNzljZjU2ZTNjZmRkMTRlNTg2OTJjY2RiYTczN2U5Y2Q1NjdiNjJm
ZWU3ZmFhM2QxMWU3N2VkYjRmNjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN0cj3t/1EQyCURJDhZ1wpSaitP8U+OHZG6G/2jmgEZnHv4UJ4DTk7A5FPvQ
3l/KvsvpBsPbGyEXX/zFQ+23xr+0i8QZ6fjtOq1LtKERHwh8gzQlB7CtfBiUBQPI
WEkOd7YloePTi4l9G5Wy1EhOPrz+1ecNloWw692WpjqnFDQP50eVbqzYrx4UQnbN
/pC+YcZGKFxCiWvX9nL7VBno5zLvDyC2Fw58jnq4ZA7yos/NJgjdjDZyO4gqhBWc
L2dRsr6EryBBleEwo83Y9//ocFj4R8wcaoy+xmJZP5AQ8LU8GWUxlsrCSX7q5nk2
LJCYNw/xI4Vq0ABBWoApt3H3YB8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3EQH1
AA8RYB8NYAjTmu0Lx8SYljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTBlMjVmMjYtMTE0Mi00YTQzLTgwOTEtNjlmOWRkZDQzNWMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCiwVyzt3N2aBv3wy2ftFFfts6CYDB76txWz71C
1Qdxq38SHyfpcE8I63uAQ1Tl3QkpvoGvDRrVCljdyu2sZc8Xzt5mb3KFpUCVKOF9
zbJlzr/K6UJ7y46XbCWVyYv39udgnIpdknTu+z88eKx/hGfkAm3xcKbN8LOsCeq2
9SRHj5dH4QRKJxt3yyWfnAErpFFNQhOIwWwI97op/fGRAOTzK/6RgE/+VKahI82T
qPTHkVAk4wtFdNxfs+n6D0gsIwnz1bgB41YeqK80N0vdBDPy4EixXjqjEndKXG2E
lxoMMbgA6Ijvw8USvfXh5Y0TAUPmvybNHD9+Hw4H+PY0HC3L
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:27:07 2025 by rpki-client