Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
File: 144286ab-f239-401f-a4ef-706749b0d570.roa (raw, json)
Hash identifier: UZJ5U/L2vKLQruo+DFoqK+sBbknLC5+IlC9oW1zOe78=
Subject key identifier: EA:D2:63:04:5C:37:7E:12:D7:CB:E7:5E:BC:71:FB:58:59:8B:41:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 573ED98A662A0C227264B0B5477E0BEF52C7A8F5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
Signing time: Fri 25 Apr 2025 18:20:17 +0000
ROA not before: Fri 25 Apr 2025 18:20:17 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:3e:d9:8a:66:2a:0c:22:72:64:b0:b5:47:7e:0b:ef:52:c7:a8:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:20:17 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=18b5f70ff51c563b67f68bb2d148c08ff9912a4a8a0a6e014fa2142210a1811c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ae:59:46:17:18:18:08:a8:6f:98:6a:40:fc:
5b:6e:32:76:73:d5:c8:a8:09:b5:e0:d9:c9:e5:79:
a0:c5:a5:2a:2e:41:e4:e6:81:53:3b:87:a9:f2:06:
bd:97:a2:f1:22:e4:33:75:e6:07:4a:54:36:71:c2:
fc:a9:1c:02:69:39:cb:95:49:e8:d9:ea:cb:71:34:
51:b6:c5:21:e6:a7:bc:29:95:6f:e5:8c:3b:b1:fd:
9b:74:0d:d3:23:c2:0e:f4:df:64:63:82:54:47:3d:
0e:44:79:fe:ea:4c:ec:96:07:7b:c4:b6:1c:9c:be:
f7:e7:e8:59:c1:89:49:36:21:5c:c1:a7:16:7d:2b:
f7:5f:c2:ab:2d:8c:68:28:9f:7d:82:b6:0e:eb:63:
76:0a:61:54:19:e2:9d:2e:76:b1:bd:8f:86:68:b0:
fe:22:91:01:91:51:84:cb:19:37:c8:50:bd:65:54:
ae:5e:1a:f0:32:be:d5:25:b3:6a:7a:d4:d6:07:ea:
e1:b8:6e:a2:e3:e2:f9:ed:3e:b8:99:fd:5a:9e:29:
c9:d0:c9:f1:6d:1d:c8:2f:2b:a6:f8:01:ee:b5:a7:
0e:c4:92:d7:d6:32:6d:70:fb:74:c9:f3:3a:ad:5b:
eb:3c:18:16:35:69:d6:c7:82:c5:70:11:05:ff:eb:
c0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D2:63:04:5C:37:7E:12:D7:CB:E7:5E:BC:71:FB:58:59:8B:41:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
14:ea:b1:93:21:06:8b:30:ec:b8:04:3b:42:be:b4:be:8b:81:
e1:39:98:58:18:05:56:39:c5:3f:6a:36:43:d9:6b:9e:10:96:
01:3d:c3:50:2c:12:12:aa:5c:da:bd:30:7a:9f:a9:af:4e:e9:
e6:cd:db:7f:18:a9:fd:a2:b4:3b:5d:c3:c6:07:c8:74:d5:6d:
78:8f:e8:db:8f:0d:cd:c0:79:ce:ab:ed:07:d7:14:64:a7:d7:
73:36:d9:64:b0:17:9b:1a:65:9c:29:e5:6b:98:02:3c:38:a7:
a4:f3:fb:56:36:26:f5:5c:6f:f5:e2:43:cb:ea:10:fb:07:8a:
74:d4:b1:d5:bf:80:80:a6:f5:5a:07:b6:05:5a:c0:79:d5:ea:
27:db:59:e0:8a:01:7a:37:a2:21:b0:b7:ad:a5:90:37:1a:b5:
11:29:32:25:b8:48:a6:bb:bb:2d:1a:57:44:98:db:5a:4e:74:
3e:fa:de:a0:74:1f:0b:ee:c8:6d:1c:ba:8f:9b:81:d6:47:25:
2c:12:ea:18:86:ca:b5:ed:9d:e6:e1:42:9e:e7:22:d3:2e:b6:
89:55:23:f9:2f:2d:ea:12:03:a3:8a:8b:50:be:96:98:1d:cf:
a4:4f:ba:67:a0:c0:e1:64:82:aa:0b:96:87:3e:04:e9:a1:af:
4b:42:77:9e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVz7ZimYqDCJyZLC1R34L71LHqPUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODIwMTdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4YjVmNzBmZjUxYzU2M2I2N2Y2OGJiMmQxNDhjMDhmZjk5MTJhNGE4YTBh
NmUwMTRmYTIxNDIyMTBhMTgxMWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6uWUYXGBgIqG+YakD8W24ydnPVyKgJteDZyeV5oMWlKi5B5OaBUzuHqfIG
vZei8SLkM3XmB0pUNnHC/KkcAmk5y5VJ6Nnqy3E0UbbFIeanvCmVb+WMO7H9m3QN
0yPCDvTfZGOCVEc9DkR5/upM7JYHe8S2HJy+9+foWcGJSTYhXMGnFn0r91/Cqy2M
aCiffYK2DutjdgphVBninS52sb2Phmiw/iKRAZFRhMsZN8hQvWVUrl4a8DK+1SWz
anrU1gfq4bhuouPi+e0+uJn9Wp4pydDJ8W0dyC8rpvgB7rWnDsSS19YybXD7dMnz
Oq1b6zwYFjVp1seCxXARBf/rwAMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTq0mME
XDd+EtfL5168cftYWYtBHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTQ0Mjg2YWItZjIzOS00MDFmLWE0ZWYtNzA2NzQ5YjBkNTcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
wDANBgkqhkiG9w0BAQsFAAOCAQEAFOqxkyEGizDsuAQ7Qr60vouB4TmYWBgFVjnF
P2o2Q9lrnhCWAT3DUCwSEqpc2r0wep+pr07p5s3bfxip/aK0O13DxgfIdNVteI/o
248NzcB5zqvtB9cUZKfXczbZZLAXmxplnCnla5gCPDinpPP7VjYm9Vxv9eJDy+oQ
+weKdNSx1b+AgKb1Wge2BVrAedXqJ9tZ4IoBejeiIbC3raWQNxq1ESkyJbhIpru7
LRpXRJjbWk50PvreoHQfC+7IbRy6j5uB1kclLBLqGIbKte2d5uFCnuci0y62iVUj
+S8t6hIDo4qLUL6WmB3PpE+6Z6DA4WSCqguWhz4E6aGvS0J3ng==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:29 2025 by rpki-client