Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
File: 16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa (raw, json)
Hash identifier: PT+8pzHgq0kVH/yH6V45Wdg/RDBWP3TYhIxsBENlp00=
Subject key identifier: F2:B0:69:BF:2F:2F:22:0E:9B:44:EA:B2:ED:9B:2E:D0:DB:1E:BB:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0688EDD3DC4FD998B1663BC4890B4AA76AA67762
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
Signing time: Fri 25 Apr 2025 20:01:10 +0000
ROA not before: Fri 25 Apr 2025 20:01:10 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:88:ed:d3:dc:4f:d9:98:b1:66:3b:c4:89:0b:4a:a7:6a:a6:77:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:01:10 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=1b71dee89caf72a907f93b0abd6e7755a420f9ebc4e3651401bac7ff0e9b078a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7b:2a:aa:ac:cc:ba:3d:5c:fa:64:d0:18:76:
bd:dc:9b:b7:5c:f7:1f:29:29:a6:68:39:e6:b6:96:
51:53:10:03:5a:1b:37:cb:7e:76:3c:02:7e:a2:d2:
fa:64:be:2f:1c:a7:1b:9b:41:fd:2c:ca:f4:ad:7e:
35:8d:18:4e:3d:c5:d3:2c:e8:b8:e1:ae:05:9d:83:
da:e3:83:36:ab:5e:5d:9e:9b:44:48:d2:8e:09:ea:
e8:99:f9:f5:1e:9d:c6:65:82:5d:43:f7:83:c3:4e:
60:d4:b3:80:2d:ef:e8:51:eb:af:66:15:f6:64:78:
5c:76:1f:01:bb:d8:5c:b8:9a:c4:d6:8d:34:f6:18:
a1:13:f5:3b:9a:5d:f2:71:f7:a4:dc:f4:70:4b:87:
66:b2:25:f3:d9:50:2e:af:ac:49:32:97:d5:a2:7b:
4f:4f:00:1d:17:98:39:19:be:50:68:c4:af:41:f9:
33:ac:4e:b3:e8:1b:41:4d:99:b2:8c:d0:a5:ab:a4:
9c:4d:de:31:70:51:13:ad:0d:7c:5f:94:44:32:6a:
40:6d:74:19:8b:06:ff:a7:db:0a:e9:cb:81:fd:ff:
f5:49:90:8c:d5:bc:e8:0a:60:b8:54:01:a5:77:76:
f0:48:cb:16:6b:77:8c:ce:13:61:f9:e5:26:51:7b:
6f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:B0:69:BF:2F:2F:22:0E:9B:44:EA:B2:ED:9B:2E:D0:DB:1E:BB:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:b000::/40
Signature Algorithm: sha256WithRSAEncryption
a2:98:62:f7:72:24:c8:60:a9:90:c8:fd:0e:f9:81:13:5f:3f:
3e:a4:d5:d3:15:7f:8c:bf:5d:4c:0f:f2:9e:87:f6:33:9e:b4:
f5:04:d7:b1:5b:4d:35:74:5e:9c:82:98:bf:f9:57:19:b3:f2:
53:be:7d:ba:4f:75:d5:dd:98:cd:bd:17:1a:a3:da:57:3e:9f:
9f:5f:0f:17:53:73:73:99:2f:1b:82:02:af:3c:9d:a3:ba:d2:
26:0c:b9:b6:53:0c:f2:cc:6f:0a:b0:58:3a:17:1f:2e:5a:66:
be:25:dc:b3:bd:ae:c9:5a:cb:fc:18:2d:89:8b:2a:4c:16:20:
d0:9c:1f:a6:ae:91:52:9b:bd:80:73:65:fe:61:b9:15:85:04:
54:73:44:0b:56:79:1d:79:84:0e:ec:32:59:f4:0f:ad:7f:f3:
33:a1:0f:d9:46:4b:4c:3a:99:21:54:ef:fb:b0:46:e3:40:1a:
f3:ac:1a:82:02:fe:a4:b5:1e:d0:ef:a6:6c:29:71:84:62:22:
a4:2c:07:e1:b5:c9:43:50:d7:21:fa:c5:40:1a:08:7f:31:3f:
8f:21:cf:2d:e3:47:e4:92:fd:85:04:6e:03:7f:e7:5f:56:03:
59:6c:71:ff:79:fb:f3:cc:e4:7e:a0:f2:8e:c1:1b:59:3c:8c:
a8:af:2f:78
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBojt09xP2ZixZjvEiQtKp2qmd2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAxMTBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiNzFkZWU4OWNhZjcyYTkwN2Y5M2IwYWJkNmU3NzU1YTQyMGY5ZWJjNGUz
NjUxNDAxYmFjN2ZmMGU5YjA3OGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ97KqqszLo9XPpk0Bh2vdybt1z3Hykppmg55raWUVMQA1obN8t+djwCfqLS
+mS+LxynG5tB/SzK9K1+NY0YTj3F0yzouOGuBZ2D2uODNqteXZ6bREjSjgnq6Jn5
9R6dxmWCXUP3g8NOYNSzgC3v6FHrr2YV9mR4XHYfAbvYXLiaxNaNNPYYoRP1O5pd
8nH3pNz0cEuHZrIl89lQLq+sSTKX1aJ7T08AHReYORm+UGjEr0H5M6xOs+gbQU2Z
sozQpauknE3eMXBRE60NfF+URDJqQG10GYsG/6fbCunLgf3/9UmQjNW86ApguFQB
pXd28EjLFmt3jM4TYfnlJlF7b88CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTysGm/
Ly8iDptE6rLtmy7Q2x67MDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTZlODNkODktOWMyOS00ZDcwLTlkMWQtODVlNGRjN2UzZDZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hiw
MA0GCSqGSIb3DQEBCwUAA4IBAQCimGL3ciTIYKmQyP0O+YETXz8+pNXTFX+Mv11M
D/Keh/YznrT1BNexW001dF6cgpi/+VcZs/JTvn26T3XV3ZjNvRcao9pXPp+fXw8X
U3NzmS8bggKvPJ2jutImDLm2UwzyzG8KsFg6Fx8uWma+Jdyzva7JWsv8GC2JiypM
FiDQnB+mrpFSm72Ac2X+YbkVhQRUc0QLVnkdeYQO7DJZ9A+tf/MzoQ/ZRktMOpkh
VO/7sEbjQBrzrBqCAv6ktR7Q76ZsKXGEYiKkLAfhtclDUNch+sVAGgh/MT+PIc8t
40fkkv2FBG4Df+dfVgNZbHH/efvzzOR+oPKOwRtZPIyory94
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:11 2025 by rpki-client