Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d232961-eb43-42b7-908c-1226b1f4eeac.roa
File: 1d232961-eb43-42b7-908c-1226b1f4eeac.roa (raw, json)
Hash identifier: qeNHIxa0Vep4t04KCz0s8Sutkvzmog6dhwz3MOcoQLk=
Subject key identifier: 59:63:88:B4:7A:C6:47:82:5A:AB:F7:A9:54:AC:07:9E:7A:61:CD:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 403250895CDA099E97096CEB717F697265E3E7D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d232961-eb43-42b7-908c-1226b1f4eeac.roa
Signing time: Fri 25 Apr 2025 19:41:06 +0000
ROA not before: Fri 25 Apr 2025 19:41:06 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:32:50:89:5c:da:09:9e:97:09:6c:eb:71:7f:69:72:65:e3:e7:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:41:06 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=31cd8958605244ea76f3bc52a4a12558d6053c9f309616c5bfbaa301ed9c6bed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d3:03:5e:a4:f7:0f:e4:4e:9b:a5:ac:aa:0c:
2d:26:4d:85:21:b3:c7:8b:ff:a9:14:ef:ff:77:d2:
67:89:3c:7b:9a:e3:34:8e:c4:e5:68:d4:af:91:b0:
19:e7:0a:b3:eb:33:f6:74:72:7b:bc:3d:d3:b6:77:
5e:01:6b:63:85:6e:6c:cb:53:32:aa:aa:40:d4:bc:
50:4c:8a:70:01:7e:52:61:4d:13:48:dc:64:89:07:
1d:4a:f9:ea:7e:ba:75:cf:46:ce:b7:ce:49:00:d3:
93:57:62:ba:02:c0:9f:13:b6:0a:33:70:79:31:63:
47:5d:c4:7a:0a:13:a2:d8:cc:6e:63:c1:50:0a:90:
3f:e6:24:9f:ba:af:3c:c6:76:01:a9:6e:14:1d:45:
77:af:f9:5f:d5:08:02:7f:3a:23:39:1b:9e:0d:9b:
ef:35:9d:aa:40:c3:80:6a:0a:ae:d5:16:da:53:6a:
1c:2f:bc:6a:02:08:f3:16:43:9b:3a:0b:5e:8a:37:
0b:2a:60:bf:36:eb:c2:29:df:8b:01:ad:31:de:9c:
f0:b1:c7:75:db:58:8f:ba:50:eb:f0:53:02:00:a9:
23:64:b1:b0:c1:f1:f0:4a:5b:4b:d2:9c:b1:aa:ce:
c6:65:ee:3d:a8:32:ac:cf:8c:e5:fe:2c:9c:fc:cb:
de:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:63:88:B4:7A:C6:47:82:5A:AB:F7:A9:54:AC:07:9E:7A:61:CD:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d232961-eb43-42b7-908c-1226b1f4eeac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077::/32
Signature Algorithm: sha256WithRSAEncryption
1e:9c:a1:06:09:02:fd:db:78:f6:a8:14:01:d0:d6:be:91:2b:
a6:8a:87:19:d9:28:c5:dc:ea:a8:5d:b9:b5:f0:42:25:2f:35:
98:b4:76:0c:ae:6f:0e:5d:7f:4a:28:6f:09:ec:23:49:e4:c0:
e7:8c:f8:eb:01:a7:c3:e8:71:30:43:37:7a:a6:75:8e:6d:60:
6e:25:86:d5:07:ac:59:31:83:fb:eb:8b:db:a5:0c:5f:00:ae:
dd:2b:0d:8f:e4:5f:e6:12:ef:ca:b1:60:e1:02:14:53:fd:1e:
b8:90:ce:f8:fc:90:93:55:f5:57:05:f2:42:de:b9:a8:0b:0d:
b0:ca:cd:b0:15:f5:57:56:5d:be:49:93:18:99:79:68:86:df:
1d:a6:e6:b8:9c:4f:6d:90:f6:81:75:e6:43:aa:bf:52:f5:bb:
a6:cf:d4:2a:c4:53:34:c6:2b:6c:5c:e8:49:eb:c0:4d:83:0d:
04:eb:36:5b:47:34:06:bf:08:af:1c:58:55:58:9d:8e:56:2f:
9c:c6:3d:5f:93:5b:19:e4:07:65:82:b9:5e:2f:e6:b4:f0:1e:
02:3b:9a:42:9f:80:e2:10:84:d4:46:64:97:f8:07:57:7f:d3:
85:f6:90:ba:bd:2f:57:d6:da:70:60:ca:70:f1:ab:2e:b6:bf:
02:e2:83:da
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUQDJQiVzaCZ6XCWzrcX9pcmXj59MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQxMDZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxY2Q4OTU4NjA1MjQ0ZWE3NmYzYmM1MmE0YTEyNTU4ZDYwNTNjOWYzMDk2
MTZjNWJmYmFhMzAxZWQ5YzZiZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIvTA16k9w/kTpulrKoMLSZNhSGzx4v/qRTv/3fSZ4k8e5rjNI7E5WjUr5Gw
GecKs+sz9nRye7w907Z3XgFrY4VubMtTMqqqQNS8UEyKcAF+UmFNE0jcZIkHHUr5
6n66dc9GzrfOSQDTk1diugLAnxO2CjNweTFjR13EegoTotjMbmPBUAqQP+Ykn7qv
PMZ2AaluFB1Fd6/5X9UIAn86Izkbng2b7zWdqkDDgGoKrtUW2lNqHC+8agII8xZD
mzoLXoo3CypgvzbrwinfiwGtMd6c8LHHddtYj7pQ6/BTAgCpI2SxsMHx8EpbS9Kc
sarOxmXuPagyrM+M5f4snPzL3u0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRZY4i0
esZHglqr96lUrAeeemHNVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQyMzI5NjEtZWI0My00MmI3LTkwOGMtMTIyNmIxZjRlZWFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hcw
DQYJKoZIhvcNAQELBQADggEBAB6coQYJAv3bePaoFAHQ1r6RK6aKhxnZKMXc6qhd
ubXwQiUvNZi0dgyubw5df0oobwnsI0nkwOeM+OsBp8PocTBDN3qmdY5tYG4lhtUH
rFkxg/vri9ulDF8Art0rDY/kX+YS78qxYOECFFP9HriQzvj8kJNV9VcF8kLeuagL
DbDKzbAV9VdWXb5JkxiZeWiG3x2m5ricT22Q9oF15kOqv1L1u6bP1CrEUzTGK2xc
6EnrwE2DDQTrNltHNAa/CK8cWFVYnY5WL5zGPV+TWxnkB2WCuV4v5rTwHgI7mkKf
gOIQhNRGZJf4B1d/04X2kLq9L1fW2nBgynDxqy62vwLig9o=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:28 2025 by rpki-client