Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa
File: 1db7d6f9-20a2-495c-9303-96004ae64814.roa (raw, json)
Hash identifier: DXzEOJCe0jomUihGJUJqJc3JDw1MyP1VyqXW2MhimLU=
Subject key identifier: 0A:5F:26:C2:73:66:14:B6:AA:6B:3E:AB:B3:96:BF:AD:37:F9:07:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D48AA72B6D3D64B06CCB53D31D822052E9C094C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa
Signing time: Mon 21 Apr 2025 18:31:11 +0000
ROA not before: Mon 21 Apr 2025 18:31:11 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:48:aa:72:b6:d3:d6:4b:06:cc:b5:3d:31:d8:22:05:2e:9c:09:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:31:11 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=81a1bd28189bf191f7f4d8907f6f7eec65068221b7e60115b2499eda949bcd85, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:96:1f:03:cc:54:a5:12:fc:6a:b8:aa:b9:56:
92:82:7a:99:42:11:f7:94:21:ad:e7:3d:3c:51:69:
e5:1f:18:07:9a:26:40:69:8d:13:76:0e:0f:a3:7a:
37:e3:63:d0:2a:a4:40:c8:73:8b:f1:00:a1:d0:76:
12:0c:6e:c7:2f:36:09:0a:40:09:6b:08:da:9c:f4:
ae:e0:13:98:55:d2:25:f0:5e:9e:08:a6:85:b9:d5:
cc:fe:e2:53:2b:79:21:27:03:3c:50:ca:01:a7:ab:
22:f9:93:ea:e8:4e:67:1f:1c:48:53:06:76:63:dd:
c8:0f:ad:1d:52:2b:da:cb:d3:70:5a:94:aa:a5:4a:
32:fd:cb:17:6b:48:cb:a5:d1:9c:8c:43:6a:f7:cd:
b8:ef:e6:1a:e7:f5:22:10:8f:3e:8d:d7:6a:64:18:
80:11:99:ed:f1:09:7e:bd:a1:c8:77:d4:4e:da:a1:
cc:3e:ff:0f:18:1e:6c:9c:d9:ca:85:8a:f4:fb:16:
44:86:df:85:d6:a5:7e:a6:7b:9c:a9:11:52:c8:d6:
f4:a6:1d:df:82:93:0a:a8:c5:a3:01:3d:42:a9:1c:
b9:c5:d3:cd:97:8b:b1:4a:ee:e3:32:db:cb:87:90:
92:12:bf:57:c8:39:e0:0e:d6:75:50:34:e6:d8:87:
71:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:5F:26:C2:73:66:14:B6:AA:6B:3E:AB:B3:96:BF:AD:37:F9:07:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
4b:60:bc:97:f1:ae:3b:da:84:5c:10:85:a2:d8:2b:1f:85:d5:
5e:7d:a3:83:9a:d0:7b:20:cf:47:29:fb:71:fd:57:03:a3:6a:
7e:b5:43:0e:b8:66:60:99:1c:b1:79:80:00:4d:bf:53:ce:28:
fc:d1:81:30:fb:c8:ac:37:f2:41:77:99:26:44:0c:8c:b0:6f:
79:4b:26:2e:d0:f2:52:43:a8:72:57:5d:0e:8a:f8:31:18:24:
0a:54:6f:2c:ad:d1:d7:51:78:e3:d0:04:50:c1:8e:12:7b:78:
c9:2f:99:9d:4e:44:8e:1d:9a:ca:c2:45:ca:f7:ad:5d:a1:80:
f6:97:20:63:cb:07:e0:3f:c5:a7:9a:6e:e2:dc:70:bc:bd:14:
da:4b:2e:a4:bd:bf:4e:24:5c:b1:0b:31:20:88:05:dc:48:d8:
53:48:25:90:24:3b:dc:62:aa:9e:c0:fa:bf:82:9d:75:98:89:
47:de:fd:59:f8:4c:1f:33:98:b6:a3:76:4c:a2:90:6b:53:55:
7f:bf:d8:90:70:0f:51:81:bd:3d:8d:de:a2:f2:28:be:23:9d:
28:b3:46:d7:b7:1d:81:50:c3:4f:b3:c3:c4:31:76:7d:f5:11:
94:97:cf:19:17:4a:94:fb:5e:dc:56:3f:30:19:f2:b6:d4:fc:
c2:26:f2:e9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXUiqcrbT1ksGzLU9MdgiBS6cCUwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMxMTFaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxYTFiZDI4MTg5YmYxOTFmN2Y0ZDg5MDdmNmY3ZWVjNjUwNjgyMjFiN2U2
MDExNWIyNDk5ZWRhOTQ5YmNkODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCWHwPMVKUS/Gq4qrlWkoJ6mUIR95Qhrec9PFFp5R8YB5omQGmNE3YOD6N6
N+Nj0CqkQMhzi/EAodB2Egxuxy82CQpACWsI2pz0ruATmFXSJfBengimhbnVzP7i
Uyt5IScDPFDKAaerIvmT6uhOZx8cSFMGdmPdyA+tHVIr2svTcFqUqqVKMv3LF2tI
y6XRnIxDavfNuO/mGuf1IhCPPo3XamQYgBGZ7fEJfr2hyHfUTtqhzD7/DxgebJzZ
yoWK9PsWRIbfhdalfqZ7nKkRUsjW9KYd34KTCqjFowE9QqkcucXTzZeLsUru4zLb
y4eQkhK/V8g54A7WdVA05tiHcSECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQKXybC
c2YUtqprPquzlr+tN/kHuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWRiN2Q2ZjktMjBhMi00OTVjLTkzMDMtOTYwMDRhZTY0ODE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I
wDANBgkqhkiG9w0BAQsFAAOCAQEAS2C8l/GuO9qEXBCFotgrH4XVXn2jg5rQeyDP
Ryn7cf1XA6NqfrVDDrhmYJkcsXmAAE2/U84o/NGBMPvIrDfyQXeZJkQMjLBveUsm
LtDyUkOoclddDor4MRgkClRvLK3R11F449AEUMGOEnt4yS+ZnU5Ejh2aysJFyvet
XaGA9pcgY8sH4D/Fp5pu4txwvL0U2ksupL2/TiRcsQsxIIgF3EjYU0glkCQ73GKq
nsD6v4KddZiJR979WfhMHzOYtqN2TKKQa1NVf7/YkHAPUYG9PY3eovIoviOdKLNG
17cdgVDDT7PDxDF2ffURlJfPGRdKlPte3FY/MBnyttT8wiby6Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:13 2025 by rpki-client