Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1fb46240-1c3f-4b2f-9927-3470c9898890.roa
File: 1fb46240-1c3f-4b2f-9927-3470c9898890.roa (raw, json)
Hash identifier: 4Ix/sQ3YLNxU/g4I8NtTP08NCyJNEcWB+YNKi/HB4oQ=
Subject key identifier: B2:DD:F4:3D:8F:D9:AD:FA:89:66:F0:B2:54:C6:37:47:C2:C6:29:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6CEA219446D7A4EC634F75683531706ED4D308E5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1fb46240-1c3f-4b2f-9927-3470c9898890.roa
Signing time: Fri 25 Apr 2025 18:50:52 +0000
ROA not before: Fri 25 Apr 2025 18:50:52 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:ea:21:94:46:d7:a4:ec:63:4f:75:68:35:31:70:6e:d4:d3:08:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:50:52 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=8123878cae17d557ecb174b8090f983a82ddf5cad0d059f6975f595ce59a0c54, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5a:5a:53:5f:97:a7:e2:42:47:30:36:29:de:
9c:91:1e:54:9c:03:8c:d4:25:1b:78:bd:73:4b:ce:
19:5f:69:27:4d:6c:d8:70:e2:7d:e8:ae:7b:ac:36:
ca:33:7a:ae:05:50:d2:89:af:34:87:6e:87:7b:b6:
0d:15:30:9c:22:4d:38:f3:66:eb:e1:4a:46:70:c0:
3f:f2:55:e8:30:dc:90:86:0d:90:9a:5c:34:78:90:
ee:9b:16:fb:fe:f6:60:a2:b2:16:f2:e2:55:6a:0f:
65:d3:a0:7a:42:c8:6a:f8:d1:2c:ce:30:25:74:3e:
0f:38:33:c0:2d:4a:06:52:6e:2f:ef:b1:75:e6:56:
78:2d:6c:5d:0a:90:da:e5:24:19:0a:ef:83:f6:5b:
d5:34:0a:91:72:c6:19:c9:3b:d3:92:32:1d:b7:ed:
0d:70:07:0a:32:50:f4:b3:82:67:de:0e:2d:d0:12:
b6:8e:d3:39:df:47:e5:56:75:f2:92:b7:81:a4:76:
db:01:a2:07:00:ad:1d:10:24:e4:51:9b:ee:9b:a1:
ca:ed:aa:8f:ef:51:2d:5c:a4:b3:b0:7a:c0:aa:49:
1c:7e:0b:5a:0c:fd:aa:df:a1:10:41:bf:db:00:28:
78:17:4f:34:db:aa:75:b2:41:5b:67:f5:28:84:da:
80:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DD:F4:3D:8F:D9:AD:FA:89:66:F0:B2:54:C6:37:47:C2:C6:29:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1fb46240-1c3f-4b2f-9927-3470c9898890.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80a0::/48
Signature Algorithm: sha256WithRSAEncryption
3f:ed:c1:2d:a5:9b:d9:45:2b:d6:30:da:4d:c8:42:c9:0e:5a:
1a:7b:f5:47:17:78:99:bd:c4:f1:c7:89:17:ff:45:55:41:71:
0f:a1:81:8b:99:a9:2b:6a:12:2a:77:81:f2:b0:a5:3b:78:6b:
c4:ac:dc:ed:d6:11:cb:23:d7:89:af:32:61:43:ad:1e:0e:19:
b9:e6:40:b3:61:81:b5:b2:f1:e8:dc:3e:06:55:56:ff:10:3b:
1b:86:e0:72:72:42:d6:eb:0b:d2:ea:4d:22:69:72:22:e8:51:
2a:bf:49:1e:c0:87:d1:5d:67:56:01:f6:b4:b8:80:18:a4:fa:
de:4f:b0:77:d3:fd:b4:6b:d4:21:ec:94:94:7a:21:e5:0f:ff:
bf:dc:00:52:01:42:ec:8e:3c:d8:5d:36:96:6a:58:ef:26:80:
7d:85:bd:3a:d1:21:36:7e:0c:9b:b0:4e:ac:26:13:3c:18:cb:
bf:5c:e6:4f:b2:ea:02:af:05:0a:44:64:ce:e1:d4:a9:c2:c9:
48:9a:2b:ce:f3:ef:c3:79:ef:65:a8:3e:c2:76:31:17:84:8e:
80:30:38:4d:3d:8c:fc:8e:2d:ae:7e:4e:da:63:dd:df:da:c0:
ce:19:30:14:26:94:83:26:ca:e6:b1:ad:57:95:64:25:da:86:
00:de:6b:c0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbOohlEbXpOxjT3VoNTFwbtTTCOUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUwNTJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMjM4NzhjYWUxN2Q1NTdlY2IxNzRiODA5MGY5ODNhODJkZGY1Y2FkMGQw
NTlmNjk3NWY1OTVjZTU5YTBjNTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpaWlNfl6fiQkcwNinenJEeVJwDjNQlG3i9c0vOGV9pJ01s2HDifeiue6w2
yjN6rgVQ0omvNIduh3u2DRUwnCJNOPNm6+FKRnDAP/JV6DDckIYNkJpcNHiQ7psW
+/72YKKyFvLiVWoPZdOgekLIavjRLM4wJXQ+DzgzwC1KBlJuL++xdeZWeC1sXQqQ
2uUkGQrvg/Zb1TQKkXLGGck705IyHbftDXAHCjJQ9LOCZ94OLdASto7TOd9H5VZ1
8pK3gaR22wGiBwCtHRAk5FGb7puhyu2qj+9RLVyks7B6wKpJHH4LWgz9qt+hEEG/
2wAoeBdPNNuqdbJBW2f1KITagPsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSy3fQ9
j9mt+olm8LJUxjdHwsYpUDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWZiNDYyNDAtMWMzZi00YjJmLTk5MjctMzQ3MGM5ODk4ODkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
oDANBgkqhkiG9w0BAQsFAAOCAQEAP+3BLaWb2UUr1jDaTchCyQ5aGnv1Rxd4mb3E
8ceJF/9FVUFxD6GBi5mpK2oSKneB8rClO3hrxKzc7dYRyyPXia8yYUOtHg4ZueZA
s2GBtbLx6Nw+BlVW/xA7G4bgcnJC1usL0upNImlyIuhRKr9JHsCH0V1nVgH2tLiA
GKT63k+wd9P9tGvUIeyUlHoh5Q//v9wAUgFC7I482F02lmpY7yaAfYW9OtEhNn4M
m7BOrCYTPBjLv1zmT7LqAq8FCkRkzuHUqcLJSJorzvPvw3nvZag+wnYxF4SOgDA4
TT2M/I4trn5O2mPd39rAzhkwFCaUgybK5rGtV5VkJdqGAN5rwA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:14 2025 by rpki-client