Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24fbce39-e1a6-41e1-b748-a2b2ffe4e457.roa
File: 24fbce39-e1a6-41e1-b748-a2b2ffe4e457.roa (raw, json)
Hash identifier: aTc7/h6H7/+Y7cOhZU3Q7pwTc0R83IWACJQ2ffmTMbw=
Subject key identifier: D2:21:B5:D1:47:01:0E:DB:4E:39:20:D5:1E:7F:37:32:AF:18:01:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04ACA8B5615457AF064E55B3C3F6020224B29876
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24fbce39-e1a6-41e1-b748-a2b2ffe4e457.roa
Signing time: Thu 17 Apr 2025 16:37:11 +0000
ROA not before: Thu 17 Apr 2025 16:37:11 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:ac:a8:b5:61:54:57:af:06:4e:55:b3:c3:f6:02:02:24:b2:98:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 16:37:11 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=2570ff9e08c26ce446b3c9897370dabaf0ec70ab423561e6e391833f057f8f6e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:06:15:3d:ec:2c:27:36:30:6b:3e:e4:7d:ae:
83:32:b7:ec:95:48:50:ec:d0:d9:78:f8:a1:17:85:
9b:7a:28:ce:08:ab:11:d3:9f:7d:09:d5:66:b5:c4:
9a:1a:14:85:5a:f7:61:18:63:20:72:2b:fc:91:88:
24:e0:d8:d5:cb:95:1f:c0:06:a0:cf:a3:5b:a1:98:
e8:92:9f:d1:53:56:6e:fd:24:4b:97:8a:76:ef:64:
1a:d1:87:a8:52:c8:b5:3b:74:5a:11:b4:53:90:f4:
24:30:90:e8:85:47:b0:c8:9d:1b:58:89:b8:1d:56:
0b:40:a4:42:7b:c5:7c:86:06:88:04:02:25:a7:09:
1a:06:04:55:6d:80:f5:b9:9b:47:6b:92:f4:51:cb:
ba:ab:9f:b8:cb:20:48:c7:22:b7:3a:e7:63:38:70:
1f:77:1c:8c:ef:c1:a5:4c:97:5f:72:cd:4f:d4:4e:
e6:2b:68:c4:ba:e7:96:8a:f7:97:02:f4:0b:f2:29:
67:3b:83:84:64:0b:cc:50:cf:8a:d5:a0:7a:dd:f5:
4e:27:a8:6e:74:4e:66:ab:86:e3:7c:a2:de:41:22:
ce:3b:9f:ee:76:c3:54:b7:43:e1:f3:30:4e:7a:f4:
89:0a:93:42:6d:73:9e:79:36:69:79:c6:cf:90:b9:
6a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:21:B5:D1:47:01:0E:DB:4E:39:20:D5:1E:7F:37:32:AF:18:01:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24fbce39-e1a6-41e1-b748-a2b2ffe4e457.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:8000::/40
Signature Algorithm: sha256WithRSAEncryption
77:11:41:1f:de:8e:71:46:1c:f1:8a:4f:cf:33:90:64:7d:4a:
32:07:06:c0:32:33:53:4a:9d:ec:77:3f:9e:70:18:fb:51:01:
b6:03:c5:9b:32:19:fc:2e:56:d7:8f:bd:01:e1:33:ab:08:af:
be:89:ba:34:24:a6:1a:bb:5d:5a:75:36:fa:f9:a8:cd:36:70:
3b:fa:78:e7:49:57:3d:c1:4e:82:1f:1b:8a:46:ae:51:8b:71:
4d:5f:b4:10:29:4c:42:09:1a:86:6f:f8:d3:d7:03:89:6b:65:
ed:64:6c:84:42:76:c8:02:40:71:9f:9c:8b:1c:38:e9:e6:83:
45:0a:21:36:e0:0f:35:ea:5c:74:66:f0:79:29:2a:7a:bb:d1:
6b:8f:b9:35:85:f3:fb:60:e4:47:1f:90:29:51:ee:bc:7f:7a:
ad:00:76:10:94:37:cf:0b:dc:e2:91:7a:ed:b6:9b:db:ff:43:
a2:12:d6:f5:72:82:98:70:90:0b:df:3b:4c:d6:3c:47:ab:1c:
d7:ac:27:c3:b7:4d:8b:5a:32:85:c3:74:d6:ce:fa:d6:b0:4a:
71:da:9e:f6:e6:65:e6:7d:cf:92:23:f6:62:3a:c4:6f:ba:a9:
24:dc:f2:fa:9e:22:ae:0d:57:41:75:6e:37:4a:6f:88:f6:38:
5c:b3:ef:d9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBKyotWFUV68GTlWzw/YCAiSymHYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcxNjM3MTFaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1NzBmZjllMDhjMjZjZTQ0NmIzYzk4OTczNzBkYWJhZjBlYzcwYWI0MjM1
NjFlNmUzOTE4MzNmMDU3ZjhmNmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYGFT3sLCc2MGs+5H2ugzK37JVIUOzQ2Xj4oReFm3oozgirEdOffQnVZrXE
mhoUhVr3YRhjIHIr/JGIJODY1cuVH8AGoM+jW6GY6JKf0VNWbv0kS5eKdu9kGtGH
qFLItTt0WhG0U5D0JDCQ6IVHsMidG1iJuB1WC0CkQnvFfIYGiAQCJacJGgYEVW2A
9bmbR2uS9FHLuqufuMsgSMcitzrnYzhwH3ccjO/BpUyXX3LNT9RO5itoxLrnlor3
lwL0C/IpZzuDhGQLzFDPitWget31TieobnROZquG43yi3kEizjuf7nbDVLdD4fMw
Tnr0iQqTQm1znnk2aXnGz5C5aosCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTSIbXR
RwEO2045INUefzcyrxgBtTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjRmYmNlMzktZTFhNi00MWUxLWI3NDgtYTJiMmZmZTRlNDU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FuA
MA0GCSqGSIb3DQEBCwUAA4IBAQB3EUEf3o5xRhzxik/PM5BkfUoyBwbAMjNTSp3s
dz+ecBj7UQG2A8WbMhn8LlbXj70B4TOrCK++ibo0JKYau11adTb6+ajNNnA7+njn
SVc9wU6CHxuKRq5Ri3FNX7QQKUxCCRqGb/jT1wOJa2XtZGyEQnbIAkBxn5yLHDjp
5oNFCiE24A816lx0ZvB5KSp6u9Frj7k1hfP7YORHH5ApUe68f3qtAHYQlDfPC9zi
kXrttpvb/0OiEtb1coKYcJAL3ztM1jxHqxzXrCfDt02LWjKFw3TWzvrWsEpx2p72
5mXmfc+SI/ZiOsRvuqkk3PL6niKuDVdBdW43Sm+I9jhcs+/Z
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:36 2025 by rpki-client