Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa
File: 28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa (raw, json)
Hash identifier: +cV8sUIIS6IdAik/za/agv1Xv9MbiHMrTCdsNUFXxHU=
Subject key identifier: 03:B2:82:FD:B4:DF:44:57:A1:AD:E3:46:B9:00:2F:7A:93:99:6B:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65B4FDE7DA01BA58EAF71793FC8B173AA280E218
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa
Signing time: Fri 25 Apr 2025 19:00:59 +0000
ROA not before: Fri 25 Apr 2025 19:00:59 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:b4:fd:e7:da:01:ba:58:ea:f7:17:93:fc:8b:17:3a:a2:80:e2:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:00:59 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=5da418bbc11962e1a91d0b1f8c0afcba72556e18bf580ed3f4fc46d6932fced7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bb:b6:6b:df:12:5f:b2:e2:73:a7:24:dc:08:
00:7f:e1:bf:4a:f7:76:ea:2e:14:11:8d:9a:03:18:
94:60:4b:1c:d0:d2:c4:4a:c6:a6:c5:df:61:d3:b0:
1c:45:05:51:e5:a7:87:ae:45:c7:21:8e:24:dd:f9:
0a:29:92:48:f2:09:e2:bf:8c:7c:a5:20:55:1b:2a:
25:40:14:a1:b8:86:48:ef:a9:a1:db:1a:2c:40:9d:
07:c2:75:8f:92:c7:70:0f:e3:86:eb:75:99:1d:ec:
90:9a:6e:c4:2b:50:34:cc:fd:a9:3c:5a:a5:c2:44:
85:ff:ee:6e:76:0e:94:3a:90:e1:00:c6:57:04:8c:
56:53:d4:29:63:dd:ce:ba:cf:cb:9b:70:0d:bc:72:
f6:d5:b4:72:25:a5:ac:45:db:00:01:73:74:aa:a5:
3a:76:0e:c2:47:a3:df:0b:7a:75:39:00:1f:35:a4:
63:ba:4a:d1:a9:3b:d2:7b:bd:8c:ae:c0:1e:06:f5:
f4:18:da:95:a1:9c:e6:f6:ab:ee:59:5c:66:70:2e:
8d:67:eb:39:81:0e:be:f7:24:5b:3e:11:68:7c:2c:
f1:fc:5d:36:dc:1b:d4:0e:65:dd:5d:81:23:3f:ca:
53:fd:48:36:d3:00:18:81:b6:08:91:76:ff:5b:e0:
78:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B2:82:FD:B4:DF:44:57:A1:AD:E3:46:B9:00:2F:7A:93:99:6B:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80e0::/48
Signature Algorithm: sha256WithRSAEncryption
81:64:fb:11:33:a3:92:ad:a1:9a:82:83:dc:0f:95:c3:1a:20:
1f:be:f1:1e:3d:7e:d0:a3:60:ad:ce:81:99:6f:dd:0b:57:8b:
42:3a:8b:0e:5d:a2:ff:44:cf:15:d9:02:c5:f2:14:bd:65:c1:
4f:49:18:cc:2a:60:4f:dd:6b:65:3b:f8:d5:17:46:d3:64:74:
90:2b:8c:5c:cd:bc:5e:8d:9f:8d:69:ba:47:e6:73:eb:d6:49:
45:0e:43:78:06:26:69:60:80:c0:84:17:5c:9b:80:5e:e3:b2:
fc:92:20:0d:94:dd:68:75:e7:34:a3:7f:cf:0d:77:fe:78:79:
d7:07:ad:51:04:10:b3:3f:f5:71:33:4f:d5:d0:e2:f6:bf:fb:
02:90:e6:ba:a7:25:32:0c:13:5c:47:e0:ea:bc:df:75:8d:49:
29:c6:6a:cd:6f:67:2e:cd:36:03:37:74:75:5a:80:5c:6e:7e:
58:b7:c0:f6:20:20:8d:20:ae:95:76:b2:39:04:ef:fd:ed:e3:
40:9d:63:43:75:bb:9b:d3:3e:a3:e0:b4:ae:6e:3f:3d:da:20:
de:28:22:c6:7d:12:16:95:f2:fb:4b:53:d8:0b:59:bd:40:7d:
28:f7:2c:b3:aa:2e:95:dc:54:aa:b6:03:9b:b2:f4:4a:5e:a1:
05:ed:e5:9c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZbT959oBuljq9xeT/IsXOqKA4hgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAwNTlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkYTQxOGJiYzExOTYyZTFhOTFkMGIxZjhjMGFmY2JhNzI1NTZlMThiZjU4
MGVkM2Y0ZmM0NmQ2OTMyZmNlZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK67tmvfEl+y4nOnJNwIAH/hv0r3duouFBGNmgMYlGBLHNDSxErGpsXfYdOw
HEUFUeWnh65FxyGOJN35CimSSPIJ4r+MfKUgVRsqJUAUobiGSO+podsaLECdB8J1
j5LHcA/jhut1mR3skJpuxCtQNMz9qTxapcJEhf/ubnYOlDqQ4QDGVwSMVlPUKWPd
zrrPy5twDbxy9tW0ciWlrEXbAAFzdKqlOnYOwkej3wt6dTkAHzWkY7pK0ak70nu9
jK7AHgb19BjalaGc5var7llcZnAujWfrOYEOvvckWz4RaHws8fxdNtwb1A5l3V2B
Iz/KU/1INtMAGIG2CJF2/1vgeAsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQDsoL9
tN9EV6Gt40a5AC96k5lr3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjhmYzQzYWQtMGMzYi00ZDc3LWFhMzItNWVmYzQzMWU2OWMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
4DANBgkqhkiG9w0BAQsFAAOCAQEAgWT7ETOjkq2hmoKD3A+VwxogH77xHj1+0KNg
rc6BmW/dC1eLQjqLDl2i/0TPFdkCxfIUvWXBT0kYzCpgT91rZTv41RdG02R0kCuM
XM28Xo2fjWm6R+Zz69ZJRQ5DeAYmaWCAwIQXXJuAXuOy/JIgDZTdaHXnNKN/zw13
/nh51wetUQQQsz/1cTNP1dDi9r/7ApDmuqclMgwTXEfg6rzfdY1JKcZqzW9nLs02
Azd0dVqAXG5+WLfA9iAgjSCulXayOQTv/e3jQJ1jQ3W7m9M+o+C0rm4/Pdog3igi
xn0SFpXy+0tT2AtZvUB9KPcss6ouldxUqrYDm7L0Sl6hBe3lnA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:37 2025 by rpki-client