Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
File: 2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa (raw, json)
Hash identifier: 5WRAQbkxX8z+N68TTwluX9mIFIJbPLMZHuGYeCtkHos=
Subject key identifier: 00:8D:35:82:27:ED:0E:4F:0C:0A:73:67:B0:0C:E7:6C:B3:0D:30:B1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6635EE6BCC4B2BF92E009ED26E8F87E83CE25082
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
Signing time: Fri 25 Apr 2025 18:40:04 +0000
ROA not before: Fri 25 Apr 2025 18:40:04 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:35:ee:6b:cc:4b:2b:f9:2e:00:9e:d2:6e:8f:87:e8:3c:e2:50:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:40:04 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=1378feb0180726c648af177ad6598f4b7a31468cdec0147b8bd5b9276dd61b08, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a7:5c:08:47:04:7c:e7:1f:91:ad:40:56:0f:
7a:99:8e:2c:95:c1:32:b0:30:60:56:90:7a:c5:19:
16:ad:3f:70:60:73:74:80:8f:f8:29:c3:e3:79:a6:
23:36:b5:fd:d8:c4:82:e6:a2:d9:0c:5f:12:1d:3b:
32:7f:77:2c:6c:00:68:96:65:25:57:98:64:94:5b:
93:55:23:57:c6:4b:06:5c:7d:c5:f7:53:f3:b5:8f:
20:e1:d6:5b:f6:e6:43:7e:01:95:2a:48:fa:37:4b:
00:06:fa:f9:6e:02:5b:a2:36:9b:f5:75:a7:03:04:
0b:46:3d:77:64:74:c6:ba:93:df:c9:ae:6e:b7:26:
19:1b:07:63:33:a9:15:ae:29:8f:2d:f9:35:91:0c:
22:42:47:52:24:ec:1c:3f:9a:d1:85:91:02:2f:6e:
f5:b2:e5:dc:61:b6:b6:19:44:25:d6:cb:d3:0b:7c:
ce:52:ff:25:ec:fd:af:79:7f:b9:1b:97:f0:2d:66:
09:75:e9:b5:6b:8e:ee:1f:b1:43:01:18:f7:1e:71:
d2:42:57:a4:87:99:4d:b6:a7:b0:83:49:4a:bf:1a:
20:bb:05:57:79:a0:e6:ff:7b:67:90:db:32:87:62:
eb:4e:98:c8:7f:5e:82:51:e5:34:79:67:b3:23:d5:
7d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:8D:35:82:27:ED:0E:4F:0C:0A:73:67:B0:0C:E7:6C:B3:0D:30:B1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:1080::/48
Signature Algorithm: sha256WithRSAEncryption
1d:dc:e1:9f:f0:64:ce:6a:e0:5f:e9:7a:ad:33:f4:b1:a2:94:
47:c4:40:98:58:ec:27:89:18:da:4b:5d:b0:e4:c4:3f:3c:eb:
0b:bf:5c:5e:ca:28:0e:31:60:77:bd:08:dd:29:47:a3:21:06:
c0:e8:ac:de:bb:e9:13:36:55:f5:14:23:18:a6:94:ba:6b:3e:
73:16:dd:95:b2:eb:78:3b:31:04:e6:b1:80:5c:93:db:40:0f:
f5:e8:9b:8f:32:0b:45:69:40:35:84:96:c7:f0:c6:ce:38:00:
0e:f8:8e:66:4b:14:e4:16:ef:62:13:c8:28:20:28:58:83:b0:
73:30:cf:32:f1:33:e7:f3:d2:3f:03:b3:57:28:42:93:b2:ae:
f3:d2:ba:a1:3f:c2:d4:da:6b:1d:23:9d:67:d3:a3:8c:e9:34:
f0:f1:03:54:05:89:4f:f1:f5:be:41:fb:28:40:a4:3a:60:78:
36:c9:70:7d:e6:ba:c7:1c:75:a4:0b:37:63:27:38:6b:3d:07:
8c:50:f6:9a:9f:b7:c0:36:54:25:ec:3c:2a:24:4b:23:6f:6d:
3e:fa:87:ba:ce:4b:9e:53:7e:dc:17:74:be:c6:b9:97:6f:b5:
88:4e:59:87:c6:e3:0e:78:a4:3c:b5:6b:3e:58:a4:fd:98:29:
0c:cb:aa:ff
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZjXua8xLK/kuAJ7Sbo+H6DziUIIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQwMDRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzNzhmZWIwMTgwNzI2YzY0OGFmMTc3YWQ2NTk4ZjRiN2EzMTQ2OGNkZWMw
MTQ3YjhiZDViOTI3NmRkNjFiMDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJKnXAhHBHznH5GtQFYPepmOLJXBMrAwYFaQesUZFq0/cGBzdICP+CnD43mm
Iza1/djEguai2QxfEh07Mn93LGwAaJZlJVeYZJRbk1UjV8ZLBlx9xfdT87WPIOHW
W/bmQ34BlSpI+jdLAAb6+W4CW6I2m/V1pwMEC0Y9d2R0xrqT38mubrcmGRsHYzOp
Fa4pjy35NZEMIkJHUiTsHD+a0YWRAi9u9bLl3GG2thlEJdbL0wt8zlL/Jez9r3l/
uRuX8C1mCXXptWuO7h+xQwEY9x5x0kJXpIeZTbansINJSr8aILsFV3mg5v97Z5Db
Modi606YyH9eglHlNHlnsyPVfVMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQAjTWC
J+0OTwwKc2ewDOdssw0wsTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmE5M2JkYzItODIzYy00MTZhLWFjNDAtNmY2YzgyM2JjZWY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAHdzhn/BkzmrgX+l6rTP0saKUR8RAmFjsJ4kY
2ktdsOTEPzzrC79cXsooDjFgd70I3SlHoyEGwOis3rvpEzZV9RQjGKaUums+cxbd
lbLreDsxBOaxgFyT20AP9eibjzILRWlANYSWx/DGzjgADviOZksU5BbvYhPIKCAo
WIOwczDPMvEz5/PSPwOzVyhCk7Ku89K6oT/C1NprHSOdZ9OjjOk08PEDVAWJT/H1
vkH7KECkOmB4Nslwfea6xxx1pAs3Yyc4az0HjFD2mp+3wDZUJew8KiRLI29tPvqH
us5LnlN+3Bd0vsa5l2+1iE5Zh8bjDnikPLVrPlik/ZgpDMuq/w==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:34 2025 by rpki-client