Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
File: 35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa (raw, json)
Hash identifier: lsRwGA86IzT1xUK8PHEQ5gR5V/wy3UHGVmmuK9wO7Zw=
Subject key identifier: 36:B4:20:9C:E4:20:42:5E:FB:90:F4:E7:48:EF:A0:66:6E:1B:C4:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4A68AE0732DCA4ED4EE47051E32E2355A0FF31F8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
Signing time: Fri 25 Apr 2025 20:21:14 +0000
ROA not before: Fri 25 Apr 2025 20:21:14 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:68:ae:07:32:dc:a4:ed:4e:e4:70:51:e3:2e:23:55:a0:ff:31:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:21:14 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b3d87d66ec33b95fdbab06a9441a89c35935919c5e8803800c1b08134a2dc664, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ef:58:e5:10:26:9a:79:91:40:f6:74:53:f1:
14:e8:a8:6d:a0:ab:b5:f8:bc:09:54:15:45:46:51:
3f:87:eb:ea:a6:14:cc:7c:10:5d:31:4b:2b:3f:5d:
f0:ef:ff:f2:52:83:d8:cf:a5:e1:e1:ea:13:13:ab:
c7:c2:f3:d6:fc:b2:b2:ce:b8:19:3d:9a:d7:5b:e0:
4f:70:7b:46:c3:5e:a5:87:e9:14:7a:18:07:4b:ee:
bb:26:32:db:64:22:46:58:00:b6:ac:6c:dd:0a:a4:
a3:34:b9:ee:e1:fb:9e:29:a9:84:32:df:c4:32:91:
a4:1d:c6:ee:cc:8a:2a:d9:69:07:a3:ea:ba:7d:02:
1d:6a:f3:e1:fa:aa:d6:a4:67:2a:06:21:ca:78:53:
75:a7:c3:f9:00:0f:87:fa:5a:44:ea:32:63:42:a3:
c8:5f:a3:db:07:ad:ee:bb:1b:bc:b9:7a:19:9f:75:
98:44:21:db:2e:02:f5:f7:42:66:4d:bd:48:3c:11:
4c:c6:90:32:de:f1:23:ff:a5:e0:da:1a:56:aa:1b:
75:85:f7:ba:21:ac:d3:67:32:98:c8:1d:0c:e1:43:
0e:31:00:8c:b8:80:98:76:7e:b1:a1:29:a0:a0:4d:
57:37:ad:03:4f:bd:28:a2:d5:9c:1c:78:06:13:47:
87:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:B4:20:9C:E4:20:42:5E:FB:90:F4:E7:48:EF:A0:66:6E:1B:C4:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/38
Signature Algorithm: sha256WithRSAEncryption
67:8b:e9:63:da:e9:c5:1e:01:02:47:49:3e:7a:cf:44:65:20:
d8:ec:90:94:77:a9:e0:03:7c:e1:29:1a:10:bd:e1:d5:9b:b8:
22:b8:30:16:03:6b:fd:3b:a8:a5:64:2c:d8:ad:00:a2:9d:fc:
cc:ae:1f:60:ea:04:b7:3d:8a:02:38:81:c9:8d:2a:28:42:4e:
59:27:38:87:e2:7e:1e:f6:c7:5b:dd:2f:a8:b2:a0:bf:e7:9d:
da:d6:9c:13:1a:27:d8:bb:51:02:34:10:28:05:d8:60:18:68:
f1:aa:6a:c8:da:b6:28:fe:d9:29:d2:3b:d5:48:46:82:b8:22:
30:2f:55:ce:66:2c:5d:82:84:34:f3:11:c0:8e:0d:96:84:16:
90:f4:ef:8f:3e:d2:f1:ee:23:95:2d:d9:7a:9c:d0:c8:37:61:
3a:0b:8f:d6:62:af:16:56:8e:ff:08:e4:5a:00:02:0f:6a:df:
6f:ab:60:55:83:44:c4:30:bf:c2:84:7e:1a:22:7a:ab:0b:72:
28:4f:64:cf:9d:9b:05:5b:ee:c2:77:77:53:aa:f5:67:40:d5:
af:ed:39:36:73:a0:85:59:e3:80:81:35:30:a2:bb:6f:a5:0c:
3c:30:62:fc:86:4d:7d:95:75:49:d4:08:e9:f7:25:c9:25:71:
35:71:91:47
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSmiuBzLcpO1O5HBR4y4jVaD/MfgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIxMTRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzZDg3ZDY2ZWMzM2I5NWZkYmFiMDZhOTQ0MWE4OWMzNTkzNTkxOWM1ZTg4
MDM4MDBjMWIwODEzNGEyZGM2NjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMnvWOUQJpp5kUD2dFPxFOiobaCrtfi8CVQVRUZRP4fr6qYUzHwQXTFLKz9d
8O//8lKD2M+l4eHqExOrx8Lz1vyyss64GT2a11vgT3B7RsNepYfpFHoYB0vuuyYy
22QiRlgAtqxs3QqkozS57uH7nimphDLfxDKRpB3G7syKKtlpB6Pqun0CHWrz4fqq
1qRnKgYhynhTdafD+QAPh/paROoyY0KjyF+j2wet7rsbvLl6GZ91mEQh2y4C9fdC
Zk29SDwRTMaQMt7xI/+l4NoaVqobdYX3uiGs02cymMgdDOFDDjEAjLiAmHZ+saEp
oKBNVzetA0+9KKLVnBx4BhNHhykCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ2tCCc
5CBCXvuQ9OdI76BmbhvEaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzViYjBkYTUtMGEyZC00YjgwLWFhZmUtYWY3ZTc0Y2Y1ODY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQBni+lj2unFHgECR0k+es9EZSDY7JCUd6ngA3zh
KRoQveHVm7giuDAWA2v9O6ilZCzYrQCinfzMrh9g6gS3PYoCOIHJjSooQk5ZJziH
4n4e9sdb3S+osqC/553a1pwTGifYu1ECNBAoBdhgGGjxqmrI2rYo/tkp0jvVSEaC
uCIwL1XOZixdgoQ08xHAjg2WhBaQ9O+PPtLx7iOVLdl6nNDIN2E6C4/WYq8WVo7/
CORaAAIPat9vq2BVg0TEML/ChH4aInqrC3IoT2TPnZsFW+7Cd3dTqvVnQNWv7Tk2
c6CFWeOAgTUwortvpQw8MGL8hk19lXVJ1Ajp9yXJJXE1cZFH
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:35 2025 by rpki-client