Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/375b2a31-2bf5-49ae-873f-611cb3efd6e5.roa
File: 375b2a31-2bf5-49ae-873f-611cb3efd6e5.roa (raw, json)
Hash identifier: 0Dr1DNwzK0ACgClDg+qhTkI9WSyQ88d3MNDLonJw02w=
Subject key identifier: 5B:BA:9F:1D:78:57:40:BF:2B:A3:A4:9F:11:4B:D2:7B:71:D3:6E:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D3DF306ADAAE1843D31502AD1D011E18DDB2618
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/375b2a31-2bf5-49ae-873f-611cb3efd6e5.roa
Signing time: Fri 25 Apr 2025 19:51:47 +0000
ROA not before: Fri 25 Apr 2025 19:51:47 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:3d:f3:06:ad:aa:e1:84:3d:31:50:2a:d1:d0:11:e1:8d:db:26:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:51:47 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=f33e4d4768a636f918fdb248470c1beb2a00408fca753fb2bfcf031c214e8c12, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b0:9b:79:74:93:1b:20:9e:62:38:dc:09:26:
00:6b:6f:70:7b:be:d2:76:1c:30:3e:01:bd:30:eb:
02:58:4e:c6:7c:cd:2a:e9:c0:19:a0:7b:74:59:96:
24:2a:df:7b:9e:a9:df:90:a3:d3:eb:27:67:86:93:
61:14:17:80:dd:9e:20:3d:0b:12:c0:63:a5:cd:5e:
6e:56:d1:a2:55:05:6d:91:03:2b:63:eb:7c:97:e2:
3e:e7:f7:61:ac:21:8f:b5:7c:64:ed:e9:cd:b6:66:
69:ec:d6:eb:9b:19:56:b4:56:55:bd:1f:9d:7e:7e:
81:b6:9a:be:21:76:0d:6f:96:f7:a1:79:c4:16:5a:
7f:10:09:bb:64:cf:01:d7:d6:10:ea:ab:03:be:c5:
f1:0d:94:83:24:59:c8:01:14:42:be:36:4d:58:36:
96:ea:d0:76:dc:67:2b:05:d0:a3:86:05:de:23:87:
d2:84:41:9b:d0:2a:23:33:7e:a3:71:4b:5c:2a:65:
ed:47:29:a6:d2:d5:e3:e6:db:89:55:32:24:cc:3a:
10:4a:a1:0b:dd:e9:3d:88:35:f7:d7:e4:37:db:01:
ac:40:93:c8:f6:81:c4:7a:0a:a8:07:25:40:d0:3d:
d1:d4:49:b4:cd:0c:a4:06:55:bf:f4:f3:58:a4:f1:
c2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:BA:9F:1D:78:57:40:BF:2B:A3:A4:9F:11:4B:D2:7B:71:D3:6E:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/375b2a31-2bf5-49ae-873f-611cb3efd6e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:2000::/40
Signature Algorithm: sha256WithRSAEncryption
11:d7:a5:36:80:92:11:d8:ed:17:37:fb:c9:c7:a8:6f:67:3c:
93:ba:53:e9:d0:bb:4b:8b:67:57:1b:30:14:58:cb:22:17:88:
23:cc:d9:c5:f8:19:0b:e0:b9:72:34:4c:bc:45:a5:12:91:b7:
ef:91:89:05:4d:e5:09:ea:10:29:11:4b:7a:ac:32:28:e7:09:
57:72:e4:03:e0:56:ca:b9:43:0d:24:f3:a8:94:6e:90:5b:69:
b2:d1:c8:81:c6:17:96:9a:b0:d5:3a:a7:18:f5:69:99:af:cd:
1c:97:a4:af:b0:b5:27:2e:0b:a9:15:c7:14:20:e6:a5:9f:75:
ca:51:6b:80:cd:94:04:de:c8:f2:7e:0e:bd:45:dd:a7:fb:85:
fe:a9:5c:bd:bc:27:c4:f6:06:21:d9:95:37:58:ab:b8:da:49:
2b:f7:4a:5a:44:17:4f:06:d4:ad:b1:e9:dc:37:34:ed:d2:cc:
a7:04:34:dd:5e:f0:32:5c:29:f3:7b:07:d7:00:3e:5c:ec:fd:
f2:a5:bd:54:83:e8:14:fe:0f:26:84:c5:dc:21:a9:e5:35:ed:
2a:eb:eb:b6:0f:95:b1:ba:cb:f8:a9:a6:29:2a:f3:2b:aa:82:
4f:02:b9:2a:a8:3b:46:da:1a:44:b1:9a:9d:2f:ea:00:f6:5c:
f5:05:46:c6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbT3zBq2q4YQ9MVAq0dAR4Y3bJhgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUxNDdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzM2U0ZDQ3NjhhNjM2ZjkxOGZkYjI0ODQ3MGMxYmViMmEwMDQwOGZjYTc1
M2ZiMmJmY2YwMzFjMjE0ZThjMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANawm3l0kxsgnmI43AkmAGtvcHu+0nYcMD4BvTDrAlhOxnzNKunAGaB7dFmW
JCrfe56p35Cj0+snZ4aTYRQXgN2eID0LEsBjpc1eblbRolUFbZEDK2PrfJfiPuf3
Yawhj7V8ZO3pzbZmaezW65sZVrRWVb0fnX5+gbaaviF2DW+W96F5xBZafxAJu2TP
AdfWEOqrA77F8Q2UgyRZyAEUQr42TVg2lurQdtxnKwXQo4YF3iOH0oRBm9AqIzN+
o3FLXCpl7UcpptLV4+bbiVUyJMw6EEqhC93pPYg199fkN9sBrECTyPaBxHoKqAcl
QNA90dRJtM0MpAZVv/TzWKTxwjMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRbup8d
eFdAvyujpJ8RS9J7cdNutzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mzc1YjJhMzEtMmJmNS00OWFlLTg3M2YtNjExY2IzZWZkNmU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dog
MA0GCSqGSIb3DQEBCwUAA4IBAQAR16U2gJIR2O0XN/vJx6hvZzyTulPp0LtLi2dX
GzAUWMsiF4gjzNnF+BkL4LlyNEy8RaUSkbfvkYkFTeUJ6hApEUt6rDIo5wlXcuQD
4FbKuUMNJPOolG6QW2my0ciBxheWmrDVOqcY9WmZr80cl6SvsLUnLgupFccUIOal
n3XKUWuAzZQE3sjyfg69Rd2n+4X+qVy9vCfE9gYh2ZU3WKu42kkr90paRBdPBtSt
sencNzTt0synBDTdXvAyXCnzewfXAD5c7P3ypb1Ug+gU/g8mhMXcIanlNe0q6+u2
D5Wxusv4qaYpKvMrqoJPArkqqDtG2hpEsZqdL+oA9lz1BUbG
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:14 2025 by rpki-client