Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
File: 3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa (raw, json)
Hash identifier: gkJUpMi3Bl618JMbpYTh0s3sRmECsFr8wlitA2VGy6g=
Subject key identifier: 8E:E0:6C:89:1A:53:BA:18:BC:34:45:93:88:5E:74:0C:D0:8E:79:7E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7DA2C9E65F99B7402C7036B8188904DC41055546
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
Signing time: Fri 25 Apr 2025 18:31:37 +0000
ROA not before: Fri 25 Apr 2025 18:31:37 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:a2:c9:e6:5f:99:b7:40:2c:70:36:b8:18:89:04:dc:41:05:55:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:31:37 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=c583768bbb2bd7cc18ef79d8c31b53e44b710e6437515c4c31b6eac39a1968a4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d8:fd:35:78:7b:62:9b:43:ef:1f:9b:e3:8c:
19:38:30:97:88:ff:32:31:b3:74:56:f5:1c:4f:14:
01:b0:2f:46:0f:bf:08:7f:02:76:84:72:af:41:69:
13:6f:33:4d:a2:2f:e9:da:74:d7:ff:10:80:a9:d8:
98:f4:7f:b5:18:0a:78:b9:49:31:0f:ab:bc:97:19:
64:64:72:a9:b0:68:50:5b:36:b0:7b:ca:80:ba:1f:
06:8b:a6:aa:6a:e2:23:ca:32:6c:03:15:cd:cf:b5:
09:a4:5d:32:1b:f0:5d:98:69:d3:16:bb:0d:1d:02:
c4:bc:43:8a:9c:74:c3:59:c9:cc:1e:a2:0b:50:0d:
3a:26:c8:ec:ef:a2:cd:ee:23:87:6f:71:d2:7e:7f:
91:dc:e5:bf:7e:9e:16:8b:d0:43:41:e7:c0:8d:c3:
13:90:65:8f:81:0d:d3:b1:d1:ca:27:2f:0c:d9:65:
23:3c:4c:d9:8f:36:5e:ad:18:48:a9:87:bc:2f:16:
9a:30:3c:99:70:65:b2:1a:41:ec:73:1d:84:20:cb:
22:d3:36:88:ca:8c:62:db:44:71:a2:ba:39:e0:84:
a7:fe:78:2b:be:e3:40:e3:f6:a7:55:d7:22:6b:7a:
45:c5:80:aa:05:9d:14:ad:16:33:52:74:e1:66:94:
11:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:E0:6C:89:1A:53:BA:18:BC:34:45:93:88:5E:74:0C:D0:8E:79:7E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:b000::/40
Signature Algorithm: sha256WithRSAEncryption
6d:5b:3e:37:b7:94:f7:a9:2d:0c:db:36:49:e8:42:55:24:79:
92:ab:27:bd:21:78:3a:a3:0d:47:a1:7e:a2:eb:97:44:ad:2c:
97:c7:54:ad:0d:2f:27:58:11:5c:be:2c:0c:4c:9b:39:0f:ca:
6a:77:9d:ab:78:14:2d:71:ad:cb:a5:79:ae:b6:ee:b2:e1:73:
0e:48:1d:2d:eb:3f:dd:94:64:77:eb:af:45:96:88:eb:b6:7f:
44:2f:e4:65:5b:f8:c7:59:50:c2:17:31:dc:6e:e0:7f:1e:ef:
8c:72:7f:4e:5c:1a:2e:b5:cd:ef:58:f1:77:78:51:6a:73:37:
b2:aa:87:64:b6:78:88:54:53:57:04:90:8a:3c:4d:f5:a8:29:
49:56:36:20:70:4b:73:2e:18:e3:6d:24:e1:05:90:3a:86:4b:
82:90:9a:20:44:c4:e2:ee:b2:5b:ea:c4:f9:a9:52:26:95:3f:
4c:bc:1d:aa:bc:2e:ec:9d:6a:78:95:68:3c:9a:f8:ff:42:1c:
1a:b7:3c:b5:56:b4:2f:17:77:44:07:a1:36:74:37:59:76:e0:
1d:b6:03:4c:95:ce:94:95:1d:11:82:91:fa:96:6e:c5:5e:a1:
b6:52:e6:a5:1e:82:42:8f:c4:74:2d:66:cc:b7:3c:cf:5d:57:
0f:2e:64:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfaLJ5l+Zt0AscDa4GIkE3EEFVUYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMxMzdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1ODM3NjhiYmIyYmQ3Y2MxOGVmNzlkOGMzMWI1M2U0NGI3MTBlNjQzNzUx
NWM0YzMxYjZlYWMzOWExOTY4YTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3Y/TV4e2KbQ+8fm+OMGTgwl4j/MjGzdFb1HE8UAbAvRg+/CH8CdoRyr0Fp
E28zTaIv6dp01/8QgKnYmPR/tRgKeLlJMQ+rvJcZZGRyqbBoUFs2sHvKgLofBoum
qmriI8oybAMVzc+1CaRdMhvwXZhp0xa7DR0CxLxDipx0w1nJzB6iC1ANOibI7O+i
ze4jh29x0n5/kdzlv36eFovQQ0HnwI3DE5Blj4EN07HRyicvDNllIzxM2Y82Xq0Y
SKmHvC8WmjA8mXBlshpB7HMdhCDLItM2iMqMYttEcaK6OeCEp/54K77jQOP2p1XX
Imt6RcWAqgWdFK0WM1J04WaUEdcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSO4GyJ
GlO6GLw0RZOIXnQM0I55fjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2E2YWJhMWYtNDQwZS00ODc0LTkxOTMtYTNhMWY2ZWEzZWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKw
MA0GCSqGSIb3DQEBCwUAA4IBAQBtWz43t5T3qS0M2zZJ6EJVJHmSqye9IXg6ow1H
oX6i65dErSyXx1StDS8nWBFcviwMTJs5D8pqd52reBQtca3LpXmutu6y4XMOSB0t
6z/dlGR3669Flojrtn9EL+RlW/jHWVDCFzHcbuB/Hu+Mcn9OXBoutc3vWPF3eFFq
czeyqodktniIVFNXBJCKPE31qClJVjYgcEtzLhjjbSThBZA6hkuCkJogRMTi7rJb
6sT5qVImlT9MvB2qvC7snWp4lWg8mvj/Qhwatzy1VrQvF3dEB6E2dDdZduAdtgNM
lc6UlR0RgpH6lm7FXqG2UualHoJCj8R0LWbMtzzPXVcPLmTQ
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:18 2025 by rpki-client