Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
File: 3ef5e7b8-24ad-41af-8334-2eff292a769d.roa (raw, json)
Hash identifier: N376P760slqW/BI9kIHDB/AhTzy+CyVGMXX6386GNDg=
Subject key identifier: AF:8E:72:05:6D:BA:9F:B3:30:0E:94:14:9E:54:B8:6E:F5:B1:5A:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79C215C5A484C6B3D96F03A5F3275B47BE6A34C5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
Signing time: Fri 25 Apr 2025 18:50:49 +0000
ROA not before: Fri 25 Apr 2025 18:50:49 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:c2:15:c5:a4:84:c6:b3:d9:6f:03:a5:f3:27:5b:47:be:6a:34:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:50:49 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=aa04efd11fc6a3fe35656921cafa52f331e5ef8d01d9459fc4e9582822626ea7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:20:d5:f8:41:ec:37:61:c3:13:57:ae:bc:0c:
ab:8a:af:71:55:81:7a:11:b5:b3:1c:fb:bd:93:ab:
be:f6:13:b3:19:5a:fa:65:53:24:35:83:df:da:f7:
17:ba:3c:62:2d:5b:b4:8f:6a:38:30:21:6b:de:e3:
fa:0d:ae:55:70:0d:a5:1f:23:04:5f:bb:1e:5f:af:
63:80:93:fb:28:89:e1:5a:e4:93:db:50:33:01:d7:
28:e0:2c:31:df:7d:bc:f7:cd:7e:98:63:6a:66:fc:
e7:91:08:4b:43:a0:c9:5d:36:88:e7:d7:95:b6:59:
e9:ba:ac:43:68:64:ef:b5:e8:a3:6f:ce:a9:65:f6:
93:52:1e:10:c1:ec:96:79:ee:9c:79:c4:f7:c5:30:
23:20:c5:ed:6c:3b:99:95:63:d7:71:cf:d6:5c:c6:
cf:19:2e:7e:c2:de:63:79:9a:18:26:04:1e:8a:6c:
52:5f:24:3a:ae:2c:b3:26:b5:41:44:e6:8c:ad:9b:
57:f1:9f:79:b7:4f:6e:ac:7a:d9:80:4a:76:56:28:
ba:8c:5f:1e:0d:d1:9a:79:5d:42:ff:49:a5:d1:39:
31:aa:f0:1f:b5:34:13:d8:e6:5d:4a:11:91:a0:ea:
62:07:db:74:85:48:ce:13:e5:02:b7:1b:60:e6:a9:
4d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:8E:72:05:6D:BA:9F:B3:30:0E:94:14:9E:54:B8:6E:F5:B1:5A:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
ad:fe:48:93:12:dd:61:ba:bc:f7:37:bd:03:aa:48:7c:76:3d:
cc:13:22:a8:79:2b:69:e4:d7:ec:a8:ec:3a:c3:4d:c3:de:02:
30:69:3f:e9:04:54:7d:41:aa:97:30:37:ca:1b:fd:4e:f0:51:
eb:63:bb:81:79:b4:b7:8f:14:f3:27:86:af:e2:f6:7a:7b:26:
22:8d:e6:5e:83:72:25:de:38:87:c0:b9:83:d2:17:54:26:17:
e0:f7:69:01:9c:5f:db:10:28:f1:2f:9f:3d:9d:f7:03:67:d4:
dc:25:3c:69:14:82:8b:2b:98:af:dd:88:8d:dd:db:26:b0:fb:
da:03:eb:19:12:a1:59:41:36:fe:b9:31:66:a6:b3:78:fa:40:
97:bc:fb:ea:17:13:1d:74:a8:5a:d1:03:3b:f0:3b:90:c7:cd:
52:0b:62:a8:ea:a4:66:ea:c1:fd:9b:3a:1b:87:3d:10:e0:94:
c8:9d:bb:bf:9c:f2:62:3f:4e:99:64:f3:49:63:61:5c:4f:27:
99:21:58:4c:a2:f5:8c:d0:82:5d:a1:77:5e:f3:3e:6e:94:de:
4f:7e:7c:2d:5b:fc:29:fd:c6:3b:3a:6e:b2:14:83:de:f5:41:
f1:93:e7:8b:d1:b2:8e:ce:40:d9:db:bc:d4:8b:86:3c:8b:5f:
23:1d:4f:50
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUecIVxaSExrPZbwOl8ydbR75qNMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUwNDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhMDRlZmQxMWZjNmEzZmUzNTY1NjkyMWNhZmE1MmYzMzFlNWVmOGQwMWQ5
NDU5ZmM0ZTk1ODI4MjI2MjZlYTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN4g1fhB7DdhwxNXrrwMq4qvcVWBehG1sxz7vZOrvvYTsxla+mVTJDWD39r3
F7o8Yi1btI9qODAha97j+g2uVXANpR8jBF+7Hl+vY4CT+yiJ4Vrkk9tQMwHXKOAs
Md99vPfNfphjamb855EIS0OgyV02iOfXlbZZ6bqsQ2hk77Xoo2/OqWX2k1IeEMHs
lnnunHnE98UwIyDF7Ww7mZVj13HP1lzGzxkufsLeY3maGCYEHopsUl8kOq4ssya1
QUTmjK2bV/GfebdPbqx62YBKdlYouoxfHg3RmnldQv9JpdE5MarwH7U0E9jmXUoR
kaDqYgfbdIVIzhPlArcbYOapTVUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSvjnIF
bbqfszAOlBSeVLhu9bFaFTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2VmNWU3YjgtMjRhZC00MWFmLTgzMzQtMmVmZjI5MmE3NjlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9g
wDANBgkqhkiG9w0BAQsFAAOCAQEArf5IkxLdYbq89ze9A6pIfHY9zBMiqHkraeTX
7KjsOsNNw94CMGk/6QRUfUGqlzA3yhv9TvBR62O7gXm0t48U8yeGr+L2ensmIo3m
XoNyJd44h8C5g9IXVCYX4PdpAZxf2xAo8S+fPZ33A2fU3CU8aRSCiyuYr92Ijd3b
JrD72gPrGRKhWUE2/rkxZqazePpAl7z76hcTHXSoWtEDO/A7kMfNUgtiqOqkZurB
/Zs6G4c9EOCUyJ27v5zyYj9OmWTzSWNhXE8nmSFYTKL1jNCCXaF3XvM+bpTeT358
LVv8Kf3GOzpushSD3vVB8ZPni9Gyjs5A2du81IuGPItfIx1PUA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:48:53 2025 by rpki-client