Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/417101f4-2159-4c08-aa5e-b16ba0461450.roa
File: 417101f4-2159-4c08-aa5e-b16ba0461450.roa (raw, json)
Hash identifier: bRCiWzvNsPk7jueCMLLNDQqa5SVMXt6/yVWgZDn1M0I=
Subject key identifier: 85:31:B0:7B:4C:C2:9A:0D:B5:86:CB:EC:05:BE:AF:26:8D:46:32:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FA6120A584BE05B3F508EF940774321021D07F5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/417101f4-2159-4c08-aa5e-b16ba0461450.roa
Signing time: Fri 25 Apr 2025 19:31:26 +0000
ROA not before: Fri 25 Apr 2025 19:31:26 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:a6:12:0a:58:4b:e0:5b:3f:50:8e:f9:40:77:43:21:02:1d:07:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:31:26 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=bca361286ac4c9022105355da0de70b3eabec83fc74ea3251d6264518d2e8f6e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:91:1d:1e:fe:d9:b3:0b:43:7a:d0:8d:0b:78:
a6:70:31:26:0f:98:4f:f4:88:9e:99:08:a4:3e:58:
80:b3:99:24:5c:35:9d:7b:de:f5:34:db:05:78:94:
b6:49:c5:b5:87:55:91:0d:e5:2a:22:72:82:aa:e1:
e6:0f:ad:93:18:2a:88:d8:4e:fe:f5:a6:43:89:15:
a2:39:35:ad:87:b3:0a:3b:df:41:f8:73:55:e7:f6:
81:e7:a4:89:08:e8:cc:d0:26:8b:f2:94:a1:91:34:
32:77:79:da:80:53:0b:05:42:ce:c6:a5:7c:be:90:
e0:a6:4e:c5:38:c8:1b:07:26:43:c5:91:10:04:0d:
9f:5a:f2:7a:5d:4c:9e:c3:7f:e3:7d:63:1d:6c:9f:
37:cb:04:28:f5:c2:c8:16:44:2b:a6:b6:9e:34:5f:
7e:43:cf:65:55:33:3f:a0:13:17:71:dc:a5:c5:7c:
d7:1d:27:a1:e5:60:9a:09:f1:e0:4b:90:76:84:79:
2e:2d:20:59:ec:7c:3a:94:80:c0:6c:d1:21:70:b7:
4f:96:d6:fd:e3:4d:b3:bc:8b:50:75:fa:dd:07:a4:
d9:f5:b2:71:80:1a:ef:af:98:19:b1:06:45:9e:64:
56:f8:cc:3f:7e:53:2b:ed:58:b1:bf:4a:c8:e0:08:
ed:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:31:B0:7B:4C:C2:9A:0D:B5:86:CB:EC:05:BE:AF:26:8D:46:32:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/417101f4-2159-4c08-aa5e-b16ba0461450.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:2000::/40
Signature Algorithm: sha256WithRSAEncryption
8e:34:d9:ef:bc:66:b8:37:23:e9:16:f2:24:1b:22:2a:bc:1b:
95:61:80:d3:a2:c3:49:a2:2d:1a:4a:50:1c:ce:37:fb:a2:26:
5c:a6:33:6f:14:24:a1:64:21:da:12:2f:c0:95:90:84:3c:eb:
4b:d6:7b:9b:0b:09:48:63:2e:b3:1b:b3:1d:17:c9:f7:7f:42:
c0:28:a5:13:f3:73:f4:ff:62:9e:8c:25:1b:5e:b5:16:6a:e2:
69:3f:5e:2b:70:c7:d2:7c:b7:4c:46:3a:f4:b6:25:58:17:ff:
87:a5:64:93:89:06:b2:38:51:ad:31:1b:4b:71:de:ac:f0:a9:
da:46:8d:85:05:1d:2e:d8:38:7a:71:c9:cf:2d:85:cf:21:88:
ff:62:67:e5:53:6c:a7:da:9f:55:81:3a:52:52:c1:d9:09:3a:
47:1c:63:33:60:82:ea:61:80:95:da:ee:60:55:be:84:e6:cd:
19:48:77:37:1b:f1:64:65:05:2d:e8:da:ca:54:00:e3:55:30:
6c:0c:d1:bb:84:9a:98:a0:23:e9:bd:79:66:bc:d0:5a:5e:3c:
2e:a5:5f:c7:95:ff:80:f6:af:f4:50:29:a8:ba:86:81:90:d1:
5d:e1:7e:76:0e:0e:93:6d:55:6a:f6:87:66:f4:92:c9:e5:d8:
9e:92:15:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf6YSClhL4Fs/UI75QHdDIQIdB/UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMxMjZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjYTM2MTI4NmFjNGM5MDIyMTA1MzU1ZGEwZGU3MGIzZWFiZWM4M2ZjNzRl
YTMyNTFkNjI2NDUxOGQyZThmNmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPCRHR7+2bMLQ3rQjQt4pnAxJg+YT/SInpkIpD5YgLOZJFw1nXve9TTbBXiU
tknFtYdVkQ3lKiJygqrh5g+tkxgqiNhO/vWmQ4kVojk1rYezCjvfQfhzVef2geek
iQjozNAmi/KUoZE0Mnd52oBTCwVCzsalfL6Q4KZOxTjIGwcmQ8WREAQNn1ryel1M
nsN/431jHWyfN8sEKPXCyBZEK6a2njRffkPPZVUzP6ATF3HcpcV81x0noeVgmgnx
4EuQdoR5Li0gWex8OpSAwGzRIXC3T5bW/eNNs7yLUHX63Qek2fWycYAa76+YGbEG
RZ5kVvjMP35TK+1Ysb9KyOAI7UcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSFMbB7
TMKaDbWGy+wFvq8mjUYyMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDE3MTAxZjQtMjE1OS00YzA4LWFhNWUtYjE2YmEwNDYxNDUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hcg
MA0GCSqGSIb3DQEBCwUAA4IBAQCONNnvvGa4NyPpFvIkGyIqvBuVYYDTosNJoi0a
SlAczjf7oiZcpjNvFCShZCHaEi/AlZCEPOtL1nubCwlIYy6zG7MdF8n3f0LAKKUT
83P0/2KejCUbXrUWauJpP14rcMfSfLdMRjr0tiVYF/+HpWSTiQayOFGtMRtLcd6s
8KnaRo2FBR0u2Dh6ccnPLYXPIYj/YmflU2yn2p9VgTpSUsHZCTpHHGMzYILqYYCV
2u5gVb6E5s0ZSHc3G/FkZQUt6NrKVADjVTBsDNG7hJqYoCPpvXlmvNBaXjwupV/H
lf+A9q/0UCmouoaBkNFd4X52Dg6TbVVq9odm9JLJ5diekhXQ
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:36:24 2025 by rpki-client