Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/424c40d4-9e1c-4cf2-a7bd-10475b0c2837.roa
File: 424c40d4-9e1c-4cf2-a7bd-10475b0c2837.roa (raw, json)
Hash identifier: Z5P5xunaXnPOC70C1PWvkkBEDN2GzdxqYKMG5EA+Two=
Subject key identifier: F0:9D:A2:4B:2B:07:74:B6:E4:82:EB:B1:3A:BC:2F:FE:C7:4D:30:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59EC215190122FE45CE6490FB91B97C143EEB8E5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/424c40d4-9e1c-4cf2-a7bd-10475b0c2837.roa
Signing time: Fri 25 Apr 2025 19:20:14 +0000
ROA not before: Fri 25 Apr 2025 19:20:14 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:9040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:ec:21:51:90:12:2f:e4:5c:e6:49:0f:b9:1b:97:c1:43:ee:b8:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:20:14 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=6c4f3643ac08764262bcb748ba0a143577503d8702f5b925087e23c3381dbbd2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:69:03:9f:30:dc:af:41:9c:5f:41:68:ff:ac:
e5:37:df:f4:12:66:a4:ac:95:40:ea:02:15:22:8b:
7f:9f:da:2e:b0:9c:45:1e:02:1d:00:23:37:dd:2c:
c9:5f:ed:5c:c3:d8:b0:d3:a0:4c:e4:54:96:70:4b:
d5:39:8a:c0:c6:60:0f:c0:eb:35:03:9c:8d:79:05:
6b:cd:04:70:1b:bc:c3:6e:d3:f5:9c:23:96:48:ec:
74:1e:4d:be:5e:69:3b:14:2e:e2:64:70:f6:1d:46:
7a:3c:e5:88:d9:cd:9c:59:2d:b4:87:58:c1:44:09:
6c:d1:cc:cd:69:cb:2e:92:d9:f6:dc:91:a3:e6:dc:
8e:e1:16:07:00:54:5f:a0:31:da:f6:e0:d2:49:2b:
d1:a4:39:c0:ef:1c:62:96:a6:67:84:b6:53:a1:b0:
17:ba:25:91:ba:c5:31:b1:5b:14:ea:49:ab:7e:51:
b7:27:26:e2:1c:ea:96:fd:a2:a7:17:6f:cc:8a:27:
ea:ba:4f:e7:36:66:47:67:e3:b8:4b:84:29:49:b0:
4b:6c:2a:e3:97:b4:2e:1a:c6:f5:9f:72:f8:08:78:
70:91:3b:78:50:38:36:06:63:59:e8:ea:7f:20:6b:
78:8e:03:66:4d:d2:2d:84:93:55:e5:8e:99:23:17:
ee:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:9D:A2:4B:2B:07:74:B6:E4:82:EB:B1:3A:BC:2F:FE:C7:4D:30:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/424c40d4-9e1c-4cf2-a7bd-10475b0c2837.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:9040::/46
Signature Algorithm: sha256WithRSAEncryption
95:25:ca:fc:d6:23:44:b4:ef:76:48:5b:3e:69:03:84:04:13:
e3:ec:e5:7f:90:78:b5:ac:18:a3:da:50:56:7e:35:2e:1f:9a:
b1:38:42:76:80:73:38:b5:56:00:43:f5:15:ee:ca:64:22:91:
76:a4:ad:59:cf:74:e8:0f:9c:73:6e:4f:27:41:57:cf:6d:32:
25:3e:08:a0:56:74:4e:44:d5:59:ef:14:ba:3e:d6:c5:f8:d5:
a7:de:71:78:35:5a:43:4f:a9:79:41:19:12:11:0e:49:78:48:
2e:b6:e7:0d:e6:01:f0:07:a5:65:ea:af:ed:33:01:d7:bf:4c:
06:9b:97:0e:61:c1:4f:98:fb:67:5d:4f:ab:b6:2b:ba:27:f6:
e0:77:6c:b6:5b:2e:73:eb:41:ea:96:ae:31:39:7b:27:39:ee:
e8:7c:61:7d:1c:e0:60:d8:e0:ec:dc:e8:7f:f8:5d:23:c7:6f:
7d:50:bb:c0:e9:86:b3:2e:4d:72:ef:5a:1a:53:c7:5a:ed:00:
c9:02:0f:f7:19:5e:b4:d0:99:95:a0:27:1e:3e:d1:f7:45:00:
d7:74:c7:c4:3d:5b:62:17:1b:97:aa:93:75:69:25:21:c8:b5:
e9:2c:eb:53:81:7d:c7:fb:68:c6:40:ee:7d:fd:20:01:b1:72:
f3:1a:33:0d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWewhUZASL+Rc5kkPuRuXwUPuuOUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIwMTRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjNGYzNjQzYWMwODc2NDI2MmJjYjc0OGJhMGExNDM1Nzc1MDNkODcwMmY1
YjkyNTA4N2UyM2MzMzgxZGJiZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOBpA58w3K9BnF9BaP+s5Tff9BJmpKyVQOoCFSKLf5/aLrCcRR4CHQAjN90s
yV/tXMPYsNOgTORUlnBL1TmKwMZgD8DrNQOcjXkFa80EcBu8w27T9ZwjlkjsdB5N
vl5pOxQu4mRw9h1GejzliNnNnFkttIdYwUQJbNHMzWnLLpLZ9tyRo+bcjuEWBwBU
X6Ax2vbg0kkr0aQ5wO8cYpamZ4S2U6GwF7olkbrFMbFbFOpJq35Rtycm4hzqlv2i
pxdvzIon6rpP5zZmR2fjuEuEKUmwS2wq45e0LhrG9Z9y+Ah4cJE7eFA4NgZjWejq
fyBreI4DZk3SLYSTVeWOmSMX7n8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTwnaJL
Kwd0tuSC67E6vC/+x00wjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDI0YzQwZDQtOWUxYy00Y2YyLWE3YmQtMTA0NzViMGMyODM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HuQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAlSXK/NYjRLTvdkhbPmkDhAQT4+zlf5B4tawY
o9pQVn41Lh+asThCdoBzOLVWAEP1Fe7KZCKRdqStWc906A+cc25PJ0FXz20yJT4I
oFZ0TkTVWe8Uuj7WxfjVp95xeDVaQ0+peUEZEhEOSXhILrbnDeYB8AelZeqv7TMB
179MBpuXDmHBT5j7Z11Pq7Yruif24Hdstlsuc+tB6pauMTl7Jznu6HxhfRzgYNjg
7Nzof/hdI8dvfVC7wOmGsy5Ncu9aGlPHWu0AyQIP9xletNCZlaAnHj7R90UA13TH
xD1bYhcbl6qTdWklIci16SzrU4F9x/toxkDuff0gAbFy8xozDQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:17 2025 by rpki-client