Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa
File: 431d8e22-a384-419e-9218-32a80c0ce0e3.roa (raw, json)
Hash identifier: 6siKdX3JxwzBVLDuGyEduSv1fJAO2scGH7ky0Y3XEZs=
Subject key identifier: 59:5E:32:03:D7:97:E8:E7:3C:C2:D0:1E:0C:50:F7:AE:89:9C:6A:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72A37AA098E6AD62B4335FB5A8F2FB5ABC2E600B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa
Signing time: Fri 18 Apr 2025 18:30:29 +0000
ROA not before: Fri 18 Apr 2025 18:30:29 +0000
ROA not after: Fri 23 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:a3:7a:a0:98:e6:ad:62:b4:33:5f:b5:a8:f2:fb:5a:bc:2e:60:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 18 18:30:29 2025 GMT
Not After : May 23 23:59:59 2025 GMT
Subject: serialNumber=d9a85f7ca4442bcf99440d0c7a7fc90ddbf34db0ad6823721f609ebd9aa935f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ae:06:71:c8:01:b9:20:7d:7a:5c:49:21:02:
f3:25:9e:ce:90:01:dc:9c:df:6b:41:12:93:be:27:
1c:82:ae:9f:76:e0:51:35:53:29:32:b8:2a:8f:0e:
a1:cd:e5:04:bf:b6:79:be:14:d3:38:6c:0d:c3:55:
99:c4:bd:61:bf:af:26:1d:4e:e5:99:c2:7e:83:a4:
be:47:78:47:07:5f:f3:a6:0a:00:7d:5f:5b:eb:e8:
fc:a1:04:6e:96:bb:96:2a:ad:2d:e6:17:4a:99:cb:
d4:91:a1:1e:3a:85:4b:3d:0f:43:d9:86:2d:62:fd:
ba:9b:77:14:f2:f0:67:7b:c4:e9:fa:9f:9e:58:a2:
d1:75:c0:cc:99:e0:e7:a9:92:c8:ae:5e:8a:29:90:
77:cb:6b:d7:2d:eb:1f:bc:8a:83:8a:0d:c6:e7:6f:
bf:fe:68:24:98:de:26:c6:91:c0:c0:47:6a:13:4b:
70:13:a0:9b:e4:a9:15:47:e4:79:dd:fe:3c:51:11:
0c:bc:a3:89:27:69:0c:5e:69:df:8e:60:5d:ed:fc:
c2:0d:bd:01:32:f6:f2:19:c2:f9:6b:4d:dd:64:e8:
79:04:1b:23:0c:f2:7e:dd:fd:3c:fe:99:f2:63:a4:
34:9e:cb:c7:99:95:fa:bd:fd:1d:a6:2a:c3:f5:0f:
80:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:5E:32:03:D7:97:E8:E7:3C:C2:D0:1E:0C:50:F7:AE:89:9C:6A:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:e000::/40
Signature Algorithm: sha256WithRSAEncryption
ac:6f:ab:e2:ba:17:00:05:ea:cc:08:8a:18:8d:15:30:d5:c9:
42:af:e4:9e:10:a1:ad:b6:c5:19:d0:e7:4a:91:e1:a9:2a:67:
32:7a:68:d5:70:98:2d:70:3f:9c:29:24:8a:5c:46:31:2e:1c:
15:a2:74:5f:7b:11:2d:51:7f:4a:23:45:2c:85:3f:4f:89:67:
0a:7e:5a:1e:85:c7:d9:1c:41:7d:bf:61:09:b7:6f:e6:c1:fd:
d4:6e:70:96:58:20:36:a1:48:1c:57:25:f1:8f:88:b5:7a:c4:
b1:e6:83:5b:7d:de:fa:4f:a6:19:53:13:33:ce:25:b7:aa:22:
e3:dc:33:24:47:26:c2:7d:0e:da:34:01:a0:cb:c9:0e:06:8f:
bd:f0:cd:24:b9:ba:69:37:4b:b6:6c:a8:8e:86:66:75:e2:fb:
ce:da:83:2b:ca:37:88:6e:41:94:33:5e:19:1c:26:88:ed:3e:
70:bd:5b:ca:dd:c7:15:c7:e2:3f:39:1d:68:81:1c:ec:54:b7:
f4:da:51:32:01:76:80:c1:cc:64:57:c0:aa:26:4e:ab:c0:0e:
0a:a0:8a:ce:a3:3f:90:9f:4f:8a:28:5a:e2:44:1a:6e:cf:54:
d1:a1:33:3f:88:8f:21:51:64:d8:b8:0b:cd:26:a6:2b:09:bd:
4b:ca:87:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcqN6oJjmrWK0M1+1qPL7WrwuYAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTgxODMwMjlaFw0yNTA1MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5YTg1ZjdjYTQ0NDJiY2Y5OTQ0MGQwYzdhN2ZjOTBkZGJmMzRkYjBhZDY4
MjM3MjFmNjA5ZWJkOWFhOTM1ZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMeuBnHIAbkgfXpcSSEC8yWezpAB3Jzfa0ESk74nHIKun3bgUTVTKTK4Ko8O
oc3lBL+2eb4U0zhsDcNVmcS9Yb+vJh1O5ZnCfoOkvkd4Rwdf86YKAH1fW+vo/KEE
bpa7liqtLeYXSpnL1JGhHjqFSz0PQ9mGLWL9upt3FPLwZ3vE6fqfnlii0XXAzJng
56mSyK5eiimQd8tr1y3rH7yKg4oNxudvv/5oJJjeJsaRwMBHahNLcBOgm+SpFUfk
ed3+PFERDLyjiSdpDF5p345gXe38wg29ATL28hnC+WtN3WToeQQbIwzyft39PP6Z
8mOkNJ7Lx5mV+r39HaYqw/UPgHkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRZXjID
15fo5zzC0B4MUPeuiZxqgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDMxZDhlMjItYTM4NC00MTllLTkyMTgtMzJhODBjMGNlMGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hbg
MA0GCSqGSIb3DQEBCwUAA4IBAQCsb6viuhcABerMCIoYjRUw1clCr+SeEKGttsUZ
0OdKkeGpKmcyemjVcJgtcD+cKSSKXEYxLhwVonRfexEtUX9KI0UshT9PiWcKfloe
hcfZHEF9v2EJt2/mwf3UbnCWWCA2oUgcVyXxj4i1esSx5oNbfd76T6YZUxMzziW3
qiLj3DMkRybCfQ7aNAGgy8kOBo+98M0kubppN0u2bKiOhmZ14vvO2oMryjeIbkGU
M14ZHCaI7T5wvVvK3ccVx+I/OR1ogRzsVLf02lEyAXaAwcxkV8CqJk6rwA4KoIrO
oz+Qn0+KKFriRBpuz1TRoTM/iI8hUWTYuAvNJqYrCb1Lyofu
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:25 2025 by rpki-client