Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
File: 455a2efe-3411-42cf-a196-73c25845d48c.roa (raw, json)
Hash identifier: n2UYFqRXkqC4LBGexs51TVxr9dwm+Ixkjuhn0MZVzus=
Subject key identifier: D1:D1:14:E2:A3:8B:31:F6:4C:6B:B8:77:88:1B:39:7A:AD:81:5A:B1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25EB367F126FAF9A7247F3674595252731D9C441
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
Signing time: Fri 25 Apr 2025 20:01:09 +0000
ROA not before: Fri 25 Apr 2025 20:01:09 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:eb:36:7f:12:6f:af:9a:72:47:f3:67:45:95:25:27:31:d9:c4:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:01:09 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=febea785e612a90cd06cfe33eeb6e5e93fa1cce4cfe6bc7200ec3dd89f426c97, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:4a:42:a4:b3:e3:e2:65:e8:93:e5:0d:ca:5c:
43:06:a6:c0:65:fa:41:d1:a5:ab:b3:bd:43:24:1a:
25:6a:3c:30:64:8f:6a:b0:02:9c:73:d8:72:ac:1e:
8e:e5:a2:32:61:bb:04:d9:f0:5d:43:6e:b4:bf:cb:
dd:db:68:a5:65:4f:31:84:92:80:bd:64:45:ee:c5:
c3:00:f4:8d:be:d5:30:99:8f:6a:9c:7c:c7:d4:68:
53:ad:20:16:3f:13:44:70:89:20:b8:da:8b:d9:7a:
43:29:db:05:8c:e7:7e:cb:2a:fc:15:56:0a:55:09:
bb:40:b8:cf:32:d9:e1:8d:aa:eb:e1:92:b5:4e:15:
0d:28:28:0b:27:16:7c:11:bc:0f:1b:44:94:9f:7b:
92:60:eb:dc:24:89:32:fc:b8:4a:b3:1a:66:b3:9e:
9d:1b:49:9b:d3:4e:4e:6e:bb:d5:c2:04:50:dd:ba:
45:36:87:1e:04:8a:f9:ed:ca:44:7e:48:ae:1c:47:
1b:13:f9:9b:cb:ec:93:ab:10:6b:cc:7f:e7:74:25:
7f:2d:7b:a4:5e:5e:a5:5a:19:5b:ea:88:48:57:7c:
8a:e9:3a:d0:1a:cc:3c:bf:73:5c:6e:19:5a:4f:6d:
32:2c:8f:b1:ac:41:18:b6:e2:0c:7b:6d:32:49:dc:
52:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:D1:14:E2:A3:8B:31:F6:4C:6B:B8:77:88:1B:39:7A:AD:81:5A:B1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:2000::/40
Signature Algorithm: sha256WithRSAEncryption
21:90:48:b6:7e:08:98:33:32:c7:34:57:8a:a1:0a:3d:33:26:
80:a6:d8:d6:9b:18:2c:18:26:3b:e3:97:dc:dd:60:98:85:3f:
9e:3c:a9:43:1d:03:6d:77:9b:f0:64:6f:93:06:06:9a:41:84:
78:09:d9:f0:b6:c4:11:ec:d6:82:67:d1:6f:d2:14:97:cd:1b:
0d:d9:ed:5b:17:3f:4c:ff:89:04:ab:15:f0:9f:f2:6d:15:a0:
b6:a8:cf:76:ec:d7:21:c3:6f:27:4c:bc:88:e1:03:2d:29:78:
46:89:bc:52:f4:a7:e9:72:d5:97:12:ee:76:78:77:fb:52:23:
7c:67:ab:1c:de:d3:f4:bc:73:f8:07:45:c7:be:41:67:28:13:
2c:29:81:0f:2f:13:95:0e:b9:e9:2c:5a:ef:d0:78:59:45:6c:
31:82:e4:cd:af:bd:98:cf:f5:92:b5:d1:82:6e:74:27:03:59:
b4:26:bc:62:b6:17:db:b9:0f:76:9f:f4:bd:dc:3c:d2:23:28:
69:f5:4a:b9:03:fe:23:72:40:e9:75:aa:52:fb:df:bd:be:44:
e5:31:5f:c5:44:cf:54:82:fa:3c:f7:a1:00:a3:d7:6d:b1:9b:
e8:dd:4d:ab:76:ee:22:9f:17:ba:64:aa:a1:57:dc:40:47:4d:
b2:d6:0a:0b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJes2fxJvr5pyR/NnRZUlJzHZxEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAxMDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlYmVhNzg1ZTYxMmE5MGNkMDZjZmUzM2VlYjZlNWU5M2ZhMWNjZTRjZmU2
YmM3MjAwZWMzZGQ4OWY0MjZjOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOtKQqSz4+Jl6JPlDcpcQwamwGX6QdGlq7O9QyQaJWo8MGSParACnHPYcqwe
juWiMmG7BNnwXUNutL/L3dtopWVPMYSSgL1kRe7FwwD0jb7VMJmPapx8x9RoU60g
Fj8TRHCJILjai9l6QynbBYznfssq/BVWClUJu0C4zzLZ4Y2q6+GStU4VDSgoCycW
fBG8DxtElJ97kmDr3CSJMvy4SrMaZrOenRtJm9NOTm671cIEUN26RTaHHgSK+e3K
RH5IrhxHGxP5m8vsk6sQa8x/53Qlfy17pF5epVoZW+qISFd8iuk60BrMPL9zXG4Z
Wk9tMiyPsaxBGLbiDHttMkncUpsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTR0RTi
o4sx9kxruHeIGzl6rYFasTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1YTJlZmUtMzQxMS00MmNmLWExOTYtNzNjMjU4NDVkNDhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fgg
MA0GCSqGSIb3DQEBCwUAA4IBAQAhkEi2fgiYMzLHNFeKoQo9MyaAptjWmxgsGCY7
45fc3WCYhT+ePKlDHQNtd5vwZG+TBgaaQYR4CdnwtsQR7NaCZ9Fv0hSXzRsN2e1b
Fz9M/4kEqxXwn/JtFaC2qM927Nchw28nTLyI4QMtKXhGibxS9KfpctWXEu52eHf7
UiN8Z6sc3tP0vHP4B0XHvkFnKBMsKYEPLxOVDrnpLFrv0HhZRWwxguTNr72Yz/WS
tdGCbnQnA1m0JrxithfbuQ92n/S93DzSIyhp9Uq5A/4jckDpdapS+9+9vkTlMV/F
RM9Ugvo896EAo9dtsZvo3U2rdu4inxe6ZKqhV9xAR02y1goL
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:21 2025 by rpki-client