Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b5082fa-83b2-4d42-ba4b-3d46dea3f642.roa
File: 4b5082fa-83b2-4d42-ba4b-3d46dea3f642.roa (raw, json)
Hash identifier: Gn5OI7BMc8pxcnmlATItE9Ptx7ALmld/WmLJlqtRqaw=
Subject key identifier: F1:DD:73:F2:13:00:92:06:4E:EF:9B:C0:D0:23:50:85:A9:43:16:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 314043F4407780BC6B148080902B1C380CBBF4DE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b5082fa-83b2-4d42-ba4b-3d46dea3f642.roa
Signing time: Thu 17 Apr 2025 20:36:57 +0000
ROA not before: Thu 17 Apr 2025 20:36:57 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:40:43:f4:40:77:80:bc:6b:14:80:80:90:2b:1c:38:0c:bb:f4:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 20:36:57 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=40a3051c9f4d61631ee8b86fd1a98ff53896a63fc4a6021ecbc7eafa18dda530, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b8:e7:04:62:a6:1d:5c:1b:65:60:d0:b0:30:
98:11:be:4c:b4:1f:7a:e5:3e:c5:28:a6:3a:1c:00:
39:5d:a5:44:0e:25:9f:77:57:e6:8c:72:36:80:5c:
69:b8:bf:8f:17:52:1e:93:f6:fb:69:5c:b3:d3:03:
17:77:49:d9:ad:ad:06:85:8d:f0:87:77:e4:a8:a7:
76:7e:09:21:a6:61:b2:36:73:77:36:f8:cf:74:1b:
90:f2:cf:7d:c0:70:d0:03:e3:41:39:69:43:f4:6c:
34:a0:4f:62:ba:95:6a:c6:45:80:01:8d:bb:2b:41:
a9:0d:c8:f2:a9:b1:d5:83:ed:95:72:d7:78:91:83:
63:62:75:0d:9a:82:c4:c1:83:22:33:0c:90:c2:10:
ba:73:2d:9c:f5:a7:4a:fb:44:75:70:2b:b6:6f:58:
b3:3e:ad:33:26:ce:c4:fe:3b:3b:e5:67:c1:1d:6d:
d9:ea:13:ff:51:39:1c:84:d4:4f:76:31:4c:05:a1:
59:1a:8f:1c:cc:e2:ba:cb:48:46:f1:cb:8f:e6:33:
ab:6a:89:a3:9f:fb:88:1d:6e:02:e2:d0:f1:a1:14:
26:fb:f0:75:24:54:95:6a:41:76:56:b6:50:a4:3a:
dc:42:07:51:cd:63:86:4d:ed:81:d2:95:96:6d:6e:
65:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:DD:73:F2:13:00:92:06:4E:EF:9B:C0:D0:23:50:85:A9:43:16:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b5082fa-83b2-4d42-ba4b-3d46dea3f642.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:5000::/40
Signature Algorithm: sha256WithRSAEncryption
49:aa:60:5c:21:81:3b:7d:20:27:8b:80:f0:ba:9f:55:de:e9:
53:c3:db:de:52:f1:41:7f:25:ee:f6:75:0d:db:ec:53:25:7d:
6b:5b:13:93:e4:fd:5d:83:9e:09:f7:a0:7d:93:dd:26:19:57:
20:08:5e:30:ee:31:95:6d:17:46:18:fb:e0:70:2f:bc:83:7b:
5c:b9:2e:9a:8d:47:55:b2:bc:f6:9f:8a:1d:3a:9c:7e:ab:30:
6d:08:44:28:10:b5:b7:7e:c6:2c:43:dc:98:01:5a:4c:cf:9a:
36:d7:f8:7c:de:f3:e2:83:96:ec:40:21:b5:99:4d:29:d2:9f:
e6:85:04:2e:2a:29:32:15:35:76:c0:7a:1d:8b:51:ca:c9:59:
b6:34:c0:48:25:3d:2c:bb:75:80:1e:76:07:2e:4e:8c:0d:ae:
be:8e:9a:2d:a8:5c:23:c6:22:18:39:54:2d:be:47:39:24:f9:
ba:09:28:26:cd:36:c8:02:36:bc:da:b7:85:fd:cb:ee:7c:4a:
ad:c0:df:c6:09:f4:ff:1d:e2:63:4a:cd:49:3d:da:2d:fd:37:
3b:72:69:77:ec:6c:31:4c:af:ea:a9:79:ed:a9:ea:82:10:77:
eb:8c:c4:e6:be:4b:18:76:f9:26:e7:0c:ba:d6:ab:24:4c:50:
9d:e2:05:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMUBD9EB3gLxrFICAkCscOAy79N4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcyMDM2NTdaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwYTMwNTFjOWY0ZDYxNjMxZWU4Yjg2ZmQxYTk4ZmY1Mzg5NmE2M2ZjNGE2
MDIxZWNiYzdlYWZhMThkZGE1MzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANS45wRiph1cG2Vg0LAwmBG+TLQfeuU+xSimOhwAOV2lRA4ln3dX5oxyNoBc
abi/jxdSHpP2+2lcs9MDF3dJ2a2tBoWN8Id35Kindn4JIaZhsjZzdzb4z3QbkPLP
fcBw0APjQTlpQ/RsNKBPYrqVasZFgAGNuytBqQ3I8qmx1YPtlXLXeJGDY2J1DZqC
xMGDIjMMkMIQunMtnPWnSvtEdXArtm9Ysz6tMybOxP47O+VnwR1t2eoT/1E5HITU
T3YxTAWhWRqPHMziustIRvHLj+Yzq2qJo5/7iB1uAuLQ8aEUJvvwdSRUlWpBdla2
UKQ63EIHUc1jhk3tgdKVlm1uZW8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTx3XPy
EwCSBk7vm8DQI1CFqUMWnjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI1MDgyZmEtODNiMi00ZDQyLWJhNGItM2Q0NmRlYTNmNjQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G5Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBJqmBcIYE7fSAni4Dwup9V3ulTw9veUvFBfyXu
9nUN2+xTJX1rWxOT5P1dg54J96B9k90mGVcgCF4w7jGVbRdGGPvgcC+8g3tcuS6a
jUdVsrz2n4odOpx+qzBtCEQoELW3fsYsQ9yYAVpMz5o21/h83vPig5bsQCG1mU0p
0p/mhQQuKikyFTV2wHodi1HKyVm2NMBIJT0su3WAHnYHLk6MDa6+jpotqFwjxiIY
OVQtvkc5JPm6CSgmzTbIAja82reF/cvufEqtwN/GCfT/HeJjSs1JPdot/Tc7cml3
7GwxTK/qqXntqeqCEHfrjMTmvksYdvkm5wy61qskTFCd4gV0
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:24 2025 by rpki-client