Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa
File: 4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa (raw, json)
Hash identifier: DE6tYlfZaau80oKJt3t4TnprfegyObBe9R280+aZOfU=
Subject key identifier: 64:98:D5:F0:BC:5D:94:07:9E:9B:89:01:31:8D:42:A1:D2:6F:18:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 616D45CCCCAB7912EE636C5DFF609065C086EAFB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa
Signing time: Mon 21 Apr 2025 18:31:06 +0000
ROA not before: Mon 21 Apr 2025 18:31:06 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:6d:45:cc:cc:ab:79:12:ee:63:6c:5d:ff:60:90:65:c0:86:ea:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:31:06 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=26104f4a6f87ee42447c141d5ed3ceb7dec8b3729b9d774abe460e4667f2a0cb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a0:b3:f6:1b:11:d0:4d:7d:09:8c:95:8d:e0:
cf:5b:ce:9c:1f:e4:f8:c8:d0:93:c7:e6:f3:37:e7:
7a:4c:5b:b0:40:12:a5:34:d0:1b:e9:34:61:8d:5a:
83:d2:20:7d:a2:1f:d4:46:5e:24:ff:2c:4c:8c:2b:
f1:ad:cb:94:b1:c2:ab:40:93:ca:b1:9a:6c:0b:df:
fc:a8:5a:fa:96:10:53:2d:c9:87:ca:eb:f7:1b:d3:
64:2b:3d:a3:53:85:96:72:c9:b1:42:ba:49:d0:bb:
29:23:22:0a:3a:2b:8b:80:49:47:aa:ad:f4:0d:e1:
46:d1:1b:78:02:63:93:94:85:9c:ed:3c:e0:0e:e6:
54:95:99:7d:58:df:96:9c:ed:05:a7:a3:fc:c4:aa:
4b:88:7f:3e:3f:cc:14:ed:1e:04:17:3a:d7:9a:33:
11:16:7e:7b:14:97:db:52:6a:b7:40:76:02:2d:83:
8e:c7:b3:98:cc:8a:c6:fa:cf:65:49:31:d8:c4:75:
55:6e:e4:bf:c1:1b:df:a7:b7:f2:2b:d3:7a:af:92:
d9:1a:44:ee:b7:2f:75:c6:e6:f8:6f:15:0a:36:8c:
ff:a4:a8:f4:97:e7:71:6d:3d:08:25:eb:a9:2b:39:
33:c9:bb:f7:ca:b7:bf:ef:89:0d:d2:d6:6d:02:67:
bf:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:98:D5:F0:BC:5D:94:07:9E:9B:89:01:31:8D:42:A1:D2:6F:18:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
05:40:bd:9f:a0:2e:f2:8e:81:35:ce:92:aa:c7:f5:50:24:4d:
b5:83:36:67:54:77:20:9c:b0:67:d8:f2:b6:cf:9e:c9:ad:e4:
9b:38:3d:56:8a:fe:6e:f5:da:6b:0b:1f:7a:76:c8:69:e7:f5:
07:98:b5:40:d9:65:1f:c9:3b:e0:b6:e2:9c:c0:e6:86:5c:6e:
2f:4e:66:c3:09:27:b7:5a:b5:70:43:fa:2c:94:19:68:c5:33:
cb:d9:54:85:49:74:89:62:1f:2e:18:b6:e2:8d:e8:8c:60:f8:
22:f9:41:93:4d:8a:d2:87:82:08:21:57:56:1c:f3:af:a1:d9:
3c:8d:0b:3d:9d:bb:c0:70:9d:7c:a5:bc:d5:fc:44:7e:d8:35:
a8:63:33:27:75:b5:9d:47:8d:aa:30:1d:36:1e:1c:74:25:0c:
0e:01:69:cf:6d:35:ef:35:ef:7d:c0:6d:a7:2e:a9:28:18:ef:
6f:69:f8:f8:18:c7:f4:42:c4:95:c5:83:82:41:31:2b:07:94:
63:ad:ce:de:de:9d:c3:fd:84:06:52:20:05:af:ad:d7:a9:86:
93:58:42:4d:ef:dd:0b:6d:a5:47:e3:aa:09:3e:a7:7f:69:aa:
10:61:9c:cb:12:43:58:77:51:22:f3:eb:8c:fc:15:21:ad:59:
9f:de:50:16
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYW1FzMyreRLuY2xd/2CQZcCG6vswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMxMDZaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2MTA0ZjRhNmY4N2VlNDI0NDdjMTQxZDVlZDNjZWI3ZGVjOGIzNzI5Yjlk
Nzc0YWJlNDYwZTQ2NjdmMmEwY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKegs/YbEdBNfQmMlY3gz1vOnB/k+MjQk8fm8zfnekxbsEASpTTQG+k0YY1a
g9IgfaIf1EZeJP8sTIwr8a3LlLHCq0CTyrGabAvf/Kha+pYQUy3Jh8rr9xvTZCs9
o1OFlnLJsUK6SdC7KSMiCjori4BJR6qt9A3hRtEbeAJjk5SFnO084A7mVJWZfVjf
lpztBaej/MSqS4h/Pj/MFO0eBBc615ozERZ+exSX21Jqt0B2Ai2DjsezmMyKxvrP
ZUkx2MR1VW7kv8Eb36e38ivTeq+S2RpE7rcvdcbm+G8VCjaM/6So9JfncW09CCXr
qSs5M8m798q3v++JDdLWbQJnv4kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRkmNXw
vF2UB56biQExjUKh0m8YXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI2YTdjMGEtM2U0YS00NzM3LWI5MmItZmFjMjJkZTg3NTdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DgI
wDANBgkqhkiG9w0BAQsFAAOCAQEABUC9n6Au8o6BNc6Sqsf1UCRNtYM2Z1R3IJyw
Z9jyts+eya3kmzg9Vor+bvXaawsfenbIaef1B5i1QNllH8k74LbinMDmhlxuL05m
wwknt1q1cEP6LJQZaMUzy9lUhUl0iWIfLhi24o3ojGD4IvlBk02K0oeCCCFXVhzz
r6HZPI0LPZ27wHCdfKW81fxEftg1qGMzJ3W1nUeNqjAdNh4cdCUMDgFpz2017zXv
fcBtpy6pKBjvb2n4+BjH9ELElcWDgkExKweUY63O3t6dw/2EBlIgBa+t16mGk1hC
Te/dC22lR+OqCT6nf2mqEGGcyxJDWHdRIvPrjPwVIa1Zn95QFg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:22 2025 by rpki-client