Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e3b6523-075f-4fd7-96be-d01c2c779ecd.roa
File: 4e3b6523-075f-4fd7-96be-d01c2c779ecd.roa (raw, json)
Hash identifier: bLXMr49XvxlZwXuQYzdmjl2g+cbbFT+k6WWYatcg2UM=
Subject key identifier: 5D:78:E8:10:92:3C:1E:9D:B9:93:ED:CD:C6:67:F0:03:7A:AA:04:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10CB14420377CAEB3DAC30C3848CCF3FEA0B59FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e3b6523-075f-4fd7-96be-d01c2c779ecd.roa
Signing time: Fri 25 Apr 2025 18:10:11 +0000
ROA not before: Fri 25 Apr 2025 18:10:11 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:cb:14:42:03:77:ca:eb:3d:ac:30:c3:84:8c:cf:3f:ea:0b:59:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:10:11 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=879ccc5f2e36b6d2b559f5ca4861c46db9ed2371d3d69f2c1419cb630b286251, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e8:29:e9:79:3b:e6:74:c0:43:75:5f:4d:06:
a0:56:1a:c8:99:6f:f7:15:26:c9:61:58:d2:8d:55:
ae:f8:65:35:d2:c8:90:42:12:c7:3c:30:ea:1d:4f:
a2:bd:de:a2:c2:40:55:22:58:bb:1d:4b:e7:75:2a:
43:d0:02:60:bb:5c:3f:6a:24:74:a6:13:f8:c0:a9:
c6:25:5f:2e:80:f1:c7:26:ef:d8:d9:58:62:48:0a:
93:cf:1a:1c:e6:38:8e:9a:0f:93:be:61:5f:a4:b5:
d4:03:10:62:cc:77:41:01:29:04:97:0a:26:6f:bd:
9d:4c:fb:ba:1e:36:fd:f6:41:95:8e:c7:50:cc:80:
a0:0f:e8:20:1b:45:79:75:f9:92:b2:13:bf:a2:6d:
4e:99:24:c4:71:95:89:23:7b:ba:eb:1e:57:d0:2f:
b8:90:79:e1:46:41:74:61:0c:20:e3:c1:aa:56:51:
64:a6:fd:7b:63:60:e3:13:62:91:0d:79:4b:48:48:
0e:fd:84:30:c4:14:78:12:5e:24:31:77:5d:19:fd:
fa:b5:b7:fe:ff:7a:e1:dc:0c:21:6d:c8:51:e0:0e:
41:16:fd:3b:6c:ed:a0:af:47:ee:66:31:5c:27:61:
a3:ee:c3:7c:65:f0:e7:c8:42:6b:3b:26:f4:8d:ed:
f9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:78:E8:10:92:3C:1E:9D:B9:93:ED:CD:C6:67:F0:03:7A:AA:04:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e3b6523-075f-4fd7-96be-d01c2c779ecd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:9080::/48
Signature Algorithm: sha256WithRSAEncryption
75:54:26:31:b6:90:07:31:6b:1a:3b:88:97:71:dc:30:32:a6:
ad:fc:b0:56:9d:b9:d7:88:ce:85:27:ca:d8:69:be:f1:a5:c9:
49:95:ff:5d:bd:f6:b3:d3:cc:b4:a5:62:3e:1a:f8:bf:6b:01:
a4:ef:ae:86:6d:25:96:36:50:b1:18:27:d4:ed:8a:dd:19:b4:
38:e7:f4:95:9b:76:48:32:65:10:04:53:a5:3c:67:6b:c1:58:
c9:d7:9c:13:54:5d:89:56:a8:e2:3e:df:0c:27:af:93:ef:0c:
90:ee:49:11:f8:0b:a6:ff:5a:34:40:04:33:5e:c5:fa:bb:70:
a9:9e:a4:e2:d7:54:23:bc:31:7e:67:89:29:f9:87:bb:d8:7a:
1d:5e:37:f0:48:01:81:cf:f6:7c:5d:4c:8f:09:98:29:03:93:
a8:51:a5:c0:f9:36:e7:87:1b:78:57:95:75:fd:7c:39:94:47:
24:ae:bf:79:0c:0e:a2:8b:d1:37:f0:fe:81:b7:5e:4a:a4:b4:
33:03:41:a3:6d:22:e8:7e:86:fc:72:a8:06:60:7c:05:e9:ad:
97:d3:6f:06:74:41:16:61:aa:d4:7e:39:09:94:17:f6:17:ff:
10:39:ca:1e:a7:c9:69:4a:52:40:e9:9e:b2:63:8d:4b:3d:0a:
ee:26:d1:ac
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEMsUQgN3yus9rDDDhIzPP+oLWf4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODEwMTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3OWNjYzVmMmUzNmI2ZDJiNTU5ZjVjYTQ4NjFjNDZkYjllZDIzNzFkM2Q2
OWYyYzE0MTljYjYzMGIyODYyNTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzoKel5O+Z0wEN1X00GoFYayJlv9xUmyWFY0o1VrvhlNdLIkEISxzww6h1P
or3eosJAVSJYux1L53UqQ9ACYLtcP2okdKYT+MCpxiVfLoDxxybv2NlYYkgKk88a
HOY4jpoPk75hX6S11AMQYsx3QQEpBJcKJm+9nUz7uh42/fZBlY7HUMyAoA/oIBtF
eXX5krITv6JtTpkkxHGViSN7uuseV9AvuJB54UZBdGEMIOPBqlZRZKb9e2Ng4xNi
kQ15S0hIDv2EMMQUeBJeJDF3XRn9+rW3/v964dwMIW3IUeAOQRb9O2ztoK9H7mYx
XCdho+7DfGXw58hCazsm9I3t+ZUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRdeOgQ
kjwenbmT7c3GZ/ADeqoEjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGUzYjY1MjMtMDc1Zi00ZmQ3LTk2YmUtZDAxYzJjNzc5ZWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAdVQmMbaQBzFrGjuIl3HcMDKmrfywVp2514jO
hSfK2Gm+8aXJSZX/Xb32s9PMtKViPhr4v2sBpO+uhm0lljZQsRgn1O2K3Rm0OOf0
lZt2SDJlEARTpTxna8FYydecE1RdiVao4j7fDCevk+8MkO5JEfgLpv9aNEAEM17F
+rtwqZ6k4tdUI7wxfmeJKfmHu9h6HV438EgBgc/2fF1MjwmYKQOTqFGlwPk254cb
eFeVdf18OZRHJK6/eQwOoovRN/D+gbdeSqS0MwNBo20i6H6G/HKoBmB8Bemtl9Nv
BnRBFmGq1H45CZQX9hf/EDnKHqfJaUpSQOmesmONSz0K7ibRrA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:41 2025 by rpki-client