Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ec3ef54-a209-4902-b036-4d329fe00df1.roa
File: 4ec3ef54-a209-4902-b036-4d329fe00df1.roa (raw, json)
Hash identifier: dN/VHrM3Xe9XWq3gN+lCUrYLXQRKNQdY+HIZHIboUFU=
Subject key identifier: BE:CB:40:DD:05:20:75:4B:70:32:45:46:F9:47:B1:88:4F:DD:CE:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D4FAC279FB4EC8B12B135E02F6A87C877D5A24B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ec3ef54-a209-4902-b036-4d329fe00df1.roa
Signing time: Fri 25 Apr 2025 19:21:18 +0000
ROA not before: Fri 25 Apr 2025 19:21:18 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:8020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:4f:ac:27:9f:b4:ec:8b:12:b1:35:e0:2f:6a:87:c8:77:d5:a2:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:21:18 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d97a772cf53e36716f9bd7f0c47745d58fd6291efe14fe9e2ccf820279e06942, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d9:4c:87:0e:bc:02:71:c2:8d:9c:aa:d8:da:
38:2c:3a:c5:6e:74:0d:45:87:9e:48:6a:d3:94:d7:
de:30:8e:b7:30:37:44:b0:e2:5a:2a:f1:34:b3:a3:
db:95:1c:0a:0a:5e:d5:9e:70:5f:23:ec:ec:cd:58:
f0:81:32:83:1f:16:17:5b:90:0b:f5:ac:a1:c8:df:
63:4b:3b:79:fe:12:17:13:f2:a1:38:07:c7:2f:91:
c0:79:b7:f4:d7:11:07:5b:eb:24:64:9d:11:7a:68:
cf:90:87:2e:12:95:9d:14:26:a7:dc:89:97:f7:1e:
bc:df:f2:94:1e:0c:ff:42:f3:41:1f:f7:bd:21:9b:
b7:d4:fb:d1:03:5e:b3:c9:4c:51:b0:35:d6:33:75:
0d:22:77:cf:61:52:9e:ee:08:5e:7f:93:47:a9:c1:
d9:d1:02:c3:5e:c2:d2:5a:9b:53:23:cd:da:b1:2b:
f5:98:30:fc:1b:2e:9c:47:82:db:9b:85:73:86:8d:
7e:01:48:ac:32:14:81:0c:c4:80:99:da:8d:d2:0a:
b8:fe:d4:e8:df:9d:40:7f:6e:63:b2:8c:21:f3:e2:
97:8d:42:ac:f6:92:e7:a6:d7:c3:ac:f8:15:a3:c2:
39:60:6a:c4:6e:6a:a0:d7:04:6c:5b:33:23:b6:d9:
ad:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:CB:40:DD:05:20:75:4B:70:32:45:46:F9:47:B1:88:4F:DD:CE:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ec3ef54-a209-4902-b036-4d329fe00df1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:8020::/46
Signature Algorithm: sha256WithRSAEncryption
00:99:a9:43:d5:07:da:2c:80:0e:66:4d:5a:38:d6:a8:4f:77:
4e:c5:59:79:02:5b:33:7b:f4:9d:81:af:8c:bd:4d:6c:be:9b:
d8:61:16:f6:ce:03:ee:b6:69:d5:18:86:46:2b:f2:ab:1f:11:
79:e0:ca:8e:e5:92:18:30:30:0b:9c:43:11:4a:d5:91:96:e6:
3b:14:7c:c7:aa:2a:bf:62:cb:21:38:7b:50:a8:9d:6e:e7:eb:
24:ee:af:33:e8:5f:b8:6d:a5:4d:9e:be:18:8d:d0:4c:a5:0a:
78:2c:a3:61:c1:56:57:43:fe:d4:47:08:af:68:ed:ff:ee:67:
b8:cf:8d:76:2d:4c:36:a1:e9:f0:65:f8:92:fd:df:01:49:13:
87:2d:27:6c:6c:ac:28:74:09:f7:8d:fe:cd:d7:04:3e:d9:46:
62:5b:74:73:d1:bd:7a:00:56:45:c7:b1:65:68:3d:96:5c:17:
8d:aa:14:91:4a:a6:6a:1a:8c:c8:76:2a:1e:30:07:de:9f:31:
ff:d4:37:b3:82:d5:f3:f6:01:81:2f:8b:b2:89:86:db:2a:6a:
05:aa:e5:3a:27:19:fd:3d:9e:ac:00:8d:8f:6c:32:e6:ff:6f:
67:25:f3:02:e4:ef:b6:2d:87:68:bd:8a:05:8c:3a:af:0b:38:
02:bf:fd:10
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfU+sJ5+07IsSsTXgL2qHyHfVokswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIxMThaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5N2E3NzJjZjUzZTM2NzE2ZjliZDdmMGM0Nzc0NWQ1OGZkNjI5MWVmZTE0
ZmU5ZTJjY2Y4MjAyNzllMDY5NDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrZTIcOvAJxwo2cqtjaOCw6xW50DUWHnkhq05TX3jCOtzA3RLDiWirxNLOj
25UcCgpe1Z5wXyPs7M1Y8IEygx8WF1uQC/WsocjfY0s7ef4SFxPyoTgHxy+RwHm3
9NcRB1vrJGSdEXpoz5CHLhKVnRQmp9yJl/cevN/ylB4M/0LzQR/3vSGbt9T70QNe
s8lMUbA11jN1DSJ3z2FSnu4IXn+TR6nB2dECw17C0lqbUyPN2rEr9Zgw/BsunEeC
25uFc4aNfgFIrDIUgQzEgJnajdIKuP7U6N+dQH9uY7KMIfPil41CrPaS56bXw6z4
FaPCOWBqxG5qoNcEbFszI7bZrUcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS+y0Dd
BSB1S3AyRUb5R7GIT93OOTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGVjM2VmNTQtYTIwOS00OTAyLWIwMzYtNGQzMjlmZTAwZGYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeA
IDANBgkqhkiG9w0BAQsFAAOCAQEAAJmpQ9UH2iyADmZNWjjWqE93TsVZeQJbM3v0
nYGvjL1NbL6b2GEW9s4D7rZp1RiGRivyqx8ReeDKjuWSGDAwC5xDEUrVkZbmOxR8
x6oqv2LLITh7UKidbufrJO6vM+hfuG2lTZ6+GI3QTKUKeCyjYcFWV0P+1EcIr2jt
/+5nuM+Ndi1MNqHp8GX4kv3fAUkThy0nbGysKHQJ943+zdcEPtlGYlt0c9G9egBW
RcexZWg9llwXjaoUkUqmahqMyHYqHjAH3p8x/9Q3s4LV8/YBgS+LsomG2ypqBarl
OicZ/T2erACNj2wy5v9vZyXzAuTvti2HaL2KBYw6rws4Ar/9EA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:36:12 2025 by rpki-client