Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57166fdd-8031-475e-a7c3-4a94e8e8484e.roa
File: 57166fdd-8031-475e-a7c3-4a94e8e8484e.roa (raw, json)
Hash identifier: Ue1le5Ki0la4thsEQjqCS1YhjaiOX0XPqaHBHDgcG8E=
Subject key identifier: E7:92:55:8D:51:75:BF:CD:C3:83:FC:FF:F1:23:B2:F3:F1:CC:9D:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68F16C6ACE630201528360E7A0F27C0DB78D1AC3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57166fdd-8031-475e-a7c3-4a94e8e8484e.roa
Signing time: Thu 17 Apr 2025 20:36:58 +0000
ROA not before: Thu 17 Apr 2025 20:36:58 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:f1:6c:6a:ce:63:02:01:52:83:60:e7:a0:f2:7c:0d:b7:8d:1a:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 20:36:58 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=0d987b2c03edcda464df8da43b48a71c85b51ce6cc27fe88838107c65663143a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:92:7e:fa:6f:5a:0b:bd:4b:2f:9f:f3:43:9b:
e6:05:0d:72:b6:c1:9a:4b:a7:0a:15:ac:a0:cf:c1:
65:e0:1b:e7:57:2f:36:6c:7a:f3:7e:a2:ac:3f:07:
02:27:ce:84:f8:00:ca:cb:57:fd:a8:ce:44:fd:78:
ae:60:98:00:2d:08:ea:bf:38:69:d5:92:75:cb:f2:
6f:7c:53:dd:17:b6:56:93:27:d2:0c:d4:de:53:9a:
0f:81:cb:1a:0a:f8:a9:22:f1:30:95:f8:11:cb:f5:
aa:fb:15:3c:21:97:07:5d:3a:f8:d1:38:ee:a8:70:
7b:09:19:92:de:75:55:fd:c0:ce:a0:55:d5:ab:db:
00:c7:74:d5:1c:e1:96:ef:8b:f7:69:a5:73:94:95:
25:14:87:05:38:a7:ee:7f:8f:51:5a:2c:1c:7d:7d:
3b:c5:a7:9b:01:78:c0:a4:a8:da:38:36:3f:f3:fa:
f8:ef:ab:45:1a:c6:df:7a:20:c6:11:60:33:0d:43:
27:ed:95:13:33:07:14:3c:c6:57:47:f5:1f:f9:c5:
96:ae:18:50:c2:a4:d1:80:b6:6f:3d:4f:9c:71:1a:
c9:4b:32:b5:29:b2:b2:99:64:9a:f8:e8:c4:a9:e0:
98:25:f8:0c:eb:2e:07:76:4d:38:d2:b9:51:33:ca:
39:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:92:55:8D:51:75:BF:CD:C3:83:FC:FF:F1:23:B2:F3:F1:CC:9D:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57166fdd-8031-475e-a7c3-4a94e8e8484e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:6000::/40
Signature Algorithm: sha256WithRSAEncryption
07:d9:e5:fa:bc:4a:4d:96:da:a6:df:39:71:2b:61:3d:07:17:
84:b8:61:e0:44:8b:b7:d0:f3:eb:db:9c:bc:10:6e:38:bd:75:
95:a3:d7:df:bf:a8:f2:40:fa:59:f9:de:c1:ac:86:c6:e7:ec:
1a:89:d9:f3:28:ef:74:dc:0c:b2:53:6e:d3:7c:2c:ed:e2:01:
85:52:af:1b:e8:ed:f3:68:ff:f2:c6:ad:96:5c:98:ed:27:cd:
42:12:a9:ab:ce:54:93:0d:65:32:e1:42:e7:15:d1:da:d7:1f:
be:cc:ef:50:37:56:6a:fc:cc:0e:92:86:ec:93:f6:1c:18:db:
68:e6:12:05:d5:35:d4:84:08:5a:17:b6:78:34:21:e1:7d:45:
45:5e:13:19:18:85:6c:d8:c5:e6:7f:89:0e:2e:3e:c2:b3:e7:
a7:f8:68:9b:80:3d:e5:6a:62:68:ca:3e:8e:a3:fc:22:6d:81:
be:98:e7:d9:32:48:85:f8:74:62:64:b3:ed:41:e0:99:fd:f9:
88:df:cd:20:7a:12:b7:d6:a5:d7:ef:ce:94:dc:91:12:b9:16:
e4:d0:68:08:d3:65:30:88:51:9b:cd:f9:68:58:a4:91:99:f0:
71:c2:ea:89:9c:66:99:d6:bd:8d:3d:ae:93:f7:96:4f:49:79:
1d:11:53:3f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaPFsas5jAgFSg2DnoPJ8DbeNGsMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcyMDM2NThaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkOTg3YjJjMDNlZGNkYTQ2NGRmOGRhNDNiNDhhNzFjODViNTFjZTZjYzI3
ZmU4ODgzODEwN2M2NTY2MzE0M2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSSfvpvWgu9Sy+f80Ob5gUNcrbBmkunChWsoM/BZeAb51cvNmx6836irD8H
AifOhPgAystX/ajORP14rmCYAC0I6r84adWSdcvyb3xT3Re2VpMn0gzU3lOaD4HL
Ggr4qSLxMJX4Ecv1qvsVPCGXB106+NE47qhwewkZkt51Vf3AzqBV1avbAMd01Rzh
lu+L92mlc5SVJRSHBTin7n+PUVosHH19O8WnmwF4wKSo2jg2P/P6+O+rRRrG33og
xhFgMw1DJ+2VEzMHFDzGV0f1H/nFlq4YUMKk0YC2bz1PnHEayUsytSmysplkmvjo
xKngmCX4DOsuB3ZNONK5UTPKOWUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTnklWN
UXW/zcOD/P/xI7Lz8cyd/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTcxNjZmZGQtODAzMS00NzVlLWE3YzMtNGE5NGU4ZTg0ODRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G5g
MA0GCSqGSIb3DQEBCwUAA4IBAQAH2eX6vEpNltqm3zlxK2E9BxeEuGHgRIu30PPr
25y8EG44vXWVo9ffv6jyQPpZ+d7BrIbG5+waidnzKO903AyyU27TfCzt4gGFUq8b
6O3zaP/yxq2WXJjtJ81CEqmrzlSTDWUy4ULnFdHa1x++zO9QN1Zq/MwOkobsk/Yc
GNto5hIF1TXUhAhaF7Z4NCHhfUVFXhMZGIVs2MXmf4kOLj7Cs+en+GibgD3lamJo
yj6Oo/wibYG+mOfZMkiF+HRiZLPtQeCZ/fmI380gehK31qXX786U3JESuRbk0GgI
02UwiFGbzfloWKSRmfBxwuqJnGaZ1r2NPa6T95ZPSXkdEVM/
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:41 2025 by rpki-client