Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
File: 595250c3-e9f2-4e23-9779-87c47497f520.roa (raw, json)
Hash identifier: Y+/ARl3RJwkbxbKAS6gr7ca6fKj4DjhunQr5KRiFMis=
Subject key identifier: 50:DA:7B:D3:3B:99:9B:76:8D:45:78:5F:1B:F9:22:EA:DA:43:10:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 550F20B24D4844BBBD897A58BC4931B5EEAE2EB2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
Signing time: Fri 25 Apr 2025 19:51:30 +0000
ROA not before: Fri 25 Apr 2025 19:51:30 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:0f:20:b2:4d:48:44:bb:bd:89:7a:58:bc:49:31:b5:ee:ae:2e:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:51:30 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=2fa17ea3985e69d5592d51b4a956e9b843dc3ed0328b26115e052fc55cc217d4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:08:d1:ff:3f:51:62:79:eb:d1:03:72:27:ff:
6c:c9:5a:68:2d:3d:55:65:c3:56:23:a6:53:30:0f:
61:ea:98:77:e7:ff:d6:4c:c6:f9:a1:35:ed:36:ca:
a3:2e:f6:69:c3:b4:19:03:e5:7a:79:61:02:25:1c:
0b:2b:15:fb:08:8e:41:36:fa:16:7e:09:c0:1c:8b:
97:0e:74:0f:9c:91:4d:41:d2:f2:9e:97:19:f3:3d:
d1:25:16:79:3b:4c:b7:cc:6b:e2:cf:fe:ac:74:ed:
fd:83:f8:8c:9f:2e:1d:33:46:60:b6:f8:be:e1:82:
b9:5f:81:bc:f9:3e:cc:d1:d3:9f:15:44:a9:ac:89:
af:74:ab:b1:c8:50:7b:cd:ed:4f:fd:d3:63:4b:04:
36:35:77:09:af:03:40:83:26:51:c9:47:f4:c5:dd:
55:66:93:80:73:bf:ae:9d:3a:3e:92:e4:5e:e3:53:
1b:69:eb:15:16:17:11:96:7a:a9:48:69:13:d1:1b:
34:8e:5e:36:7c:a2:16:41:a9:54:8e:4e:d0:7e:16:
a4:a9:c5:0f:e7:77:dd:33:9f:4a:37:fb:88:8e:6f:
32:f5:26:f3:e5:d6:36:c3:0d:49:d5:c1:25:4b:96:
23:19:e2:81:79:78:b4:4d:a9:a1:ec:24:a4:d5:45:
e5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:DA:7B:D3:3B:99:9B:76:8D:45:78:5F:1B:F9:22:EA:DA:43:10:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:5000::/40
Signature Algorithm: sha256WithRSAEncryption
a1:4f:37:64:4b:7f:d7:d8:a2:24:b1:63:ff:ef:dd:18:d9:4e:
3f:bf:0b:c1:01:4e:1b:71:4f:bd:80:a9:23:f6:65:ad:b7:de:
22:1d:0c:45:c4:8e:22:fb:ef:1d:0c:1c:78:9d:80:49:25:d6:
dc:87:34:03:e7:5f:52:48:05:ce:64:08:6c:9b:a6:a6:d1:74:
66:c1:f4:e1:52:8a:7a:a8:ee:4a:93:91:b2:27:37:59:52:22:
a6:49:63:98:c0:ef:b0:da:05:ed:d4:47:fb:8e:cd:35:94:bb:
26:19:79:26:cc:cd:28:2b:66:74:1a:c8:20:0e:ca:b1:7d:ba:
e3:61:8e:35:cf:96:8e:da:29:3b:ea:8a:eb:34:6a:6c:53:bb:
13:7d:34:2a:b8:34:63:65:29:b9:e5:7d:8b:08:2f:54:ae:17:
e5:8a:42:73:72:68:7f:2d:35:6f:01:27:5b:d9:80:d0:2d:56:
2c:d5:ac:21:15:c5:91:47:06:df:e4:b4:b4:6f:d1:b1:9c:0c:
17:9f:f1:a0:2b:45:4d:b8:8a:de:d4:b0:d2:3d:07:4c:03:31:
a2:36:6c:1d:a6:09:59:ed:94:f0:9b:d5:3c:b2:ff:25:a4:60:
91:d0:58:7f:f3:36:c7:d3:ae:75:16:14:17:8c:f8:4b:08:5a:
b0:36:b1:80
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVQ8gsk1IRLu9iXpYvEkxte6uLrIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUxMzBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmYTE3ZWEzOTg1ZTY5ZDU1OTJkNTFiNGE5NTZlOWI4NDNkYzNlZDAzMjhi
MjYxMTVlMDUyZmM1NWNjMjE3ZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMI0f8/UWJ569EDcif/bMlaaC09VWXDViOmUzAPYeqYd+f/1kzG+aE17TbK
oy72acO0GQPlenlhAiUcCysV+wiOQTb6Fn4JwByLlw50D5yRTUHS8p6XGfM90SUW
eTtMt8xr4s/+rHTt/YP4jJ8uHTNGYLb4vuGCuV+BvPk+zNHTnxVEqayJr3SrschQ
e83tT/3TY0sENjV3Ca8DQIMmUclH9MXdVWaTgHO/rp06PpLkXuNTG2nrFRYXEZZ6
qUhpE9EbNI5eNnyiFkGpVI5O0H4WpKnFD+d33TOfSjf7iI5vMvUm8+XWNsMNSdXB
JUuWIxnigXl4tE2poewkpNVF5TECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRQ2nvT
O5mbdo1FeF8b+SLq2kMQCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTk1MjUwYzMtZTlmMi00ZTIzLTk3NzktODdjNDc0OTdmNTIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQChTzdkS3/X2KIksWP/790Y2U4/vwvBAU4bcU+9
gKkj9mWtt94iHQxFxI4i++8dDBx4nYBJJdbchzQD519SSAXOZAhsm6am0XRmwfTh
Uop6qO5Kk5GyJzdZUiKmSWOYwO+w2gXt1Ef7js01lLsmGXkmzM0oK2Z0GsggDsqx
fbrjYY41z5aO2ik76orrNGpsU7sTfTQquDRjZSm55X2LCC9UrhflikJzcmh/LTVv
ASdb2YDQLVYs1awhFcWRRwbf5LS0b9GxnAwXn/GgK0VNuIre1LDSPQdMAzGiNmwd
pglZ7ZTwm9U8sv8lpGCR0Fh/8zbH0651FhQXjPhLCFqwNrGA
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:21 2025 by rpki-client