Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/655038e8-ae62-4d89-86ef-c5f745dc0c17.roa
File: 655038e8-ae62-4d89-86ef-c5f745dc0c17.roa (raw, json)
Hash identifier: tDUvXuFO4zGuQIc20/uaPNhoM9Hdt043K91Hdumno+8=
Subject key identifier: 3A:0B:5D:BF:D2:B1:A6:23:62:10:62:62:C3:27:E3:F2:29:E6:8B:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 358FE456BCFEBEF2988694F4C524FF1563881420
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/655038e8-ae62-4d89-86ef-c5f745dc0c17.roa
Signing time: Mon 21 Apr 2025 18:30:19 +0000
ROA not before: Mon 21 Apr 2025 18:30:19 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:8f:e4:56:bc:fe:be:f2:98:86:94:f4:c5:24:ff:15:63:88:14:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:30:19 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=24004b6549123e7fee5428377e6284253382d8d2a3531ca08d2bdbce20ad7f6f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:06:06:56:25:3e:3d:3d:d0:1f:f1:44:df:f0:
db:3f:24:d1:81:7b:90:fd:74:82:2d:72:ab:3f:7b:
f5:a1:44:dd:4a:c1:53:df:cd:67:4e:63:e7:6d:ee:
7b:ab:ae:8f:ac:de:4f:24:4a:6d:c6:38:9b:bc:06:
d7:08:68:28:a5:2b:00:62:03:4c:8b:00:21:86:47:
a8:79:7c:67:e3:0b:c9:7e:5b:a7:d1:93:c9:98:57:
bd:cc:18:41:64:77:ba:6d:e6:14:3d:24:ac:48:9d:
35:e9:db:fc:71:6c:e7:31:45:6b:94:a3:b7:2a:6b:
d4:ad:ee:4a:43:5b:a8:df:93:5a:d2:e9:e0:44:05:
36:0c:a4:18:e5:59:aa:91:6f:90:33:75:b5:93:c7:
18:a4:5a:cf:21:aa:50:67:9b:d6:45:c8:ff:db:f2:
f0:eb:a7:f8:40:4b:9c:9e:4a:90:b0:c8:7c:37:4d:
57:3d:64:e0:0d:1b:c0:fb:3c:24:c4:cc:ed:48:2a:
b5:61:33:13:b3:41:e9:2f:d0:37:ef:3e:08:f6:70:
b4:f2:da:7a:57:c0:77:5c:c8:0d:7d:51:d5:21:94:
1b:70:1e:07:4f:59:ab:a3:b0:27:9a:27:07:5d:05:
6a:f1:e6:2c:3a:bb:1a:29:18:2b:ed:39:92:f8:7a:
7e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0B:5D:BF:D2:B1:A6:23:62:10:62:62:C3:27:E3:F2:29:E6:8B:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/655038e8-ae62-4d89-86ef-c5f745dc0c17.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:840::/48
Signature Algorithm: sha256WithRSAEncryption
96:a9:3f:6d:89:b8:9e:da:cb:bf:25:95:df:fd:15:59:f3:51:
57:e2:1f:7b:6b:53:4a:e8:76:82:28:c2:3d:59:52:e2:07:1c:
ac:83:1c:c4:32:8d:94:28:08:22:52:87:42:8f:97:0b:48:a1:
c7:14:0a:f8:7d:57:d3:29:e3:08:26:8f:b4:f9:2b:f4:02:55:
ee:01:ba:f0:34:d9:dd:41:12:f9:ae:14:25:8c:8b:6e:a2:eb:
a7:52:b0:5a:29:31:c3:ff:85:89:07:99:65:b6:15:b4:04:40:
98:e5:3a:8c:26:d9:fd:4d:bd:ee:53:b8:4f:b6:81:aa:35:3b:
fa:12:e9:4c:71:a0:c0:b4:18:4c:44:af:42:74:4d:cb:ae:8a:
60:5a:b3:75:0d:8c:d4:10:e0:8e:93:d9:b9:f3:56:0f:f8:5d:
2a:03:f9:05:c2:6a:d8:12:64:db:28:e0:81:30:e0:fc:ab:22:
79:86:7f:ed:50:cb:88:1c:33:32:87:c8:76:28:13:c5:2c:33:
a0:da:e1:21:06:47:bc:47:65:f7:89:a4:e0:c9:48:bf:eb:6c:
e3:b5:d0:47:d7:36:e3:63:b4:9b:24:39:81:cf:78:68:71:9b:
c3:94:ad:74:11:cb:f6:fa:ac:58:35:cc:df:f7:b0:46:e3:33:
01:67:2d:01
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNY/kVrz+vvKYhpT0xST/FWOIFCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMwMTlaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0MDA0YjY1NDkxMjNlN2ZlZTU0MjgzNzdlNjI4NDI1MzM4MmQ4ZDJhMzUz
MWNhMDhkMmJkYmNlMjBhZDdmNmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANUGBlYlPj090B/xRN/w2z8k0YF7kP10gi1yqz979aFE3UrBU9/NZ05j523u
e6uuj6zeTyRKbcY4m7wG1whoKKUrAGIDTIsAIYZHqHl8Z+MLyX5bp9GTyZhXvcwY
QWR3um3mFD0krEidNenb/HFs5zFFa5Sjtypr1K3uSkNbqN+TWtLp4EQFNgykGOVZ
qpFvkDN1tZPHGKRazyGqUGeb1kXI/9vy8Oun+EBLnJ5KkLDIfDdNVz1k4A0bwPs8
JMTM7UgqtWEzE7NB6S/QN+8+CPZwtPLaelfAd1zIDX1R1SGUG3AeB09Zq6OwJ5on
B10FavHmLDq7GikYK+05kvh6fs0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ6C12/
0rGmI2IQYmLDJ+PyKeaLRjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjU1MDM4ZTgtYWU2Mi00ZDg5LTg2ZWYtYzVmNzQ1ZGMwYzE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I
QDANBgkqhkiG9w0BAQsFAAOCAQEAlqk/bYm4ntrLvyWV3/0VWfNRV+Ife2tTSuh2
gijCPVlS4gccrIMcxDKNlCgIIlKHQo+XC0ihxxQK+H1X0ynjCCaPtPkr9AJV7gG6
8DTZ3UES+a4UJYyLbqLrp1KwWikxw/+FiQeZZbYVtARAmOU6jCbZ/U297lO4T7aB
qjU7+hLpTHGgwLQYTESvQnRNy66KYFqzdQ2M1BDgjpPZufNWD/hdKgP5BcJq2BJk
2yjggTDg/KsieYZ/7VDLiBwzMofIdigTxSwzoNrhIQZHvEdl94mk4MlIv+ts47XQ
R9c242O0myQ5gc94aHGbw5StdBHL9vqsWDXM3/ewRuMzAWctAQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:12 2025 by rpki-client