Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65c46db4-023b-4885-8c6b-9444db174ad3.roa
File: 65c46db4-023b-4885-8c6b-9444db174ad3.roa (raw, json)
Hash identifier: lEQVTjmuCRqxW2Yml+Q8NrSOceRS5Njo9CRk0hywiDM=
Subject key identifier: E0:AC:37:48:B8:2D:F4:62:BB:1C:BF:02:56:FF:F2:1A:25:46:A8:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21953A6DC57EA6490209DBB5D5E196919854AB20
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65c46db4-023b-4885-8c6b-9444db174ad3.roa
Signing time: Fri 25 Apr 2025 19:40:49 +0000
ROA not before: Fri 25 Apr 2025 19:40:49 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:c080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:95:3a:6d:c5:7e:a6:49:02:09:db:b5:d5:e1:96:91:98:54:ab:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:40:49 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d1da7d86273514a3fc4022884370ca590eb0ebbfed88fce828716ba4d6ba9310, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:dc:3f:bc:48:10:c6:d0:b5:3f:91:f5:9c:d9:
29:a2:bc:34:31:9d:f9:b3:31:9b:0b:34:22:39:e9:
81:1e:6e:80:ba:8e:81:5e:d5:bf:68:04:7e:4c:15:
59:91:b5:21:d0:32:3b:db:2c:29:55:f0:43:ec:f7:
37:a2:b5:9f:b3:bd:a0:a3:4d:9f:a2:c1:3c:96:40:
28:09:dc:39:7c:82:be:b5:ea:8b:b2:1e:b7:ca:78:
cc:26:d4:c5:05:4c:84:43:bf:2a:07:22:24:cd:ae:
bb:5c:ef:50:05:25:1b:52:be:6e:30:11:2a:0f:af:
c0:f9:64:c8:aa:48:a7:ba:e8:23:4c:e8:ee:a2:73:
91:e3:02:25:2d:ed:3e:fd:b3:a9:24:fd:9f:89:94:
b1:77:b6:2a:1f:bb:82:d3:0b:2d:06:0f:90:dd:9e:
9c:67:cb:f3:b1:3b:24:5b:eb:5f:d8:af:97:9b:d2:
3d:f9:87:9d:aa:0c:40:54:4d:31:14:ff:51:b9:4c:
fc:53:37:d7:b3:32:c8:e1:2e:b6:a0:4e:4e:48:3e:
15:c5:7a:44:f2:33:53:cd:90:b8:c2:10:ae:9a:f0:
62:3a:96:55:e1:47:aa:26:c1:aa:50:ea:0f:a9:c4:
5d:96:b5:b4:c1:aa:7d:40:03:da:74:7b:9f:82:f3:
fb:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:AC:37:48:B8:2D:F4:62:BB:1C:BF:02:56:FF:F2:1A:25:46:A8:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65c46db4-023b-4885-8c6b-9444db174ad3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:c080::/46
Signature Algorithm: sha256WithRSAEncryption
40:9d:16:7e:c0:c4:9e:d5:a8:d8:83:48:71:82:72:10:df:91:
47:80:d4:b5:aa:ec:c0:ce:9a:3d:83:ec:80:6a:7c:00:24:a2:
24:99:24:c1:27:25:e2:c4:36:65:a4:59:71:89:0d:b6:41:13:
36:3d:26:2f:8e:45:c8:b9:4d:5f:c0:0a:91:dc:bf:86:aa:17:
5e:e5:f9:f3:db:16:cc:2d:0f:a4:57:7a:dd:93:48:cc:6b:86:
3a:d8:d4:ec:f4:48:e1:58:f5:4a:ba:93:f6:cd:23:54:7b:57:
c3:9b:75:66:b7:1c:41:11:fd:a2:f8:81:51:a6:78:a3:7c:ea:
b8:e3:6b:9d:1c:26:b6:13:40:90:a7:9b:eb:2e:1d:b4:a4:78:
07:7d:e6:60:9c:20:f5:05:83:b4:25:c9:0b:c5:49:36:a1:af:
dd:26:73:59:ea:4d:9a:8c:98:57:35:fb:dc:48:a5:37:ae:e9:
5f:f1:ea:d6:c0:22:45:93:7b:f7:05:23:53:66:88:78:01:96:
7b:e5:66:38:14:3f:2a:93:15:3f:20:ff:79:1f:75:12:9f:e5:
5d:58:e5:ee:05:a8:9a:4f:03:5b:21:c9:3e:a8:a7:af:5c:94:
d7:96:e0:6c:58:89:22:24:52:36:45:42:14:1e:55:b2:76:87:
8b:13:c4:89
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIZU6bcV+pkkCCdu11eGWkZhUqyAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQwNDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxZGE3ZDg2MjczNTE0YTNmYzQwMjI4ODQzNzBjYTU5MGViMGViYmZlZDg4
ZmNlODI4NzE2YmE0ZDZiYTkzMTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbcP7xIEMbQtT+R9ZzZKaK8NDGd+bMxmws0IjnpgR5ugLqOgV7Vv2gEfkwV
WZG1IdAyO9ssKVXwQ+z3N6K1n7O9oKNNn6LBPJZAKAncOXyCvrXqi7Iet8p4zCbU
xQVMhEO/KgciJM2uu1zvUAUlG1K+bjARKg+vwPlkyKpIp7roI0zo7qJzkeMCJS3t
Pv2zqST9n4mUsXe2Kh+7gtMLLQYPkN2enGfL87E7JFvrX9ivl5vSPfmHnaoMQFRN
MRT/UblM/FM317MyyOEutqBOTkg+FcV6RPIzU82QuMIQrprwYjqWVeFHqibBqlDq
D6nEXZa1tMGqfUAD2nR7n4Lz+0cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTgrDdI
uC30YrscvwJW//IaJUaouTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjVjNDZkYjQtMDIzYi00ODg1LThjNmItOTQ0NGRiMTc0YWQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HvA
gDANBgkqhkiG9w0BAQsFAAOCAQEAQJ0WfsDEntWo2INIcYJyEN+RR4DUtarswM6a
PYPsgGp8ACSiJJkkwScl4sQ2ZaRZcYkNtkETNj0mL45FyLlNX8AKkdy/hqoXXuX5
89sWzC0PpFd63ZNIzGuGOtjU7PRI4Vj1SrqT9s0jVHtXw5t1ZrccQRH9oviBUaZ4
o3zquONrnRwmthNAkKeb6y4dtKR4B33mYJwg9QWDtCXJC8VJNqGv3SZzWepNmoyY
VzX73EilN67pX/Hq1sAiRZN79wUjU2aIeAGWe+VmOBQ/KpMVPyD/eR91Ep/lXVjl
7gWomk8DWyHJPqinr1yU15bgbFiJIiRSNkVCFB5VsnaHixPEiQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:27:05 2025 by rpki-client