Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
File: 68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa (raw, json)
Hash identifier: V5uuPStueq+Ax+dyDwBOyzqFzQ6/jPQZr2AFix+l9ho=
Subject key identifier: D3:96:CC:CE:64:CD:32:AD:38:7A:10:69:F3:FD:8D:9F:5A:AB:7A:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 212F0454D07B9A856FE3090C40C765DDBBA49174
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
Signing time: Fri 25 Apr 2025 18:40:10 +0000
ROA not before: Fri 25 Apr 2025 18:40:10 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:2f:04:54:d0:7b:9a:85:6f:e3:09:0c:40:c7:65:dd:bb:a4:91:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:40:10 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=8c19e3138d568f8d5c1d99446c7854b0abbfa8dc1c60f570e09e9eaa1593b269, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:cc:be:59:65:30:d5:3e:c0:aa:0c:32:e1:ef:
fd:40:a1:e8:87:35:4c:7b:97:64:58:4b:32:ba:97:
dd:bf:61:ea:ec:c1:01:5c:67:ec:b6:01:ee:84:82:
ba:8d:27:86:b9:47:7c:d3:68:79:6b:3b:0a:67:86:
14:af:9d:70:3f:48:16:6c:b2:40:a1:6f:ac:55:7c:
ac:d5:89:e4:bc:f2:ea:9b:5f:aa:58:3c:32:4f:d0:
08:1a:af:c0:26:d0:fd:40:5b:20:2c:08:66:f5:c9:
a3:fe:4d:cc:81:0e:2e:da:a3:d1:f3:a6:68:ed:6a:
6f:8c:1a:b0:dd:ad:32:3c:eb:08:49:df:71:35:24:
04:0e:50:08:d4:5c:d0:f0:53:24:77:ca:6c:d6:b4:
8d:77:69:f7:68:bd:33:ba:4f:03:25:7a:57:78:2d:
0e:ef:dd:30:a6:e9:e7:18:22:e4:72:81:3e:28:9a:
b4:f9:52:6d:54:40:3f:86:44:5a:0c:09:b2:a9:82:
b3:29:38:0e:f2:94:ed:15:ef:b8:06:74:9c:ee:b7:
5f:89:e8:fd:73:c0:19:c1:d7:32:fd:80:d8:5e:5c:
4c:c9:b6:60:cf:27:43:67:68:20:e7:dc:b9:be:44:
de:47:05:ef:61:8d:d8:8f:b8:28:b6:00:5e:dd:90:
6b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:96:CC:CE:64:CD:32:AD:38:7A:10:69:F3:FD:8D:9F:5A:AB:7A:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c000::/40
Signature Algorithm: sha256WithRSAEncryption
7d:fa:49:a6:0f:bb:d5:6f:cb:07:ee:4b:6c:de:d5:7d:01:46:
24:6e:54:51:97:86:30:29:ce:d0:49:70:3a:08:52:6b:bb:f2:
f6:e1:db:e1:13:a5:bc:22:e5:dd:ec:73:d9:ac:be:d3:d7:99:
14:85:c2:9c:68:9a:aa:13:a2:5e:be:d6:21:fe:ce:4e:61:d1:
b4:71:08:3f:c9:5e:de:d3:9d:72:90:83:2a:4f:cd:37:76:17:
92:b6:a7:95:ea:6c:6e:a9:2a:10:ab:10:34:69:99:d2:b3:20:
2e:22:bd:0c:de:00:e7:54:9e:0c:17:48:b7:ca:c6:19:b5:02:
9c:16:91:2a:37:19:78:9d:12:21:dd:36:c9:03:7f:cf:ca:43:
e3:f3:50:70:01:0b:1c:f4:ea:77:b9:8f:1c:c2:8a:59:2e:f2:
bc:57:31:fc:ad:4c:cd:07:d8:f7:6a:a9:23:fe:22:36:c5:f0:
48:f9:a5:56:93:68:d3:d0:ef:39:9e:c7:bf:fe:ce:67:8d:85:
e2:ef:4b:d7:34:c0:5a:e5:3d:38:23:64:c9:82:1d:66:d8:04:
86:e4:14:ab:e7:a3:d0:da:ee:fc:78:27:95:65:6f:31:3d:2d:
f3:be:d8:8d:34:85:11:8d:2a:8c:c1:4b:f6:4d:53:8e:02:39:
52:5a:00:0a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIS8EVNB7moVv4wkMQMdl3bukkXQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQwMTBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjMTllMzEzOGQ1NjhmOGQ1YzFkOTk0NDZjNzg1NGIwYWJiZmE4ZGMxYzYw
ZjU3MGUwOWU5ZWFhMTU5M2IyNjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMfMvlllMNU+wKoMMuHv/UCh6Ic1THuXZFhLMrqX3b9h6uzBAVxn7LYB7oSC
uo0nhrlHfNNoeWs7CmeGFK+dcD9IFmyyQKFvrFV8rNWJ5Lzy6ptfqlg8Mk/QCBqv
wCbQ/UBbICwIZvXJo/5NzIEOLtqj0fOmaO1qb4wasN2tMjzrCEnfcTUkBA5QCNRc
0PBTJHfKbNa0jXdp92i9M7pPAyV6V3gtDu/dMKbp5xgi5HKBPiiatPlSbVRAP4ZE
WgwJsqmCsyk4DvKU7RXvuAZ0nO63X4no/XPAGcHXMv2A2F5cTMm2YM8nQ2doIOfc
ub5E3kcF72GN2I+4KLYAXt2QawcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTTlszO
ZM0yrTh6EGnz/Y2fWqt6kTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhiNmZkM2UtZTA2Yy00NDU2LWJkODgtNmU4ZDljZTkyYjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HLA
MA0GCSqGSIb3DQEBCwUAA4IBAQB9+kmmD7vVb8sH7kts3tV9AUYkblRRl4YwKc7Q
SXA6CFJru/L24dvhE6W8IuXd7HPZrL7T15kUhcKcaJqqE6JevtYh/s5OYdG0cQg/
yV7e051ykIMqT803dheStqeV6mxuqSoQqxA0aZnSsyAuIr0M3gDnVJ4MF0i3ysYZ
tQKcFpEqNxl4nRIh3TbJA3/PykPj81BwAQsc9Op3uY8cwopZLvK8VzH8rUzNB9j3
aqkj/iI2xfBI+aVWk2jT0O85nse//s5njYXi70vXNMBa5T04I2TJgh1m2ASG5BSr
56PQ2u78eCeVZW8xPS3zvtiNNIURjSqMwUv2TVOOAjlSWgAK
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:50 2025 by rpki-client