Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72ef8dd0-6820-429d-9dd5-d75f593bc729.roa
File: 72ef8dd0-6820-429d-9dd5-d75f593bc729.roa (raw, json)
Hash identifier: jE5MqWQ+NrsbbsIMzobVV2r6baima4yOzE99LgdmR0A=
Subject key identifier: F9:04:2B:4B:88:9C:A3:6E:72:7D:5D:71:A3:8C:66:6E:3B:1B:92:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 19A162AA6F1357D887A3D51C60EC758F58127EAF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72ef8dd0-6820-429d-9dd5-d75f593bc729.roa
Signing time: Fri 25 Apr 2025 18:10:15 +0000
ROA not before: Fri 25 Apr 2025 18:10:15 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:a1:62:aa:6f:13:57:d8:87:a3:d5:1c:60:ec:75:8f:58:12:7e:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:10:15 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=7f143c63ef2bc2fe481369f23847ca95d21bea515f666dc5a95573d915ef33c3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ed:da:aa:18:cf:f2:fa:23:09:8a:5b:4d:6a:
29:1e:5a:2b:4f:8f:00:f0:02:00:6a:91:99:4c:2e:
ad:c2:cb:cb:cf:78:58:72:13:34:d3:a6:b8:c9:a4:
76:5a:7c:c7:18:1e:19:1c:86:8b:15:a0:26:87:ec:
5f:b8:2a:f2:25:82:f4:92:a6:f6:85:c4:d4:bb:e1:
d9:00:9b:44:c3:62:3c:cb:a1:ab:7d:33:81:4f:5b:
93:82:23:0e:49:f7:46:21:5c:b1:9e:3d:eb:14:fe:
c7:7f:ec:5d:50:c2:32:57:4a:d6:9e:dd:2f:67:eb:
ad:56:15:08:9f:c8:2b:d8:3c:78:3f:af:e6:12:08:
b2:37:66:e1:09:33:f8:ca:eb:69:0d:d2:b7:16:f4:
d1:43:00:b1:4e:04:d2:db:62:8d:6f:2a:9d:66:9c:
bd:56:09:d6:90:db:a7:29:2f:40:d1:3e:ab:28:84:
81:bb:5b:3d:bd:a1:07:b2:db:f4:8a:f3:32:05:b1:
34:6e:8b:77:f1:b7:ac:1f:c4:8b:46:29:7c:02:0a:
3a:5a:f8:ee:6b:62:7d:e5:b1:c4:5c:7b:82:7b:55:
0c:01:2d:e3:ac:d3:4e:e1:41:f8:99:4d:2a:d1:89:
77:b4:47:01:46:8e:3c:ef:93:05:ea:1d:e5:47:be:
6b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:04:2B:4B:88:9C:A3:6E:72:7D:5D:71:A3:8C:66:6E:3B:1B:92:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72ef8dd0-6820-429d-9dd5-d75f593bc729.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:5080::/48
Signature Algorithm: sha256WithRSAEncryption
4e:e0:16:28:9c:26:6e:53:37:bb:bc:c2:4b:2d:fe:1b:09:cb:
bf:d5:5d:22:76:56:74:71:66:49:df:f9:3e:57:ce:d5:7e:b7:
a1:5f:4d:f8:dd:98:87:0f:88:1a:c7:d6:ee:56:35:92:57:0c:
e0:da:61:70:6a:3b:79:a7:7a:66:e2:53:06:b0:de:b2:92:af:
3f:3c:9d:bc:75:ea:8e:26:fc:fd:a5:98:26:1e:9b:da:07:e4:
f4:1b:62:47:55:16:bd:b6:18:73:3c:1b:53:a0:e7:26:4b:e7:
ed:96:4a:d4:3d:3d:16:c4:95:de:76:f7:6e:ac:b2:a0:3b:08:
68:d3:40:d0:bf:0d:b9:a0:77:43:10:f4:1d:fe:25:87:56:ec:
e6:c9:ef:48:c8:1e:a3:54:7e:8e:01:bb:a8:b5:8a:c9:27:d7:
9d:97:df:14:be:d8:e0:f4:64:c5:82:2c:22:fc:e2:99:3a:1a:
52:8e:fb:ad:6c:55:06:a0:96:3b:5b:8a:af:02:d4:7e:3d:d8:
2e:f1:67:3f:9b:1e:da:83:61:f9:5a:72:20:96:d6:63:a2:1e:
06:0b:64:f7:ef:57:bf:36:b3:2d:f7:0c:36:20:b8:2b:d5:28:
dc:b1:ef:16:7d:0d:59:86:52:f8:45:8f:66:96:4b:a6:39:9f:
cd:13:63:ae
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGaFiqm8TV9iHo9UcYOx1j1gSfq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODEwMTVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmMTQzYzYzZWYyYmMyZmU0ODEzNjlmMjM4NDdjYTk1ZDIxYmVhNTE1ZjY2
NmRjNWE5NTU3M2Q5MTVlZjMzYzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMft2qoYz/L6IwmKW01qKR5aK0+PAPACAGqRmUwurcLLy894WHITNNOmuMmk
dlp8xxgeGRyGixWgJofsX7gq8iWC9JKm9oXE1Lvh2QCbRMNiPMuhq30zgU9bk4Ij
Dkn3RiFcsZ496xT+x3/sXVDCMldK1p7dL2frrVYVCJ/IK9g8eD+v5hIIsjdm4Qkz
+MrraQ3Stxb00UMAsU4E0ttijW8qnWacvVYJ1pDbpykvQNE+qyiEgbtbPb2hB7Lb
9IrzMgWxNG6Ld/G3rB/Ei0YpfAIKOlr47mtifeWxxFx7gntVDAEt46zTTuFB+JlN
KtGJd7RHAUaOPO+TBeod5Ue+a80CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT5BCtL
iJyjbnJ9XXGjjGZuOxuSLDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzJlZjhkZDAtNjgyMC00MjlkLTlkZDUtZDc1ZjU5M2JjNzI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HRQ
gDANBgkqhkiG9w0BAQsFAAOCAQEATuAWKJwmblM3u7zCSy3+GwnLv9VdInZWdHFm
Sd/5PlfO1X63oV9N+N2Yhw+IGsfW7lY1klcM4NphcGo7ead6ZuJTBrDespKvPzyd
vHXqjib8/aWYJh6b2gfk9BtiR1UWvbYYczwbU6DnJkvn7ZZK1D09FsSV3nb3bqyy
oDsIaNNA0L8NuaB3QxD0Hf4lh1bs5snvSMgeo1R+jgG7qLWKySfXnZffFL7Y4PRk
xYIsIvzimToaUo77rWxVBqCWO1uKrwLUfj3YLvFnP5se2oNh+VpyIJbWY6IeBgtk
9+9XvzazLfcMNiC4K9Uo3LHvFn0NWYZS+EWPZpZLpjmfzRNjrg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:10 2025 by rpki-client