Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a8386ee-14fb-4089-92bd-6b4b1c9c01a5.roa
File: 7a8386ee-14fb-4089-92bd-6b4b1c9c01a5.roa (raw, json)
Hash identifier: qFERziF71t10/ifybGPGRz8YVBl5jqbmnzKyzYTcOo0=
Subject key identifier: 70:E1:0E:B3:53:26:CE:9D:BF:41:2B:BA:68:FE:A8:5D:61:7D:5E:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E16B4593C009F3AB08858BFE89D362857F6FBCD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a8386ee-14fb-4089-92bd-6b4b1c9c01a5.roa
Signing time: Fri 25 Apr 2025 19:21:29 +0000
ROA not before: Fri 25 Apr 2025 19:21:29 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:5080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:16:b4:59:3c:00:9f:3a:b0:88:58:bf:e8:9d:36:28:57:f6:fb:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:21:29 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=21344fa09ecfb5fad72e100d8c076930487a6be8cfaf239ba7cf0ce93eb8993b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:29:db:1c:62:ae:31:2b:a8:6c:0f:9e:34:f8:
08:d4:a4:f1:eb:1b:bf:0f:92:16:14:f6:cf:7f:35:
b6:3d:4e:d2:b7:3c:e0:ec:9c:0a:0e:59:67:0c:43:
86:51:82:1f:94:8c:2f:62:e3:57:02:ad:fc:63:31:
97:d4:65:10:22:88:ae:f4:be:57:24:e1:ed:2b:89:
c6:cc:a8:42:3e:69:df:3d:ee:73:e7:df:ae:a8:f2:
6f:ee:11:c9:d2:bd:ec:ae:88:47:4d:48:5c:17:a8:
da:48:28:c2:61:73:c5:d3:d3:ee:76:f6:a4:dc:37:
b4:db:dc:a2:90:28:02:1f:b4:9d:54:65:c7:c1:48:
5a:75:33:f6:a8:cf:a9:90:02:ef:d0:ca:ed:d6:a6:
4f:ba:8f:1a:6b:0a:6b:69:bc:c2:ad:f1:7d:0d:c9:
df:06:98:d8:8b:09:2e:bc:86:8f:13:72:84:19:e2:
c5:7b:cb:bd:45:32:26:3f:94:92:a1:f3:fd:7c:01:
4a:fb:c0:b9:6b:db:fd:e3:f7:5f:8f:b1:44:b3:20:
a0:0d:ed:3d:17:24:4d:0e:d2:c6:77:74:50:c2:1b:
91:5e:72:3a:dc:6e:07:08:cc:03:71:ad:e1:23:60:
af:1d:e4:31:ff:07:50:71:b7:94:bf:2b:6e:16:91:
f1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E1:0E:B3:53:26:CE:9D:BF:41:2B:BA:68:FE:A8:5D:61:7D:5E:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a8386ee-14fb-4089-92bd-6b4b1c9c01a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:5080::/46
Signature Algorithm: sha256WithRSAEncryption
a4:be:4b:dc:6b:b1:a0:21:e9:b4:b4:a4:5c:a5:a9:da:25:39:
15:76:05:5e:89:8c:fa:94:e3:af:56:e2:3c:dd:df:26:14:4d:
85:e8:d5:ec:3e:58:6f:cb:dd:7f:4f:d2:83:a0:4b:da:f8:5f:
45:50:63:a9:67:56:78:3a:f9:88:67:ff:91:b4:83:ac:a1:88:
f7:92:af:68:fc:06:5f:8a:db:7c:b5:3b:ed:c3:79:cd:85:6d:
05:74:53:ca:49:5e:5f:e1:f2:32:0c:0d:d4:85:6c:64:7c:17:
95:cd:cc:45:88:87:15:8c:92:b8:66:e4:2d:de:88:48:67:97:
22:c9:2c:27:6f:0f:10:64:3f:4d:df:12:99:b9:59:c2:ff:74:
a8:8a:35:4a:15:a3:b0:40:fa:f6:a6:7a:43:b2:09:8b:a8:10:
b6:75:c6:3d:65:16:db:da:b5:be:c3:4f:0c:a3:d1:d8:d5:6f:
9d:3c:d0:5a:25:87:53:5c:b3:36:30:ad:0c:06:5a:9f:ce:cd:
b2:22:a8:0c:87:73:c1:4b:fa:78:88:12:1b:45:a9:14:1b:15:
7d:d4:ab:ef:25:d7:a4:82:fa:90:03:11:6d:71:56:3b:8e:bf:
0f:64:84:fc:a2:d4:94:9e:77:64:5b:45:96:37:ec:b5:9e:6f:
e2:16:85:f2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbha0WTwAnzqwiFi/6J02KFf2+80wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIxMjlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxMzQ0ZmEwOWVjZmI1ZmFkNzJlMTAwZDhjMDc2OTMwNDg3YTZiZThjZmFm
MjM5YmE3Y2YwY2U5M2ViODk5M2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4p2xxirjErqGwPnjT4CNSk8esbvw+SFhT2z381tj1O0rc84OycCg5ZZwxD
hlGCH5SML2LjVwKt/GMxl9RlECKIrvS+VyTh7SuJxsyoQj5p3z3uc+ffrqjyb+4R
ydK97K6IR01IXBeo2kgowmFzxdPT7nb2pNw3tNvcopAoAh+0nVRlx8FIWnUz9qjP
qZAC79DK7damT7qPGmsKa2m8wq3xfQ3J3waY2IsJLryGjxNyhBnixXvLvUUyJj+U
kqHz/XwBSvvAuWvb/eP3X4+xRLMgoA3tPRckTQ7Sxnd0UMIbkV5yOtxuBwjMA3Gt
4SNgrx3kMf8HUHG3lL8rbhaR8UcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRw4Q6z
UybOnb9BK7po/qhdYX1eZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2E4Mzg2ZWUtMTRmYi00MDg5LTkyYmQtNmI0YjFjOWMwMWE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVQ
gDANBgkqhkiG9w0BAQsFAAOCAQEApL5L3GuxoCHptLSkXKWp2iU5FXYFXomM+pTj
r1biPN3fJhRNhejV7D5Yb8vdf0/Sg6BL2vhfRVBjqWdWeDr5iGf/kbSDrKGI95Kv
aPwGX4rbfLU77cN5zYVtBXRTykleX+HyMgwN1IVsZHwXlc3MRYiHFYySuGbkLd6I
SGeXIsksJ28PEGQ/Td8SmblZwv90qIo1ShWjsED69qZ6Q7IJi6gQtnXGPWUW29q1
vsNPDKPR2NVvnTzQWiWHU1yzNjCtDAZan87NsiKoDIdzwUv6eIgSG0WpFBsVfdSr
7yXXpIL6kAMRbXFWO46/D2SE/KLUlJ53ZFtFljfstZ5v4haF8g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:14 2025 by rpki-client