Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bbd25c8-3460-4cc0-b71f-27d04e964e37.roa
File: 7bbd25c8-3460-4cc0-b71f-27d04e964e37.roa (raw, json)
Hash identifier: O6hl2lMpkjjf2VMphxHtlK0Eo654wfQkayJVnqdveH8=
Subject key identifier: D5:AC:FC:3D:2F:BE:F2:1E:BC:E7:9A:74:C5:0A:88:DD:0A:6C:FE:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B64DB32FA18A23F631FB0479A2546C1E05D126B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bbd25c8-3460-4cc0-b71f-27d04e964e37.roa
Signing time: Tue 01 Apr 2025 15:01:26 +0000
ROA not before: Tue 01 Apr 2025 15:01:26 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:64:db:32:fa:18:a2:3f:63:1f:b0:47:9a:25:46:c1:e0:5d:12:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 15:01:26 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=fa20a6a72a446d75da4064740adf7d1d99427405263cbc98427f3bc924579f37, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:63:6a:5e:cc:95:72:c3:78:d3:38:3b:21:f9:
8c:cd:a5:d6:50:18:96:dd:f9:bb:67:52:b0:d4:4f:
7c:47:f6:be:a5:a2:9d:a6:b0:8a:70:aa:d2:18:c8:
7d:d6:da:2a:f8:0f:00:dd:4a:e4:61:de:5d:62:e6:
78:8c:2b:dd:0d:33:87:13:47:e4:f6:24:fb:1f:e6:
39:42:8f:fb:73:80:de:9e:da:28:fc:31:86:d7:7b:
8c:c7:98:d1:e0:3e:6a:93:82:7b:a4:56:d4:ec:3a:
da:8d:70:ca:6f:53:b7:f6:b9:6f:e7:39:0e:af:88:
e2:1a:40:9b:4f:63:14:47:41:00:59:cf:65:3c:ee:
67:3b:47:3b:a1:3a:e4:85:0e:d9:fc:51:81:67:5a:
36:9d:ca:6e:ec:a0:21:85:2d:ba:29:6c:e1:39:7e:
a6:05:1c:49:d6:72:7f:5f:c8:3e:cd:cb:82:74:07:
92:eb:3c:66:b2:85:0e:9b:20:12:68:7d:07:cc:01:
02:e0:d5:73:e9:a4:01:57:5d:76:7a:b5:fa:4d:d7:
7a:9e:bb:9b:21:8f:47:53:e9:59:14:c3:d2:64:9e:
1e:e7:60:bf:b2:95:6a:df:08:39:95:58:6e:5f:32:
11:9e:3b:19:2f:c0:4f:00:6a:52:55:97:0b:9d:8c:
bf:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:AC:FC:3D:2F:BE:F2:1E:BC:E7:9A:74:C5:0A:88:DD:0A:6C:FE:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bbd25c8-3460-4cc0-b71f-27d04e964e37.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:e000::/40
Signature Algorithm: sha256WithRSAEncryption
18:b4:8b:04:f6:da:cc:13:98:2b:82:71:12:a7:6a:c3:7b:b2:
0a:bc:e7:9a:ba:54:60:cc:11:a7:bb:07:86:48:64:a8:8e:f4:
42:e1:c5:18:c0:eb:69:ff:d5:8c:b1:07:b8:59:76:6d:bc:f5:
d0:3a:1a:84:97:03:01:2f:c1:05:19:31:02:73:4e:38:cf:4c:
f2:5e:a1:8e:27:5a:83:1d:91:38:38:5f:03:87:35:42:a0:7d:
53:c6:a4:cb:8f:31:be:ef:59:1c:77:33:4f:9a:c4:b5:98:c4:
67:8e:c8:e6:43:b8:52:83:d4:bf:70:c9:f4:26:ad:8d:62:d2:
5c:eb:f3:d6:5b:5d:6d:00:11:f3:e8:b1:ae:4d:90:fe:b2:6e:
95:f9:b6:67:69:b3:11:cf:85:9e:7f:40:eb:9e:46:c1:00:20:
5b:ac:26:42:4a:62:9b:a5:e2:42:f6:de:6f:aa:1d:0e:16:81:
be:fe:a0:0a:7d:cf:f3:28:c6:c7:c9:d0:20:d1:0a:07:92:68:
17:4c:6b:98:ef:63:e6:06:fb:3b:16:60:f0:7d:77:9b:95:36:
e5:5f:3a:c2:d2:11:4d:69:63:e4:c4:37:54:ab:2a:5e:05:a9:
72:93:38:b5:b1:fd:e1:f1:e5:54:b5:cc:f3:2f:bf:48:af:af:
0e:2d:f4:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG2TbMvoYoj9jH7BHmiVGweBdEmswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDExNTAxMjZaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhMjBhNmE3MmE0NDZkNzVkYTQwNjQ3NDBhZGY3ZDFkOTk0Mjc0MDUyNjNj
YmM5ODQyN2YzYmM5MjQ1NzlmMzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVjal7MlXLDeNM4OyH5jM2l1lAYlt35u2dSsNRPfEf2vqWinaawinCq0hjI
fdbaKvgPAN1K5GHeXWLmeIwr3Q0zhxNH5PYk+x/mOUKP+3OA3p7aKPwxhtd7jMeY
0eA+apOCe6RW1Ow62o1wym9Tt/a5b+c5Dq+I4hpAm09jFEdBAFnPZTzuZztHO6E6
5IUO2fxRgWdaNp3KbuygIYUtuils4Tl+pgUcSdZyf1/IPs3LgnQHkus8ZrKFDpsg
Emh9B8wBAuDVc+mkAVdddnq1+k3Xep67myGPR1PpWRTD0mSeHudgv7KVat8IOZVY
bl8yEZ47GS/ATwBqUlWXC52Mvw0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVrPw9
L77yHrznmnTFCojdCmz+uTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2JiZDI1YzgtMzQ2MC00Y2MwLWI3MWYtMjdkMDRlOTY0ZTM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fng
MA0GCSqGSIb3DQEBCwUAA4IBAQAYtIsE9trME5grgnESp2rDe7IKvOeaulRgzBGn
uweGSGSojvRC4cUYwOtp/9WMsQe4WXZtvPXQOhqElwMBL8EFGTECc044z0zyXqGO
J1qDHZE4OF8DhzVCoH1TxqTLjzG+71kcdzNPmsS1mMRnjsjmQ7hSg9S/cMn0Jq2N
YtJc6/PWW11tABHz6LGuTZD+sm6V+bZnabMRz4Wef0DrnkbBACBbrCZCSmKbpeJC
9t5vqh0OFoG+/qAKfc/zKMbHydAg0QoHkmgXTGuY72PmBvs7FmDwfXeblTblXzrC
0hFNaWPkxDdUqypeBalykzi1sf3h8eVUtczzL79Ir68OLfTu
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:44 2025 by rpki-client