Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84f9d9fa-59fe-4651-a60a-2561da098ccb.roa
File: 84f9d9fa-59fe-4651-a60a-2561da098ccb.roa (raw, json)
Hash identifier: KHPRvLJmWV3iqaFyxae5aZ53nDt/3WG6+otdmwSVXEs=
Subject key identifier: 97:99:DC:F4:7F:1C:7F:49:69:E6:87:90:E9:50:45:7A:55:A1:B8:05
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25A0FCB425C8652AECBB79483EDA0BAEDB6724FD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84f9d9fa-59fe-4651-a60a-2561da098ccb.roa
Signing time: Fri 25 Apr 2025 19:31:01 +0000
ROA not before: Fri 25 Apr 2025 19:31:01 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:a0:fc:b4:25:c8:65:2a:ec:bb:79:48:3e:da:0b:ae:db:67:24:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:31:01 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=6c2f45edf47a19ab1cb50b7caa0f2ef3a28a0c6508d6884fd318baa14aaa4aac, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:39:22:8e:06:c1:c1:81:62:66:8d:ac:61:55:
79:b3:cc:02:d5:10:b0:6f:ee:6e:dc:fb:c1:8b:76:
5b:45:bf:50:29:8c:44:2c:86:47:7e:61:77:09:0e:
57:c1:83:f0:45:54:0e:09:a0:36:03:0a:27:1c:4e:
af:93:cc:25:f7:28:f5:00:bd:bf:79:9a:8e:ea:d8:
6a:b5:48:d0:c1:84:fe:2d:41:22:11:4a:6a:4c:76:
e7:26:97:6f:f4:3e:14:d1:d3:9d:dd:92:08:13:c3:
60:f1:d5:1f:23:2b:d3:99:d7:5d:72:ba:98:60:ac:
56:c0:99:45:cc:2b:8b:26:1f:67:fe:8a:1e:4c:77:
36:85:7c:7b:02:83:91:af:68:80:f5:9f:a8:5e:c7:
53:72:f0:ab:e2:04:98:02:50:f3:09:5d:fd:79:a5:
73:d4:24:83:8c:a9:d2:22:28:80:c0:9a:b1:88:60:
4a:1c:94:af:75:47:13:e0:ca:69:22:30:b5:61:c2:
d2:1c:f5:3f:df:13:fd:4c:e7:dd:5b:d7:e4:56:aa:
d0:ad:63:be:27:ba:12:42:98:1f:49:e8:bf:eb:b5:
0a:ae:db:50:f7:80:e6:a5:f8:85:34:73:2e:77:5a:
43:c7:bf:bc:c0:4a:fc:da:e8:1e:45:1a:79:f4:02:
db:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:99:DC:F4:7F:1C:7F:49:69:E6:87:90:E9:50:45:7A:55:A1:B8:05
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84f9d9fa-59fe-4651-a60a-2561da098ccb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8080::/46
Signature Algorithm: sha256WithRSAEncryption
bc:14:81:8b:f1:c3:f4:15:60:2a:ef:17:46:55:a6:4d:a5:3c:
04:48:39:7e:46:ec:8f:10:d5:cd:c7:69:0e:54:f6:8d:2d:c3:
19:58:3a:a1:00:a4:09:35:05:f5:1f:e5:64:23:8e:13:89:4c:
50:90:e3:d0:22:0d:ae:72:9f:69:8c:90:15:0a:95:6b:90:4a:
b6:b8:9f:84:9b:3b:7b:22:3c:b5:80:15:21:dc:a7:dc:53:78:
e1:12:6b:1d:3b:e2:21:df:d9:4b:97:df:20:a3:dd:c0:6c:4a:
d5:84:c2:12:ca:bf:51:7a:c4:54:28:bb:d9:21:db:98:b0:a9:
08:66:0b:3d:a4:d6:b4:66:cf:57:4f:76:76:13:1e:4c:10:0e:
46:d2:28:37:0d:f4:53:03:72:ac:c6:e7:23:4b:e0:0f:0a:05:
11:a1:c8:a7:88:3c:b4:45:68:c3:43:ff:38:04:82:ad:86:bc:
ad:7b:7f:30:ff:ef:98:8d:36:d2:1f:94:38:c5:06:6c:87:52:
38:6b:54:30:87:7d:3e:6b:e6:9e:d4:cb:53:36:3f:c3:c3:65:
88:51:2c:ce:3d:33:fe:2a:13:a5:e3:e7:03:f3:af:d0:f2:ae:
f4:22:31:01:79:8f:3f:b7:80:95:58:0b:e5:63:b9:3b:6d:29:
a2:d9:74:da
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJaD8tCXIZSrsu3lIPtoLrttnJP0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMxMDFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjMmY0NWVkZjQ3YTE5YWIxY2I1MGI3Y2FhMGYyZWYzYTI4YTBjNjUwOGQ2
ODg0ZmQzMThiYWExNGFhYTRhYWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALk5Io4GwcGBYmaNrGFVebPMAtUQsG/ubtz7wYt2W0W/UCmMRCyGR35hdwkO
V8GD8EVUDgmgNgMKJxxOr5PMJfco9QC9v3majurYarVI0MGE/i1BIhFKakx25yaX
b/Q+FNHTnd2SCBPDYPHVHyMr05nXXXK6mGCsVsCZRcwriyYfZ/6KHkx3NoV8ewKD
ka9ogPWfqF7HU3Lwq+IEmAJQ8wld/Xmlc9Qkg4yp0iIogMCasYhgShyUr3VHE+DK
aSIwtWHC0hz1P98T/Uzn3VvX5Faq0K1jvie6EkKYH0nov+u1Cq7bUPeA5qX4hTRz
LndaQ8e/vMBK/NroHkUaefQC2/MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSXmdz0
fxx/SWnmh5DpUEV6VaG4BTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODRmOWQ5ZmEtNTlmZS00NjUxLWE2MGEtMjU2MWRhMDk4Y2NiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWA
gDANBgkqhkiG9w0BAQsFAAOCAQEAvBSBi/HD9BVgKu8XRlWmTaU8BEg5fkbsjxDV
zcdpDlT2jS3DGVg6oQCkCTUF9R/lZCOOE4lMUJDj0CINrnKfaYyQFQqVa5BKtrif
hJs7eyI8tYAVIdyn3FN44RJrHTviId/ZS5ffIKPdwGxK1YTCEsq/UXrEVCi72SHb
mLCpCGYLPaTWtGbPV092dhMeTBAORtIoNw30UwNyrMbnI0vgDwoFEaHIp4g8tEVo
w0P/OASCrYa8rXt/MP/vmI020h+UOMUGbIdSOGtUMId9PmvmntTLUzY/w8NliFEs
zj0z/ioTpePnA/Ov0PKu9CIxAXmPP7eAlVgL5WO5O20potl02g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:54 2025 by rpki-client