Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
File: 89b0de0f-6d7a-449d-a144-e777ce29ce82.roa (raw, json)
Hash identifier: FDOf4wm2luvtCsCSvkrPGDaficaC2tOVCU6MbAu463g=
Subject key identifier: 0E:C5:E3:3A:A5:8A:9D:D8:EB:AE:3D:D0:FB:EC:32:81:F5:F1:CF:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74A6321DFF87783922558B216CC4A2948A78F163
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
Signing time: Fri 25 Apr 2025 19:10:42 +0000
ROA not before: Fri 25 Apr 2025 19:10:42 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:a6:32:1d:ff:87:78:39:22:55:8b:21:6c:c4:a2:94:8a:78:f1:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:10:42 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b450f0489fb564f020d9c7278dc80598b7c6e2d0f96b957fe321309215cd89c7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:04:f4:33:0c:17:39:f2:1b:22:a8:f4:2d:34:
63:27:25:22:5c:08:09:82:eb:c7:ff:e6:06:a3:c4:
79:2c:2a:c6:58:05:64:9b:d8:8f:42:81:75:9b:c5:
f2:16:ed:a0:13:da:ee:6e:5a:aa:7b:b5:3a:7e:90:
0f:50:44:6e:05:1e:33:48:65:e3:fb:2a:e1:04:58:
d2:57:b8:28:05:38:09:ad:72:fc:d5:ba:0e:c2:96:
2d:03:ad:f9:7d:45:64:e1:b8:32:98:c7:0c:58:76:
ad:51:3c:56:a6:89:ce:65:a3:8c:17:61:66:1e:12:
db:70:1e:34:31:a4:46:17:6e:1e:0d:b0:02:be:5b:
1c:38:d0:51:8f:aa:11:c8:88:9f:b6:d3:e6:bb:0c:
76:f3:30:e2:0a:6b:80:f5:d5:f8:cf:cf:1d:92:f0:
9a:74:13:f3:9b:4d:5c:81:f3:f4:d8:e1:1b:40:c9:
76:7d:27:7a:26:5b:3e:60:b9:64:8d:46:f4:27:e9:
b3:49:88:86:b0:da:74:c1:1a:39:e1:80:c6:f4:eb:
be:b3:81:06:f3:07:fc:7f:88:8c:4f:8f:4b:2a:c0:
24:9a:1a:8c:80:6b:e1:68:c7:e8:02:87:41:05:54:
ac:76:c8:58:ea:38:bd:b4:c3:fa:0c:d8:4e:c8:0f:
b7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:C5:E3:3A:A5:8A:9D:D8:EB:AE:3D:D0:FB:EC:32:81:F5:F1:CF:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c000::/40
Signature Algorithm: sha256WithRSAEncryption
64:47:be:5b:82:3d:7c:f9:85:c5:b2:fd:ad:3b:64:78:3a:7c:
0c:18:d9:ca:51:74:09:5f:a8:c3:a9:f7:d5:4a:9a:d2:0d:c4:
25:81:df:92:ab:44:76:5b:66:90:ff:4b:0e:0b:fb:44:74:b7:
f0:57:f4:c6:7f:bd:e5:50:b7:4c:f2:9c:02:f3:91:7e:e3:2e:
38:2b:3c:67:b7:cd:db:a2:ea:17:19:9a:2a:45:34:9d:f3:1d:
28:00:61:b1:c0:8a:b8:02:c3:66:93:e6:20:45:53:9a:8a:3f:
6c:6d:37:bc:0e:75:35:0f:fb:b0:08:88:0a:32:16:6f:d8:56:
7c:01:8d:89:f8:13:e2:6a:16:59:bd:66:e0:31:dd:f4:67:78:
4b:b6:52:0a:16:48:ac:b3:3c:56:e6:2e:9b:0d:b8:05:fd:78:
99:55:49:2a:62:f5:86:3f:d0:2e:84:2c:c1:8e:01:f5:cf:de:
36:c9:dd:3b:16:28:fe:48:64:7e:a5:ec:44:84:41:76:03:e0:
8a:ac:4e:f2:fa:64:2b:3e:26:43:46:b8:5b:16:f2:4f:b3:29:
b8:d8:00:ce:68:70:f0:32:f5:8c:07:78:d4:e2:22:97:04:11:
eb:20:5b:ab:62:f5:bc:8c:95:2a:d1:77:67:bc:2e:2a:c3:11:
8e:c2:50:c9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdKYyHf+HeDkiVYshbMSilIp48WMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTEwNDJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0NTBmMDQ4OWZiNTY0ZjAyMGQ5YzcyNzhkYzgwNTk4YjdjNmUyZDBmOTZi
OTU3ZmUzMjEzMDkyMTVjZDg5YzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkE9DMMFznyGyKo9C00YyclIlwICYLrx//mBqPEeSwqxlgFZJvYj0KBdZvF
8hbtoBPa7m5aqnu1On6QD1BEbgUeM0hl4/sq4QRY0le4KAU4Ca1y/NW6DsKWLQOt
+X1FZOG4MpjHDFh2rVE8VqaJzmWjjBdhZh4S23AeNDGkRhduHg2wAr5bHDjQUY+q
EciIn7bT5rsMdvMw4gprgPXV+M/PHZLwmnQT85tNXIHz9NjhG0DJdn0neiZbPmC5
ZI1G9Cfps0mIhrDadMEaOeGAxvTrvrOBBvMH/H+IjE+PSyrAJJoajIBr4WjH6AKH
QQVUrHbIWOo4vbTD+gzYTsgPtyECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQOxeM6
pYqd2OuuPdD77DKB9fHPezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODliMGRlMGYtNmQ3YS00NDlkLWExNDQtZTc3N2NlMjljZTgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADA
MA0GCSqGSIb3DQEBCwUAA4IBAQBkR75bgj18+YXFsv2tO2R4OnwMGNnKUXQJX6jD
qffVSprSDcQlgd+Sq0R2W2aQ/0sOC/tEdLfwV/TGf73lULdM8pwC85F+4y44Kzxn
t83bouoXGZoqRTSd8x0oAGGxwIq4AsNmk+YgRVOaij9sbTe8DnU1D/uwCIgKMhZv
2FZ8AY2J+BPiahZZvWbgMd30Z3hLtlIKFkisszxW5i6bDbgF/XiZVUkqYvWGP9Au
hCzBjgH1z942yd07Fij+SGR+pexEhEF2A+CKrE7y+mQrPiZDRrhbFvJPsym42ADO
aHDwMvWMB3jU4iKXBBHrIFurYvW8jJUq0XdnvC4qwxGOwlDJ
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:22 2025 by rpki-client