Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c96d135-34ab-4cee-8a1e-08bfcd6af2f4.roa
File: 8c96d135-34ab-4cee-8a1e-08bfcd6af2f4.roa (raw, json)
Hash identifier: quzdJCsGHPGhiDWD+R6KOJK3l66LkTlIVktJs+oUrZQ=
Subject key identifier: 16:5C:D1:71:53:AB:E8:98:A0:78:EE:D6:DF:01:54:48:1B:6D:1A:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47D9322F720B68AF06E7FD7B659A457F1BB885E3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c96d135-34ab-4cee-8a1e-08bfcd6af2f4.roa
Signing time: Fri 25 Apr 2025 18:20:43 +0000
ROA not before: Fri 25 Apr 2025 18:20:43 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:d9:32:2f:72:0b:68:af:06:e7:fd:7b:65:9a:45:7f:1b:b8:85:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:20:43 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=2d3c7fb763558caaf77d4837bd36f3b8b7e40c4f6ef4c65b04f812623801b66a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:23:f4:d9:8e:f4:a4:64:68:e4:e9:eb:68:73:
a3:db:24:75:cf:16:b9:b3:5d:98:e4:f8:2a:4f:d5:
b7:39:89:73:04:95:39:39:88:20:cc:ab:64:e4:37:
1a:92:83:fc:ca:b0:10:4d:33:f9:ca:fb:f0:79:1d:
c3:14:fd:cf:d5:7e:ed:6b:4a:f7:f4:d6:c4:bd:de:
e1:03:65:a0:8c:53:c8:df:32:7a:a8:84:39:f4:55:
b6:d6:d6:d9:ff:35:bb:b6:99:f1:3b:e9:07:80:d9:
66:3b:f7:c9:1a:28:2c:8e:ac:4d:a7:64:fb:ef:d4:
7a:7c:5f:cb:26:0f:b3:85:a3:7b:d9:74:ab:ae:9c:
1c:89:d7:62:2e:1c:36:69:71:28:62:5d:86:2e:e0:
98:64:1f:49:e2:5d:13:25:13:94:ef:b0:db:94:09:
72:4d:cc:ac:49:da:aa:8a:b7:0c:60:4e:c9:80:b5:
10:29:ca:34:b0:2a:50:51:83:0f:33:ad:0e:25:06:
e1:14:be:77:b6:bf:40:f7:3e:ef:c9:a4:76:58:ad:
c0:e4:c0:46:b2:d2:7c:49:5b:ab:cb:e5:66:7f:80:
79:9e:1e:eb:d5:07:9c:e1:0d:96:1d:08:71:3b:1b:
3b:39:44:59:af:f0:2d:8c:93:2f:26:52:26:f1:27:
7c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:5C:D1:71:53:AB:E8:98:A0:78:EE:D6:DF:01:54:48:1B:6D:1A:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c96d135-34ab-4cee-8a1e-08bfcd6af2f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
4c:c6:dd:b7:c1:3c:95:ba:d8:77:c4:12:bb:25:78:86:6f:e8:
5b:e0:f1:39:ba:bc:ab:f0:74:3b:0e:e1:0f:9e:81:3b:09:ae:
63:a7:1e:f8:36:6d:1f:09:47:be:31:6f:d5:6f:6d:72:0e:e7:
b0:2a:1f:57:58:84:74:9d:13:59:60:d2:2c:71:c4:82:8c:b4:
63:a0:d3:10:7d:52:ac:71:e7:0b:4c:f7:1e:66:24:c0:a4:73:
08:17:ea:e9:1b:15:64:e1:b6:48:32:89:c2:9c:2d:b9:3d:96:
d0:56:e0:12:2a:a5:31:d9:37:5d:06:5b:57:be:26:c7:d7:34:
5a:87:f0:cb:05:b3:06:0b:a7:61:3d:3d:f8:3d:8b:31:e0:36:
b9:a4:6b:4b:5a:0c:40:c0:14:34:08:fc:58:f0:46:8c:bf:69:
cb:2f:28:f1:29:0e:56:04:32:02:e9:55:8a:a7:db:c2:c2:1e:
d5:59:53:ff:3d:f8:99:52:34:16:8c:4c:9f:e7:08:56:32:c3:
8e:7c:f1:16:ed:f2:43:7a:40:36:85:08:fc:f4:7d:a1:cd:9c:
00:9a:64:bd:a3:9e:b6:05:d3:fb:52:3f:45:81:ca:90:35:ca:
3a:32:61:a8:c8:88:2b:40:73:2b:47:0a:5b:c6:a2:99:82:b0:
48:9a:dc:d6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUR9kyL3ILaK8G5/17ZZpFfxu4heMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODIwNDNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkM2M3ZmI3NjM1NThjYWFmNzdkNDgzN2JkMzZmM2I4YjdlNDBjNGY2ZWY0
YzY1YjA0ZjgxMjYyMzgwMWI2NmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYj9NmO9KRkaOTp62hzo9skdc8WubNdmOT4Kk/VtzmJcwSVOTmIIMyrZOQ3
GpKD/MqwEE0z+cr78HkdwxT9z9V+7WtK9/TWxL3e4QNloIxTyN8yeqiEOfRVttbW
2f81u7aZ8TvpB4DZZjv3yRooLI6sTadk++/UenxfyyYPs4Wje9l0q66cHInXYi4c
NmlxKGJdhi7gmGQfSeJdEyUTlO+w25QJck3MrEnaqoq3DGBOyYC1ECnKNLAqUFGD
DzOtDiUG4RS+d7a/QPc+78mkdlitwOTARrLSfElbq8vlZn+AeZ4e69UHnOENlh0I
cTsbOzlEWa/wLYyTLyZSJvEnfP8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQWXNFx
U6vomKB47tbfAVRIG20arjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGM5NmQxMzUtMzRhYi00Y2VlLThhMWUtMDhiZmNkNmFmMmY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSg
wDANBgkqhkiG9w0BAQsFAAOCAQEATMbdt8E8lbrYd8QSuyV4hm/oW+DxObq8q/B0
Ow7hD56BOwmuY6ce+DZtHwlHvjFv1W9tcg7nsCofV1iEdJ0TWWDSLHHEgoy0Y6DT
EH1SrHHnC0z3HmYkwKRzCBfq6RsVZOG2SDKJwpwtuT2W0FbgEiqlMdk3XQZbV74m
x9c0WofwywWzBgunYT09+D2LMeA2uaRrS1oMQMAUNAj8WPBGjL9pyy8o8SkOVgQy
AulViqfbwsIe1VlT/z34mVI0FoxMn+cIVjLDjnzxFu3yQ3pANoUI/PR9oc2cAJpk
vaOetgXT+1I/RYHKkDXKOjJhqMiIK0BzK0cKW8aimYKwSJrc1g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:30 2025 by rpki-client