Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92344a76-d582-4bc9-8fcb-d28a7cd833f1.roa
File: 92344a76-d582-4bc9-8fcb-d28a7cd833f1.roa (raw, json)
Hash identifier: 2aU57JysCIOGVzyZ22BCrZPKH4lAllSloH8KDbaIUgE=
Subject key identifier: 76:26:50:90:DF:09:2F:AF:DE:A9:B4:61:18:68:DF:46:00:AE:A3:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11DCE96C29B06A7E8EF3989E375FAAC5CC908B7F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92344a76-d582-4bc9-8fcb-d28a7cd833f1.roa
Signing time: Fri 25 Apr 2025 18:50:43 +0000
ROA not before: Fri 25 Apr 2025 18:50:43 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:dc:e9:6c:29:b0:6a:7e:8e:f3:98:9e:37:5f:aa:c5:cc:90:8b:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:50:43 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=3f007f4d3c90cd48f58a0d0c506cff618c3e3082b108de7a2fdda6e0f529a479, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2e:39:7d:c7:75:1e:fb:40:a6:10:c9:33:2e:
e2:d5:ee:52:a1:97:8d:f3:bf:61:3c:99:62:d0:82:
56:d5:c1:b6:11:e3:fa:96:d8:b9:b4:e0:1d:cc:67:
ac:31:e4:eb:9b:80:59:53:99:7d:4b:93:81:ea:42:
d2:69:10:67:e1:d9:02:5b:95:7a:ea:0c:5a:4a:a4:
36:6f:2a:00:64:04:51:9e:c6:4b:87:cb:d4:dc:d1:
e0:47:73:4c:dd:da:4f:af:3e:77:1b:c3:db:f7:c4:
26:d0:e9:2d:43:8e:68:73:ba:06:5e:80:ba:0e:6a:
ad:b2:6b:dd:87:86:a8:98:9a:3f:6c:eb:7a:9b:13:
0c:67:5e:b7:a6:18:f9:d8:69:62:bf:70:ac:5a:f4:
89:4a:3c:2e:b4:9c:2b:c4:19:57:8a:03:e7:d9:1c:
70:c3:03:03:0d:00:b7:e8:2e:da:ec:8d:01:f3:c5:
67:d9:72:e0:18:f4:da:f8:52:34:e9:88:4a:13:f4:
c7:7b:96:20:4b:c6:78:3b:55:99:22:09:77:12:a3:
08:ca:fe:63:0c:ea:a3:2b:5d:a4:2a:20:55:da:05:
85:29:e8:fe:0a:97:b1:15:d1:c4:20:33:b9:bd:78:
12:38:db:ba:57:83:95:82:04:d0:6b:5a:5d:a7:9e:
0c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:26:50:90:DF:09:2F:AF:DE:A9:B4:61:18:68:DF:46:00:AE:A3:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92344a76-d582-4bc9-8fcb-d28a7cd833f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:2000::/40
Signature Algorithm: sha256WithRSAEncryption
63:fd:5b:78:ed:ce:97:87:37:f2:b7:5f:8f:db:bc:cf:16:47:
02:30:50:c1:fc:de:98:09:2c:87:6e:81:7e:d8:96:b6:d0:26:
a4:0f:ca:02:07:a6:65:e2:c3:71:7a:44:0c:97:ba:58:b2:00:
32:84:fa:b8:69:ed:ed:7e:e4:b2:82:62:46:66:e8:83:9a:8f:
aa:88:26:45:3b:29:55:86:4a:60:f8:ab:f6:18:65:fb:52:63:
6d:85:6a:44:a9:d6:92:ee:67:fa:e2:22:cd:13:72:96:d8:94:
ce:71:d8:04:ef:4a:98:dc:f4:9a:cc:09:b7:d5:87:25:b0:c4:
79:79:97:9b:3a:a3:bc:25:d6:50:09:43:6c:ae:9e:27:bf:b3:
28:d0:53:00:05:3d:78:86:b1:b6:f8:69:bf:6a:17:df:98:e5:
3f:ae:3c:cf:fb:ab:fb:98:df:60:80:40:65:2f:3e:42:3a:34:
2a:f0:f8:2c:e8:47:d5:7f:a0:91:6f:db:47:78:be:54:84:0b:
36:aa:dd:79:42:8a:6f:6c:bb:63:6d:8e:7f:af:f0:c4:15:4f:
44:22:cf:75:53:13:14:b2:78:e7:8d:43:03:51:92:49:db:05:
b6:83:bd:b0:cd:1b:ab:dd:d9:6b:9e:fb:be:a0:25:5e:df:bf:
94:7e:19:93
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEdzpbCmwan6O85ieN1+qxcyQi38wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUwNDNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmMDA3ZjRkM2M5MGNkNDhmNThhMGQwYzUwNmNmZjYxOGMzZTMwODJiMTA4
ZGU3YTJmZGRhNmUwZjUyOWE0NzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJouOX3HdR77QKYQyTMu4tXuUqGXjfO/YTyZYtCCVtXBthHj+pbYubTgHcxn
rDHk65uAWVOZfUuTgepC0mkQZ+HZAluVeuoMWkqkNm8qAGQEUZ7GS4fL1NzR4Edz
TN3aT68+dxvD2/fEJtDpLUOOaHO6Bl6Aug5qrbJr3YeGqJiaP2zrepsTDGdet6YY
+dhpYr9wrFr0iUo8LrScK8QZV4oD59kccMMDAw0At+gu2uyNAfPFZ9ly4Bj02vhS
NOmIShP0x3uWIEvGeDtVmSIJdxKjCMr+YwzqoytdpCogVdoFhSno/gqXsRXRxCAz
ub14EjjbuleDlYIE0GtaXaeeDNECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR2JlCQ
3wkvr96ptGEYaN9GAK6j3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTIzNDRhNzYtZDU4Mi00YmM5LThmY2ItZDI4YTdjZDgzM2YxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DEg
MA0GCSqGSIb3DQEBCwUAA4IBAQBj/Vt47c6Xhzfyt1+P27zPFkcCMFDB/N6YCSyH
boF+2Ja20CakD8oCB6Zl4sNxekQMl7pYsgAyhPq4ae3tfuSygmJGZuiDmo+qiCZF
OylVhkpg+Kv2GGX7UmNthWpEqdaS7mf64iLNE3KW2JTOcdgE70qY3PSazAm31Ycl
sMR5eZebOqO8JdZQCUNsrp4nv7Mo0FMABT14hrG2+Gm/ahffmOU/rjzP+6v7mN9g
gEBlLz5COjQq8Pgs6EfVf6CRb9tHeL5UhAs2qt15QopvbLtjbY5/r/DEFU9EIs91
UxMUsnjnjUMDUZJJ2wW2g72wzRur3dlrnvu+oCVe37+UfhmT
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:33 2025 by rpki-client