Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa
File: 9963ca7c-f411-4aae-ac61-2c650f8269e0.roa (raw, json)
Hash identifier: dY0RqBTbLWDqgs28reND8hLIz0WBiwzSwjL1T08/LRU=
Subject key identifier: EB:24:CF:8A:DC:E3:05:F9:41:C8:CA:A0:47:5A:2B:BB:47:CD:75:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0356E3707EB6C369AC896888FE1F16E69C40710D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa
Signing time: Fri 25 Apr 2025 20:11:09 +0000
ROA not before: Fri 25 Apr 2025 20:11:09 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:56:e3:70:7e:b6:c3:69:ac:89:68:88:fe:1f:16:e6:9c:40:71:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:11:09 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=85ea75ea83fae69ae55289ae4dd984bb99ae8f40b0ddc796f47d5e33f0904f2e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5e:7f:95:95:35:d2:92:e0:01:ec:a2:91:d1:
37:f5:8f:76:7d:2f:51:1e:d6:cc:4f:dd:09:9a:5c:
9b:9f:81:35:cb:29:8d:1e:98:03:96:50:66:0a:c9:
5a:16:43:cb:62:fd:4c:95:79:4b:d6:bb:70:3a:90:
5a:93:df:85:58:77:24:22:b2:6a:4d:df:f6:0a:62:
b2:c5:f0:b7:0c:dc:fb:71:59:59:3b:48:bd:33:cd:
b9:f6:e5:31:71:5d:f2:92:8d:eb:07:2c:9e:98:6e:
dc:38:42:bb:be:5a:06:22:3a:e6:d4:4e:0f:ef:e0:
41:78:29:c1:c5:f9:55:74:a9:94:1b:86:0a:d7:60:
2c:44:0b:7d:56:d8:fe:c6:5f:8e:6c:4c:e1:5a:06:
20:b1:1c:b3:6a:b7:1e:5a:15:16:94:a5:6e:aa:3c:
06:f0:b8:9b:b6:38:f4:62:5a:bf:22:99:80:58:dd:
c1:1d:b1:48:3b:63:49:8e:11:1b:1e:d6:59:c5:c7:
0d:87:ca:b3:51:0d:4e:fb:e6:7e:5b:44:57:8d:84:
fa:b2:8a:c0:ec:48:c0:ff:41:79:80:86:41:9b:2a:
1f:76:2d:e1:c6:a7:4e:66:87:05:e5:53:db:7c:f3:
4f:e5:54:4e:c2:24:f1:0d:1e:53:66:22:1a:ab:72:
d5:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:24:CF:8A:DC:E3:05:F9:41:C8:CA:A0:47:5A:2B:BB:47:CD:75:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:400::/38
Signature Algorithm: sha256WithRSAEncryption
03:e6:e5:7e:28:b9:0d:57:76:00:23:a9:a1:77:75:09:99:91:
0d:c9:62:81:b0:74:b7:34:05:e6:93:46:c8:4d:a2:67:6f:b5:
ab:97:30:39:fe:d8:90:c5:f2:e9:1f:6c:1b:f6:5f:7c:aa:79:
31:bc:1a:bb:14:48:77:8a:8e:47:c1:ea:89:d3:ef:22:b8:14:
3f:f0:7f:ed:d0:64:8c:11:46:d1:03:86:fb:51:6a:cc:1a:67:
a3:bb:c6:91:1e:ca:dc:ac:17:ed:bd:a5:2b:b9:c9:3d:2a:c0:
71:db:9c:cd:91:aa:1c:6b:66:49:9a:7a:2a:7b:89:29:b9:14:
eb:e1:e9:31:6b:19:b5:13:50:02:8d:76:e9:4b:4b:c4:c7:9c:
f1:2f:ca:c4:31:61:ca:93:c3:56:b6:89:2e:00:f9:3a:d9:11:
1f:4d:9a:ec:79:03:35:6a:26:06:62:dc:23:ef:d6:f0:d0:b9:
79:7c:a8:2f:fc:33:4e:f7:6f:0e:67:7f:09:f8:a3:46:ad:a8:
6c:ad:2b:2a:ce:e2:a6:01:e2:b8:14:5f:a5:19:98:b4:d3:fc:
a7:f9:6f:9f:89:93:18:15:13:7d:d3:85:93:64:88:7a:41:37:
b9:14:99:8f:cd:1a:09:8d:0a:76:63:f7:f9:27:d2:5c:64:d5:
32:65:cc:87
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUA1bjcH62w2msiWiI/h8W5pxAcQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDExMDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1ZWE3NWVhODNmYWU2OWFlNTUyODlhZTRkZDk4NGJiOTlhZThmNDBiMGRk
Yzc5NmY0N2Q1ZTMzZjA5MDRmMmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVef5WVNdKS4AHsopHRN/WPdn0vUR7WzE/dCZpcm5+BNcspjR6YA5ZQZgrJ
WhZDy2L9TJV5S9a7cDqQWpPfhVh3JCKyak3f9gpissXwtwzc+3FZWTtIvTPNufbl
MXFd8pKN6wcsnphu3DhCu75aBiI65tROD+/gQXgpwcX5VXSplBuGCtdgLEQLfVbY
/sZfjmxM4VoGILEcs2q3HloVFpSlbqo8BvC4m7Y49GJavyKZgFjdwR2xSDtjSY4R
Gx7WWcXHDYfKs1ENTvvmfltEV42E+rKKwOxIwP9BeYCGQZsqH3Yt4canTmaHBeVT
23zzT+VUTsIk8Q0eU2YiGqty1ScCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTrJM+K
3OMF+UHIyqBHWiu7R811AzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk2M2NhN2MtZjQxMS00YWFlLWFjNjEtMmM2NTBmODI2OWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEE
MA0GCSqGSIb3DQEBCwUAA4IBAQAD5uV+KLkNV3YAI6mhd3UJmZENyWKBsHS3NAXm
k0bITaJnb7WrlzA5/tiQxfLpH2wb9l98qnkxvBq7FEh3io5HweqJ0+8iuBQ/8H/t
0GSMEUbRA4b7UWrMGmeju8aRHsrcrBftvaUruck9KsBx25zNkaoca2ZJmnoqe4kp
uRTr4ekxaxm1E1ACjXbpS0vEx5zxL8rEMWHKk8NWtokuAPk62REfTZrseQM1aiYG
Ytwj79bw0Ll5fKgv/DNO928OZ38J+KNGrahsrSsqzuKmAeK4FF+lGZi00/yn+W+f
iZMYFRN904WTZIh6QTe5FJmPzRoJjQp2Y/f5J9JcZNUyZcyH
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:12 2025 by rpki-client