Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
File: 99ffa238-9133-4fa5-ad84-49e67d34854a.roa (raw, json)
Hash identifier: QH+k/VdYhzCSHZdYuYON6xMFdqddEqATlNtjaqF4SAI=
Subject key identifier: D4:B7:C5:B2:29:41:29:2A:1C:3D:D7:57:9F:65:4F:B0:89:3A:54:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4ED9FAFA3DD00282362EBF49A35B617EF275E19C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
Signing time: Fri 25 Apr 2025 20:20:17 +0000
ROA not before: Fri 25 Apr 2025 20:20:17 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02a::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:d9:fa:fa:3d:d0:02:82:36:2e:bf:49:a3:5b:61:7e:f2:75:e1:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:20:17 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=e641a50c821d00cf6530e6e1ae9027c0e0331d07aef06cb2f097ada0dd1770a9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:96:89:95:80:d5:ec:28:f7:89:1b:84:e6:60:
31:a3:50:a6:c3:68:54:60:66:7f:eb:fd:4b:82:92:
ff:b1:d2:fd:8e:53:f0:35:77:52:77:48:eb:e4:b8:
51:ce:d1:7d:2c:fc:b2:b5:00:4a:22:ce:94:38:cd:
6a:28:de:04:55:6c:fc:ee:33:2f:dd:ed:98:9e:1d:
7f:2c:4f:50:86:50:b9:cb:ef:06:0b:3d:57:e0:a2:
25:a8:2c:29:93:58:70:46:26:ed:d7:85:bb:89:da:
5e:18:70:85:96:ec:03:c6:e5:4e:ef:63:35:90:78:
c9:bf:88:7a:47:2f:64:cd:2a:9a:93:43:b4:61:1c:
a8:2f:9c:f4:e1:8b:af:14:b4:7e:ca:b3:84:e1:59:
32:f7:fb:fa:a0:c1:02:f6:6b:30:01:e1:7f:59:c6:
9c:a2:33:98:f0:a2:67:c5:fa:d4:85:b2:d5:aa:51:
c9:ee:6b:f4:55:09:2d:8c:2c:39:8e:a4:21:f9:37:
11:2c:c5:8a:e0:a2:77:78:df:8a:0b:58:72:6c:1c:
98:c5:d9:ff:b1:b0:30:28:29:b5:19:82:2c:b1:16:
76:d9:59:8e:2f:62:7f:41:db:a0:71:2f:b2:77:3b:
b2:39:c1:99:63:a7:2c:8a:56:10:35:ee:cb:00:b0:
b0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B7:C5:B2:29:41:29:2A:1C:3D:D7:57:9F:65:4F:B0:89:3A:54:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02a::/36
Signature Algorithm: sha256WithRSAEncryption
60:cf:9f:18:de:a9:79:8a:94:df:ab:67:16:da:d1:c0:2b:49:
f8:18:42:7c:84:9a:2b:84:b0:f1:02:e9:56:52:34:1d:14:29:
8f:27:16:5c:0e:f6:8f:53:b6:b2:22:09:c0:b0:4e:a7:e4:39:
c6:38:f3:95:97:51:0f:fe:c5:78:91:00:e7:86:ca:c3:40:6e:
65:a1:84:22:ae:3f:0c:24:f9:af:ce:65:d0:8a:fa:d7:ed:2a:
65:cd:c7:9c:b2:a3:d5:01:72:13:04:f4:b6:9c:6b:b9:22:3b:
f3:95:14:85:26:a6:34:e7:dc:d1:03:a1:67:d3:c8:c0:fa:cb:
e6:90:72:f0:f4:2c:78:0e:3c:33:56:40:54:5f:75:e5:9e:50:
b9:11:a7:17:2f:13:76:d7:f3:ba:fe:3d:4b:0e:9d:cd:65:1a:
c2:11:c8:0f:86:84:61:af:87:77:59:5c:ad:13:b6:d5:a5:5b:
47:5b:03:fd:f5:49:47:4b:5e:f0:04:c8:e6:08:17:b6:e0:4d:
54:31:63:27:72:a8:39:73:df:6f:40:bc:0c:3d:5c:fc:ff:4b:
37:00:ca:d0:ce:e8:a9:42:90:0a:eb:87:fd:ab:67:9f:a7:56:
64:10:ae:af:39:4f:a6:c3:31:03:21:58:12:20:37:a0:29:40:
82:46:3c:2d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTtn6+j3QAoI2Lr9Jo1thfvJ14ZwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIwMTdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2NDFhNTBjODIxZDAwY2Y2NTMwZTZlMWFlOTAyN2MwZTAzMzFkMDdhZWYw
NmNiMmYwOTdhZGEwZGQxNzcwYTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIKWiZWA1ewo94kbhOZgMaNQpsNoVGBmf+v9S4KS/7HS/Y5T8DV3UndI6+S4
Uc7RfSz8srUASiLOlDjNaijeBFVs/O4zL93tmJ4dfyxPUIZQucvvBgs9V+CiJags
KZNYcEYm7deFu4naXhhwhZbsA8blTu9jNZB4yb+IekcvZM0qmpNDtGEcqC+c9OGL
rxS0fsqzhOFZMvf7+qDBAvZrMAHhf1nGnKIzmPCiZ8X61IWy1apRye5r9FUJLYws
OY6kIfk3ESzFiuCid3jfigtYcmwcmMXZ/7GwMCgptRmCLLEWdtlZji9if0HboHEv
snc7sjnBmWOnLIpWEDXuywCwsHECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTUt8Wy
KUEpKhw911efZU+wiTpUKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTlmZmEyMzgtOTEzMy00ZmE1LWFkODQtNDllNjdkMzQ4NTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CoA
MA0GCSqGSIb3DQEBCwUAA4IBAQBgz58Y3ql5ipTfq2cW2tHAK0n4GEJ8hJorhLDx
AulWUjQdFCmPJxZcDvaPU7ayIgnAsE6n5DnGOPOVl1EP/sV4kQDnhsrDQG5loYQi
rj8MJPmvzmXQivrX7SplzcecsqPVAXITBPS2nGu5IjvzlRSFJqY059zRA6Fn08jA
+svmkHLw9Cx4DjwzVkBUX3XlnlC5EacXLxN21/O6/j1LDp3NZRrCEcgPhoRhr4d3
WVytE7bVpVtHWwP99UlHS17wBMjmCBe24E1UMWMncqg5c99vQLwMPVz8/0s3AMrQ
zuipQpAK64f9q2efp1ZkEK6vOU+mwzEDIVgSIDegKUCCRjwt
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:02 2025 by rpki-client