Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a51d6038-bb41-47b2-a883-07e17ac04d63.roa
File: a51d6038-bb41-47b2-a883-07e17ac04d63.roa (raw, json)
Hash identifier: Lx/jD2YVm09wTTgN0fpYgZb173cp37DIv60HfKil8dM=
Subject key identifier: 6F:E6:48:D5:9F:15:19:41:89:D0:2F:D2:81:23:FB:C2:7B:2A:C8:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71C5E6E4437411108D97D7A853B33B5D49287EA4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a51d6038-bb41-47b2-a883-07e17ac04d63.roa
Signing time: Fri 25 Apr 2025 19:20:55 +0000
ROA not before: Fri 25 Apr 2025 19:20:55 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:2040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:c5:e6:e4:43:74:11:10:8d:97:d7:a8:53:b3:3b:5d:49:28:7e:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:20:55 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=e71451d27b1a6e4868708d4b48105cd0b8a53699167c438285f0514c8b9b64d7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:47:af:94:a6:08:70:aa:47:98:fa:b8:8f:79:
3b:87:b4:67:69:6b:2c:41:90:b2:60:2a:80:60:78:
23:80:40:ac:18:ec:bf:70:31:0e:9e:64:24:96:0b:
1c:8e:bc:c4:67:47:42:ad:27:c3:a2:bc:f5:1f:d8:
d3:68:26:74:63:0e:00:2d:21:b9:77:31:95:41:b3:
e6:f2:52:4b:2e:b7:f6:d1:04:20:b5:58:03:15:98:
73:b5:0b:7f:62:08:a5:e5:70:ae:f9:2c:cb:9d:0a:
8a:2e:dd:59:d6:aa:8f:c7:36:e5:20:5e:72:5e:bb:
e6:04:cd:96:3a:53:ab:47:ac:7b:b4:c8:d0:d5:bb:
cc:fe:8c:27:de:af:72:23:91:54:d6:d7:43:81:a9:
94:b9:05:a5:fe:36:08:99:fd:5a:ca:a0:6b:9a:8e:
69:36:f3:df:a7:e5:cc:be:e7:46:fc:00:71:78:1b:
8e:3b:9d:3b:bb:0d:6e:b7:a9:12:2f:e4:b0:45:65:
30:07:a2:72:69:c3:de:47:24:b9:2b:28:ff:98:ba:
8a:0a:b7:b3:9b:11:6d:61:25:fd:22:66:0c:af:61:
12:66:72:58:eb:f9:87:2d:02:7d:83:ed:70:1f:53:
ee:6e:e6:6d:93:5b:5a:8c:a4:bd:d3:e5:a7:de:71:
17:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:E6:48:D5:9F:15:19:41:89:D0:2F:D2:81:23:FB:C2:7B:2A:C8:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a51d6038-bb41-47b2-a883-07e17ac04d63.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:2040::/46
Signature Algorithm: sha256WithRSAEncryption
7b:45:6f:2c:1b:56:b9:d7:a8:42:a5:cb:53:db:77:b8:f4:61:
13:c6:3f:40:d4:39:c0:86:c5:3b:f4:4a:3f:87:dd:40:66:6b:
0f:30:68:ef:1e:c0:db:14:46:6a:49:12:c5:c0:78:a3:d3:df:
2e:b7:99:dc:dc:7f:56:32:50:5e:c5:5b:f9:3f:6c:19:ca:bb:
08:ca:f3:de:7b:99:05:2a:eb:fd:f7:96:5a:47:aa:c8:21:09:
ed:18:5d:97:84:fe:46:40:6b:2f:12:14:81:70:90:79:2f:2d:
e4:aa:00:83:32:e4:a4:df:eb:6c:74:0b:73:18:40:c7:68:8b:
74:ed:de:55:ee:1d:9c:25:a3:79:46:8b:8c:9b:28:5f:1a:73:
67:c7:c4:a5:34:2c:2b:91:14:1c:0f:d4:4f:54:17:ea:7b:ff:
09:c2:16:06:81:3a:73:33:3c:08:93:4e:25:2a:bc:2c:f6:88:
11:fc:ab:6d:f5:84:c2:14:c9:03:96:a3:6f:10:bf:5c:65:ff:
e4:12:29:f5:0f:4b:6e:a7:23:8b:30:bd:02:ec:a8:7d:75:2a:
d7:84:5b:42:da:69:2c:2a:f3:a4:88:01:2e:9c:6f:eb:a4:45:
30:e5:eb:da:41:c7:f7:aa:e6:1e:e1:ce:f5:86:69:d2:07:47:
e3:28:43:4c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUccXm5EN0ERCNl9eoU7M7XUkofqQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIwNTVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3MTQ1MWQyN2IxYTZlNDg2ODcwOGQ0YjQ4MTA1Y2QwYjhhNTM2OTkxNjdj
NDM4Mjg1ZjA1MTRjOGI5YjY0ZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxHr5SmCHCqR5j6uI95O4e0Z2lrLEGQsmAqgGB4I4BArBjsv3AxDp5kJJYL
HI68xGdHQq0nw6K89R/Y02gmdGMOAC0huXcxlUGz5vJSSy639tEEILVYAxWYc7UL
f2IIpeVwrvksy50Kii7dWdaqj8c25SBecl675gTNljpTq0ese7TI0NW7zP6MJ96v
ciORVNbXQ4GplLkFpf42CJn9Wsqga5qOaTbz36flzL7nRvwAcXgbjjudO7sNbrep
Ei/ksEVlMAeicmnD3kckuSso/5i6igq3s5sRbWEl/SJmDK9hEmZyWOv5hy0CfYPt
cB9T7m7mbZNbWoykvdPlp95xF8UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRv5kjV
nxUZQYnQL9KBI/vCeyrIDDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTUxZDYwMzgtYmI0MS00N2IyLWE4ODMtMDdlMTdhYzA0ZDYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hcg
QDANBgkqhkiG9w0BAQsFAAOCAQEAe0VvLBtWudeoQqXLU9t3uPRhE8Y/QNQ5wIbF
O/RKP4fdQGZrDzBo7x7A2xRGakkSxcB4o9PfLreZ3Nx/VjJQXsVb+T9sGcq7CMrz
3nuZBSrr/feWWkeqyCEJ7Rhdl4T+RkBrLxIUgXCQeS8t5KoAgzLkpN/rbHQLcxhA
x2iLdO3eVe4dnCWjeUaLjJsoXxpzZ8fEpTQsK5EUHA/UT1QX6nv/CcIWBoE6czM8
CJNOJSq8LPaIEfyrbfWEwhTJA5ajbxC/XGX/5BIp9Q9LbqcjizC9AuyofXUq14Rb
QtppLCrzpIgBLpxv66RFMOXr2kHH96rmHuHO9YZp0gdH4yhDTA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:21 2025 by rpki-client