Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
File: a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa (raw, json)
Hash identifier: A4DMvaEZIzLP6Fas67TH1wvtb9VCDowUBP+oII8SRM4=
Subject key identifier: 50:02:F8:33:C3:38:EB:AD:00:D3:33:35:AA:5F:4E:B2:98:39:53:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D042FAC9056F293DB277C386DF93785D265BEA3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
Signing time: Fri 25 Apr 2025 19:51:32 +0000
ROA not before: Fri 25 Apr 2025 19:51:32 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:04:2f:ac:90:56:f2:93:db:27:7c:38:6d:f9:37:85:d2:65:be:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:51:32 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=87f6f84cfccfa88dbc376d4ce2788e132282283808f6086693762ef0a9565af7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a5:73:5f:30:d9:70:d2:39:21:f5:34:13:d5:
d6:2f:bc:a2:b6:aa:a8:77:a2:93:fc:73:fe:98:74:
c1:41:67:ea:d2:d7:48:7d:d4:8a:cb:c7:f0:d3:7e:
ce:72:ac:eb:45:f9:4f:77:ec:d3:e7:32:c1:f4:88:
0c:98:a1:c0:3d:6c:bd:19:88:59:1c:72:c0:61:fa:
99:71:6b:11:94:ac:7d:c5:6f:08:47:81:81:da:7e:
a0:0a:2b:a1:e6:4e:0e:b0:7f:0f:04:bd:35:cb:d8:
19:f4:95:4a:74:a4:f1:7e:31:94:e2:06:94:bf:40:
70:a7:5e:6b:94:63:2f:3b:a6:e2:c1:99:a3:d1:28:
2a:63:f1:14:14:e6:b0:5f:ba:d7:1e:56:ed:a8:e6:
f8:b4:96:53:77:9e:1b:62:b3:31:5d:a2:0e:8c:d2:
cc:5e:10:d5:8d:4a:80:62:23:30:22:69:11:47:6e:
73:ab:a3:8d:35:7a:d9:78:b4:f0:53:f1:b2:1a:fe:
62:99:5a:9f:99:d2:4d:c9:99:f5:60:dd:d0:de:91:
a0:b3:f1:bb:a8:6c:90:d1:d5:14:70:b4:22:07:d1:
7d:af:06:b4:24:01:65:80:87:cc:b2:dd:2d:7b:1a:
90:c6:a6:47:f3:93:23:e2:18:cb:5f:dd:16:02:30:
04:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:02:F8:33:C3:38:EB:AD:00:D3:33:35:AA:5F:4E:B2:98:39:53:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:9000::/40
Signature Algorithm: sha256WithRSAEncryption
66:22:ea:8e:bf:14:97:eb:8c:dd:1d:92:23:7b:be:52:2b:b9:
17:d6:84:73:20:76:f9:83:c9:d6:e4:bd:0a:86:f3:5d:e5:fc:
60:5e:0b:2b:47:11:e0:f4:31:e9:31:99:2e:e5:83:b0:1d:95:
a4:54:77:fc:4e:85:87:d7:f6:5d:30:e2:8a:2d:f8:4e:34:d9:
28:fa:34:9f:3d:85:16:35:e2:a3:80:3a:25:fb:bd:84:a7:e1:
92:f7:bb:35:ec:2b:57:d4:9a:38:73:c8:58:d9:ed:c2:b5:f1:
59:8d:6c:62:87:dc:d2:36:3a:f4:37:aa:23:c6:f8:ee:1d:7c:
b9:1e:d0:da:4f:ac:d7:8e:21:22:96:3b:bf:90:08:48:df:04:
a9:1b:93:b4:76:93:24:7b:52:ad:fe:73:29:56:69:63:5a:65:
9c:55:9e:d1:ac:c6:5d:39:c4:0f:91:59:7c:d2:0b:4a:1a:ba:
13:a1:ed:20:14:88:d1:3e:e8:40:51:96:ba:35:1e:0a:0c:f4:
05:33:39:62:0f:78:70:c8:c4:d2:68:5e:08:d5:3f:c2:70:f6:
b4:59:54:d7:b8:37:a3:00:dd:c9:8a:ef:c0:93:65:10:37:9a:
e2:44:33:df:54:a4:9f:49:a7:50:2c:18:66:05:20:0e:a7:66:
4f:49:63:cc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPQQvrJBW8pPbJ3w4bfk3hdJlvqMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUxMzJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3ZjZmODRjZmNjZmE4OGRiYzM3NmQ0Y2UyNzg4ZTEzMjI4MjI4MzgwOGY2
MDg2NjkzNzYyZWYwYTk1NjVhZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMulc18w2XDSOSH1NBPV1i+8oraqqHeik/xz/ph0wUFn6tLXSH3UisvH8NN+
znKs60X5T3fs0+cywfSIDJihwD1svRmIWRxywGH6mXFrEZSsfcVvCEeBgdp+oAor
oeZODrB/DwS9NcvYGfSVSnSk8X4xlOIGlL9AcKdea5RjLzum4sGZo9EoKmPxFBTm
sF+61x5W7ajm+LSWU3eeG2KzMV2iDozSzF4Q1Y1KgGIjMCJpEUduc6ujjTV62Xi0
8FPxshr+Yplan5nSTcmZ9WDd0N6RoLPxu6hskNHVFHC0IgfRfa8GtCQBZYCHzLLd
LXsakMamR/OTI+IYy1/dFgIwBOECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRQAvgz
wzjrrQDTMzWqX06ymDlTQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZiZDg3ZDUtYzExZS00NTA4LWFkYTUtZWY1OGE0OTVkM2Y2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBmIuqOvxSX64zdHZIje75SK7kX1oRzIHb5g8nW
5L0KhvNd5fxgXgsrRxHg9DHpMZku5YOwHZWkVHf8ToWH1/ZdMOKKLfhONNko+jSf
PYUWNeKjgDol+72Ep+GS97s17CtX1Jo4c8hY2e3CtfFZjWxih9zSNjr0N6ojxvju
HXy5HtDaT6zXjiEilju/kAhI3wSpG5O0dpMke1Kt/nMpVmljWmWcVZ7RrMZdOcQP
kVl80gtKGroToe0gFIjRPuhAUZa6NR4KDPQFMzliD3hwyMTSaF4I1T/CcPa0WVTX
uDejAN3Jiu/Ak2UQN5riRDPfVKSfSadQLBhmBSAOp2ZPSWPM
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:10 2025 by rpki-client