Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab51a88f-7495-4754-985a-700885d2554a.roa
File: ab51a88f-7495-4754-985a-700885d2554a.roa (raw, json)
Hash identifier: 2bBbpb8sx1wdRyrUse0pLZcgpz+4ZBAX1OQrSC75CLE=
Subject key identifier: DC:2E:04:31:94:B3:CC:92:46:01:38:2D:2B:0F:F8:88:97:32:4F:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0440D1B6BEFA362801C007FA4E6C2D0BEC4A67D7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab51a88f-7495-4754-985a-700885d2554a.roa
Signing time: Fri 25 Apr 2025 19:11:16 +0000
ROA not before: Fri 25 Apr 2025 19:11:16 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:e040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:40:d1:b6:be:fa:36:28:01:c0:07:fa:4e:6c:2d:0b:ec:4a:67:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:11:16 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=2b9b466688fdade095c32e2f05684e4b03aa2da0078c212f54988a824a2a03f6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fe:79:16:3b:32:a9:65:27:e7:92:d0:36:03:
41:a1:cc:49:43:9f:ac:1b:74:e7:18:18:71:62:f6:
15:b9:4b:70:33:16:30:9a:32:28:11:ab:1c:2b:06:
4a:67:d1:3b:7b:d0:99:10:bc:b9:63:5b:88:8d:69:
db:63:59:53:1d:fa:3f:e6:1b:b7:78:87:57:e2:67:
fd:30:40:fc:e0:63:39:3b:51:22:c7:07:e7:6c:b9:
a5:5a:e0:69:21:bf:ea:3e:de:72:bb:a0:d0:f9:44:
03:39:c6:bc:4a:68:c6:e5:56:59:a5:ab:23:fa:49:
cf:23:5a:a3:6f:0c:3d:ab:38:64:ef:c5:e6:6b:5d:
e1:fd:ed:46:d2:49:6e:fb:72:51:ec:c2:b6:aa:96:
7c:5e:21:51:a4:e9:7c:10:65:39:87:ae:5b:7d:69:
59:ab:ec:f6:e5:25:af:e1:c2:d2:9c:bb:80:1d:ef:
a8:da:80:83:d6:2a:82:de:b0:56:0c:67:e7:26:57:
3e:4d:be:84:0a:fb:4e:60:3f:ac:d5:b6:05:a8:e3:
9a:7d:ec:37:e0:24:8b:28:43:cf:6d:62:84:a1:5a:
b2:0f:b2:ec:aa:ad:c9:94:43:37:8f:f9:b5:9f:b5:
d8:c1:a9:45:5a:7f:77:67:d9:66:f8:e3:04:e7:68:
a8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:2E:04:31:94:B3:CC:92:46:01:38:2D:2B:0F:F8:88:97:32:4F:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab51a88f-7495-4754-985a-700885d2554a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:e040::/46
Signature Algorithm: sha256WithRSAEncryption
3d:13:cc:43:ba:c4:4f:4c:15:3e:a7:ac:5a:de:01:77:ab:be:
de:08:44:1a:1b:43:51:19:d5:0c:a5:0c:cc:b4:ae:20:a8:b2:
81:55:03:34:30:e4:ca:30:f0:53:9d:e0:c6:b3:12:a0:b8:94:
ae:db:ed:ba:e8:f7:cf:49:de:a8:a9:7b:20:e7:dc:b3:ca:45:
2b:03:a4:ad:0e:d8:be:20:f1:67:54:18:4c:d5:19:3b:4c:8a:
b2:d0:07:4d:08:82:ff:f1:c8:d5:0e:44:a8:3d:8d:4c:3f:29:
8f:9d:e0:53:64:51:6c:68:71:24:f7:25:f2:57:6e:42:ea:45:
af:8d:43:39:fb:da:fa:dc:40:20:f3:01:06:a2:e0:4d:c1:90:
81:bd:5a:78:0c:42:50:2c:0a:f1:53:35:ca:36:05:25:a7:3a:
27:6a:f5:72:35:c6:77:e1:b9:4d:93:5c:d2:e2:1a:98:eb:0f:
52:ed:7a:82:ff:ca:87:33:82:ea:9f:af:28:fa:24:b1:00:78:
57:31:d2:30:c1:e6:14:bc:8b:10:d7:0b:02:39:a7:9f:26:ed:
ad:39:c3:74:a1:51:40:96:5d:bc:38:ac:10:de:7e:08:98:b4:
0c:0c:bb:35:0e:1e:72:60:7c:6d:ff:90:cb:db:66:05:df:16:
cf:68:4e:a2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBEDRtr76NigBwAf6TmwtC+xKZ9cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTExMTZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiOWI0NjY2ODhmZGFkZTA5NWMzMmUyZjA1Njg0ZTRiMDNhYTJkYTAwNzhj
MjEyZjU0OTg4YTgyNGEyYTAzZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALn+eRY7MqllJ+eS0DYDQaHMSUOfrBt05xgYcWL2FblLcDMWMJoyKBGrHCsG
SmfRO3vQmRC8uWNbiI1p22NZUx36P+Ybt3iHV+Jn/TBA/OBjOTtRIscH52y5pVrg
aSG/6j7ecrug0PlEAznGvEpoxuVWWaWrI/pJzyNao28MPas4ZO/F5mtd4f3tRtJJ
bvtyUezCtqqWfF4hUaTpfBBlOYeuW31pWavs9uUlr+HC0py7gB3vqNqAg9Yqgt6w
Vgxn5yZXPk2+hAr7TmA/rNW2Bajjmn3sN+AkiyhDz21ihKFasg+y7KqtyZRDN4/5
tZ+12MGpRVp/d2fZZvjjBOdoqN8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTcLgQx
lLPMkkYBOC0rD/iIlzJPgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWI1MWE4OGYtNzQ5NS00NzU0LTk4NWEtNzAwODg1ZDI1NTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hfg
QDANBgkqhkiG9w0BAQsFAAOCAQEAPRPMQ7rET0wVPqesWt4Bd6u+3ghEGhtDURnV
DKUMzLSuIKiygVUDNDDkyjDwU53gxrMSoLiUrtvtuuj3z0neqKl7IOfcs8pFKwOk
rQ7YviDxZ1QYTNUZO0yKstAHTQiC//HI1Q5EqD2NTD8pj53gU2RRbGhxJPcl8ldu
QupFr41DOfva+txAIPMBBqLgTcGQgb1aeAxCUCwK8VM1yjYFJac6J2r1cjXGd+G5
TZNc0uIamOsPUu16gv/KhzOC6p+vKPoksQB4VzHSMMHmFLyLENcLAjmnnybtrTnD
dKFRQJZdvDisEN5+CJi0DAy7NQ4ecmB8bf+Qy9tmBd8Wz2hOog==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:39 2025 by rpki-client