Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0b5c8de-482f-4cb1-ae74-9fec0025fd05.roa
File: b0b5c8de-482f-4cb1-ae74-9fec0025fd05.roa (raw, json)
Hash identifier: 0HD4ryRszNqkQtfZt802YnmZL8NkvmJM7Q3SYtZpFJU=
Subject key identifier: 04:E8:FF:E0:D0:5B:19:C4:03:A7:55:EB:E3:BC:30:5B:DC:7E:BB:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2CD57A3740561FE8322234BFB9A2F6DFD2B5306D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0b5c8de-482f-4cb1-ae74-9fec0025fd05.roa
Signing time: Fri 25 Apr 2025 19:31:05 +0000
ROA not before: Fri 25 Apr 2025 19:31:05 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:50c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:d5:7a:37:40:56:1f:e8:32:22:34:bf:b9:a2:f6:df:d2:b5:30:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:31:05 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ecb72e3715043fd9168ccd853e4161f3c79f574196130cd8f4548a6715fde7eb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:58:cd:e1:01:3a:fa:f9:a6:27:7d:2e:4d:ed:
a1:1a:15:94:f3:2d:58:09:57:29:eb:89:43:dc:c2:
09:90:a9:c9:cd:0a:8b:f7:01:53:6b:2c:30:b5:6e:
3c:3b:2d:80:22:c3:dc:8b:10:94:4e:33:40:82:2b:
c0:59:10:f2:32:27:22:49:c7:64:ed:57:e4:2c:b7:
1a:a7:66:1b:52:61:65:e6:8c:81:45:08:58:d0:fd:
0e:2d:85:97:79:62:35:c3:2a:da:6a:00:a5:e9:cb:
85:a1:bc:b0:03:ac:0c:80:07:eb:35:53:46:a3:60:
31:92:0c:1f:48:35:94:78:9f:68:1e:0d:57:2f:37:
7b:0a:d0:21:be:7c:80:c7:c8:1b:30:6e:81:7e:b9:
fa:aa:46:65:3a:a2:9c:70:9a:25:e6:73:09:a3:c8:
11:c9:0b:15:89:a4:a6:55:50:d9:00:15:28:b8:ea:
10:da:9f:5c:68:4b:c4:f1:cd:aa:32:aa:40:61:11:
32:46:f9:69:f1:e7:74:45:a2:51:f7:9c:fc:28:bd:
8b:0e:af:65:25:68:41:f2:b8:12:89:30:2a:39:79:
7c:34:a4:03:d5:5f:e3:0a:71:06:dc:d2:19:8d:85:
32:bd:a8:64:7c:92:f4:14:0d:0e:ad:66:1a:c7:b0:
13:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E8:FF:E0:D0:5B:19:C4:03:A7:55:EB:E3:BC:30:5B:DC:7E:BB:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0b5c8de-482f-4cb1-ae74-9fec0025fd05.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:50c0::/46
Signature Algorithm: sha256WithRSAEncryption
ab:ac:84:38:cc:46:61:f2:64:a6:56:f4:07:3f:e2:e1:26:d5:
28:93:9c:e2:15:a8:82:59:6e:d4:4f:3c:4f:12:4b:85:2b:3b:
2f:1f:63:c7:38:2e:c6:8c:96:89:14:36:02:d1:cf:c0:01:e3:
14:57:d6:dc:da:c1:fa:95:e4:53:47:e1:4f:ea:3e:cf:89:8e:
9a:d5:f7:07:80:2a:e5:8c:6e:72:41:5f:c3:67:e0:8d:70:f3:
12:3d:e0:dd:1a:43:5d:75:11:28:08:76:c1:be:31:ac:4c:46:
b1:32:f6:0f:88:7d:a3:36:57:d3:24:d5:f4:da:48:78:9c:e8:
ba:8d:55:62:8e:83:ef:29:f1:56:43:68:ce:ba:06:f8:69:08:
5a:26:09:91:53:78:0e:cd:d4:47:44:2a:63:d9:56:d4:e8:15:
b3:1d:9a:e6:1c:bf:91:29:ad:7c:2e:c4:60:bd:45:a8:ba:94:
04:ec:de:03:30:31:08:0f:ed:ae:b0:28:91:36:c6:5a:13:93:
fb:8a:c3:7e:c2:d0:37:c0:41:b1:a5:b2:41:e7:e5:23:0d:99:
c4:00:b5:03:18:29:22:62:35:9d:4a:23:6d:ee:50:ae:60:0c:
3d:f2:c9:f4:ab:ca:19:a1:26:9c:75:ef:42:48:6d:93:a3:fc:
01:64:ba:aa
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULNV6N0BWH+gyIjS/uaL239K1MG0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMxMDVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjYjcyZTM3MTUwNDNmZDkxNjhjY2Q4NTNlNDE2MWYzYzc5ZjU3NDE5NjEz
MGNkOGY0NTQ4YTY3MTVmZGU3ZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJYzeEBOvr5pid9Lk3toRoVlPMtWAlXKeuJQ9zCCZCpyc0Ki/cBU2ssMLVu
PDstgCLD3IsQlE4zQIIrwFkQ8jInIknHZO1X5Cy3GqdmG1JhZeaMgUUIWND9Di2F
l3liNcMq2moApenLhaG8sAOsDIAH6zVTRqNgMZIMH0g1lHifaB4NVy83ewrQIb58
gMfIGzBugX65+qpGZTqinHCaJeZzCaPIEckLFYmkplVQ2QAVKLjqENqfXGhLxPHN
qjKqQGERMkb5afHndEWiUfec/Ci9iw6vZSVoQfK4EokwKjl5fDSkA9Vf4wpxBtzS
GY2FMr2oZHyS9BQNDq1mGsewEysCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQE6P/g
0FsZxAOnVevjvDBb3H67izAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBiNWM4ZGUtNDgyZi00Y2IxLWFlNzQtOWZlYzAwMjVmZDA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HtQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAq6yEOMxGYfJkplb0Bz/i4SbVKJOc4hWogllu
1E88TxJLhSs7Lx9jxzguxoyWiRQ2AtHPwAHjFFfW3NrB+pXkU0fhT+o+z4mOmtX3
B4Aq5YxuckFfw2fgjXDzEj3g3RpDXXURKAh2wb4xrExGsTL2D4h9ozZX0yTV9NpI
eJzouo1VYo6D7ynxVkNozroG+GkIWiYJkVN4Ds3UR0QqY9lW1OgVsx2a5hy/kSmt
fC7EYL1FqLqUBOzeAzAxCA/trrAokTbGWhOT+4rDfsLQN8BBsaWyQeflIw2ZxAC1
AxgpImI1nUojbe5QrmAMPfLJ9KvKGaEmnHXvQkhtk6P8AWS6qg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:21 2025 by rpki-client