Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
File: b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa (raw, json)
Hash identifier: umt9LSDd85CdBDBCvR9jp+OWBTioNiLPleYQ5Zze/vs=
Subject key identifier: 4F:E2:0A:19:2F:45:91:A2:DB:FF:B7:65:9E:30:00:99:26:1D:C7:11
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 179917336AC3A69AD37EF5F4A0FCFD8EC62C9F43
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
Signing time: Fri 25 Apr 2025 20:20:03 +0000
ROA not before: Fri 25 Apr 2025 20:20:03 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:99:17:33:6a:c3:a6:9a:d3:7e:f5:f4:a0:fc:fd:8e:c6:2c:9f:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:20:03 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d4b3b716d4640bf07d10fdeb250e2fc8151276aeedcc071b13f35b33d7ef02b4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:91:29:cd:e1:72:0a:22:23:5b:7a:65:e3:db:
bb:6a:f0:65:9a:cd:00:84:5b:24:bb:be:50:53:86:
f3:a3:e7:dc:33:d7:60:7d:0f:54:89:4e:6d:b0:35:
6c:9d:ba:03:6f:48:43:8b:f1:ef:66:10:71:5d:d5:
99:57:6a:fc:40:aa:fe:0b:80:04:b5:41:87:f9:1f:
b1:50:e5:11:7f:1d:db:8a:81:c1:45:ec:c6:e8:9c:
d7:4d:06:4f:68:83:13:1f:20:e5:56:14:92:f3:a2:
fa:1d:23:8d:08:80:6d:08:f2:5c:f5:03:52:a5:3a:
58:f9:f3:5d:dd:42:7b:62:f7:d3:85:b0:3a:36:f3:
24:7c:04:11:7c:8a:14:7e:76:34:0e:21:12:21:10:
4e:e7:49:12:87:5c:88:df:50:43:89:f3:e0:b3:14:
3e:8b:86:7a:c1:6c:b6:c9:2c:58:88:82:06:90:72:
37:29:94:4e:ba:70:7c:71:24:3e:7c:49:96:25:36:
3a:1b:46:bb:65:8c:5d:b2:48:75:08:2b:03:3b:dd:
ab:f1:5e:97:9b:49:3c:47:54:ee:79:e4:28:ac:b3:
66:48:70:ad:02:56:0d:c4:c2:05:b4:c9:e1:3a:29:
d0:4b:a0:74:35:ba:1d:d7:73:62:fe:ab:b1:81:47:
a1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E2:0A:19:2F:45:91:A2:DB:FF:B7:65:9E:30:00:99:26:1D:C7:11
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b:800::/37
Signature Algorithm: sha256WithRSAEncryption
17:be:59:d3:f2:cc:aa:24:9f:38:84:5c:93:30:b3:77:24:e6:
94:f5:fc:fd:0e:dc:88:ce:bc:a4:0a:05:4f:26:66:4f:00:15:
f3:2f:3b:12:25:13:8a:11:ab:17:fa:00:e0:8c:55:d4:12:af:
8f:d9:e1:ef:13:54:9a:6b:18:aa:58:da:81:a3:9e:d9:e1:23:
6b:58:04:d0:90:a9:b7:ee:78:34:76:0d:37:66:90:f0:e6:24:
77:f5:7e:e4:a7:85:7a:56:3b:a1:04:00:48:37:17:fa:78:9e:
db:75:92:7b:3f:4f:e6:c2:59:64:4f:a0:44:83:54:98:a5:af:
9f:44:4b:46:e1:53:40:7a:91:7e:de:94:3d:cd:50:73:bf:d8:
0c:a7:f7:16:87:e3:c9:f2:40:8b:3f:b4:7e:34:e4:91:ee:ff:
24:49:5d:e4:5a:fe:7b:2a:8e:f5:fa:83:d4:ef:ee:75:12:88:
ee:9d:57:95:b5:b8:ee:6c:90:7f:60:99:cd:83:f8:3d:a5:93:
36:75:0f:51:0d:11:9c:39:16:d5:c5:a4:6f:1d:57:78:03:a0:
ed:ea:db:cf:0d:a8:c3:d0:59:6b:dc:3c:d8:49:30:61:2b:0d:
3e:6e:11:7a:9d:3d:45:0c:d7:c9:33:65:b7:5d:3d:8f:a6:04:
87:af:30:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF5kXM2rDpprTfvX0oPz9jsYsn0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIwMDNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0YjNiNzE2ZDQ2NDBiZjA3ZDEwZmRlYjI1MGUyZmM4MTUxMjc2YWVlZGNj
MDcxYjEzZjM1YjMzZDdlZjAyYjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI2RKc3hcgoiI1t6ZePbu2rwZZrNAIRbJLu+UFOG86Pn3DPXYH0PVIlObbA1
bJ26A29IQ4vx72YQcV3VmVdq/ECq/guABLVBh/kfsVDlEX8d24qBwUXsxuic100G
T2iDEx8g5VYUkvOi+h0jjQiAbQjyXPUDUqU6WPnzXd1Ce2L304WwOjbzJHwEEXyK
FH52NA4hEiEQTudJEodciN9QQ4nz4LMUPouGesFstsksWIiCBpByNymUTrpwfHEk
PnxJliU2OhtGu2WMXbJIdQgrAzvdq/Fel5tJPEdU7nnkKKyzZkhwrQJWDcTCBbTJ
4Top0EugdDW6HddzYv6rsYFHoesCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRP4goZ
L0WRotv/t2WeMACZJh3HETAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjNiMTg2NDgtYmVhMC00ZjdlLThmMGYtNWFkMmQyZjA1ZWE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0CsI
MA0GCSqGSIb3DQEBCwUAA4IBAQAXvlnT8syqJJ84hFyTMLN3JOaU9fz9DtyIzryk
CgVPJmZPABXzLzsSJROKEasX+gDgjFXUEq+P2eHvE1SaaxiqWNqBo57Z4SNrWATQ
kKm37ng0dg03ZpDw5iR39X7kp4V6VjuhBABINxf6eJ7bdZJ7P0/mwllkT6BEg1SY
pa+fREtG4VNAepF+3pQ9zVBzv9gMp/cWh+PJ8kCLP7R+NOSR7v8kSV3kWv57Ko71
+oPU7+51EojunVeVtbjubJB/YJnNg/g9pZM2dQ9RDRGcORbVxaRvHVd4A6Dt6tvP
DajD0Flr3DzYSTBhKw0+bhF6nT1FDNfJM2W3XT2PpgSHrzAE
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:15 2025 by rpki-client