Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d58ca6-603e-42bb-a0a9-7fb106bb4de2.roa
File: b8d58ca6-603e-42bb-a0a9-7fb106bb4de2.roa (raw, json)
Hash identifier: IrktGs9IZJX3TjEMxyIBw2oaOjXWdUtnpeFGmMDesMo=
Subject key identifier: 09:22:81:91:A2:9B:54:3E:69:3E:D4:18:21:CB:28:C4:41:C2:52:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D91D02D7F3FC38DCD3E0EF93FDA90187893C22B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d58ca6-603e-42bb-a0a9-7fb106bb4de2.roa
Signing time: Fri 25 Apr 2025 18:51:17 +0000
ROA not before: Fri 25 Apr 2025 18:51:17 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:91:d0:2d:7f:3f:c3:8d:cd:3e:0e:f9:3f:da:90:18:78:93:c2:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:51:17 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=bf741f80686a92a7091519a8deba5632900c4e606f3e2fe9759ff8ce2bfca7d4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5a:4f:5f:c1:db:18:1b:2e:d8:b0:1d:b7:29:
52:75:29:59:6b:29:12:b0:ef:a9:50:58:9f:fd:cf:
a1:4b:93:4a:f9:bf:64:db:3c:ab:ad:e5:d2:96:7c:
7e:52:0e:5c:38:92:e1:08:18:0d:a7:12:9f:48:42:
f2:bc:f0:91:fd:3d:d0:35:bc:af:3d:4a:d9:85:b2:
37:25:15:d7:87:b7:a4:d6:33:d6:71:2e:59:e3:be:
88:21:43:93:4b:97:a9:79:a6:b2:c0:5f:eb:86:2d:
62:80:78:cf:0b:d0:50:69:92:3f:42:d4:76:6d:35:
77:37:aa:b9:40:15:ef:e3:92:0b:6d:77:68:4f:0b:
00:7f:92:13:2f:6e:72:f1:35:92:1a:82:63:43:78:
40:2c:c1:a1:76:67:d8:94:6f:9b:b2:94:4a:5f:16:
02:bd:d3:5d:1a:0d:68:49:b7:f1:82:60:cf:f6:ab:
fe:cd:2c:42:e2:7c:b5:39:79:da:65:7b:b6:8e:d2:
04:8a:e8:c3:25:55:34:b8:3b:76:1b:a9:eb:d6:d1:
6c:6f:06:2d:20:a5:02:37:ae:eb:13:c0:df:fc:ce:
0e:d7:17:d7:f7:eb:d9:52:e0:25:d2:f2:c5:ee:ec:
94:5c:d0:90:10:ed:d7:b6:3c:d6:ea:62:7e:5e:da:
82:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:22:81:91:A2:9B:54:3E:69:3E:D4:18:21:CB:28:C4:41:C2:52:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d58ca6-603e-42bb-a0a9-7fb106bb4de2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:1000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:da:13:74:0f:51:f9:af:e7:94:0a:ab:6e:f1:0c:a8:8c:d8:
19:ec:72:ab:4f:6a:fd:70:92:92:a1:8c:1c:f0:37:d1:57:11:
3d:ea:fb:21:06:55:cb:df:27:cb:d6:73:79:fc:c2:ad:ac:0b:
fe:5c:cd:b4:bb:5f:ba:a7:49:70:02:94:11:f2:85:03:20:4e:
20:46:6c:86:0c:f9:d0:83:81:bb:b1:70:73:03:c7:8e:2b:89:
83:74:a4:02:f1:13:95:29:af:63:72:70:63:16:09:9e:5a:c2:
df:d3:ad:63:97:ba:5e:cf:56:59:91:96:ae:53:2a:bb:57:a0:
46:a1:51:4d:63:ab:33:0d:1d:d3:53:4b:8c:7c:55:26:6a:41:
b4:c0:85:12:ab:19:f9:f7:7e:a6:a9:d7:d6:fe:9a:ac:63:2a:
00:c4:2d:b9:49:60:e6:07:d1:58:df:9d:47:d3:66:41:1a:d9:
b8:49:21:73:a7:6a:8f:00:0d:f2:3f:81:f3:a0:4b:c8:10:32:
01:fb:95:05:b7:60:3b:2b:4d:b9:16:f1:4f:e2:35:91:cd:38:
fe:e5:8f:1c:d4:7d:2b:6f:38:ea:33:ac:49:4d:66:91:e5:07:
8a:6c:b0:55:9d:6b:43:40:08:bd:85:15:ed:e2:3b:c1:9f:86:
45:3d:3d:cc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHZHQLX8/w43NPg75P9qQGHiTwiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUxMTdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmNzQxZjgwNjg2YTkyYTcwOTE1MTlhOGRlYmE1NjMyOTAwYzRlNjA2ZjNl
MmZlOTc1OWZmOGNlMmJmY2E3ZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJNaT1/B2xgbLtiwHbcpUnUpWWspErDvqVBYn/3PoUuTSvm/ZNs8q63l0pZ8
flIOXDiS4QgYDacSn0hC8rzwkf090DW8rz1K2YWyNyUV14e3pNYz1nEuWeO+iCFD
k0uXqXmmssBf64YtYoB4zwvQUGmSP0LUdm01dzequUAV7+OSC213aE8LAH+SEy9u
cvE1khqCY0N4QCzBoXZn2JRvm7KUSl8WAr3TXRoNaEm38YJgz/ar/s0sQuJ8tTl5
2mV7to7SBIrowyVVNLg7dhup69bRbG8GLSClAjeu6xPA3/zODtcX1/fr2VLgJdLy
xe7slFzQkBDt17Y81upifl7agp8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQJIoGR
optUPmk+1BghyyjEQcJS+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjhkNThjYTYtNjAzZS00MmJiLWEwYTktN2ZiMTA2YmI0ZGUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCq2hN0D1H5r+eUCqtu8QyojNgZ7HKrT2r9cJKS
oYwc8DfRVxE96vshBlXL3yfL1nN5/MKtrAv+XM20u1+6p0lwApQR8oUDIE4gRmyG
DPnQg4G7sXBzA8eOK4mDdKQC8ROVKa9jcnBjFgmeWsLf061jl7pez1ZZkZauUyq7
V6BGoVFNY6szDR3TU0uMfFUmakG0wIUSqxn5936mqdfW/pqsYyoAxC25SWDmB9FY
351H02ZBGtm4SSFzp2qPAA3yP4HzoEvIEDIB+5UFt2A7K025FvFP4jWRzTj+5Y8c
1H0rbzjqM6xJTWaR5QeKbLBVnWtDQAi9hRXt4jvBn4ZFPT3M
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:11 2025 by rpki-client