Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ea62d6-dce3-4c74-b931-0cca87ccadea.roa
File: b9ea62d6-dce3-4c74-b931-0cca87ccadea.roa (raw, json)
Hash identifier: J0ndtP5AdJiTGBUlmx488AQTjvTJNpD2o+KHPimQ43M=
Subject key identifier: 55:4C:A0:4B:6B:06:1B:F7:43:E1:03:5A:B8:C6:4E:27:BB:1C:12:BF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F88C1160003E57058F90BF72B5318A29FB52775
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ea62d6-dce3-4c74-b931-0cca87ccadea.roa
Signing time: Fri 25 Apr 2025 18:50:44 +0000
ROA not before: Fri 25 Apr 2025 18:50:44 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:88:c1:16:00:03:e5:70:58:f9:0b:f7:2b:53:18:a2:9f:b5:27:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:50:44 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=19700b0f7f0adf71f1f6cb216ce0a1935b7e6c7dc5dceb91ea42b5c1a1812c7a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:88:97:4e:bc:52:28:21:e2:cc:35:8f:e3:af:
3c:28:be:a7:5a:52:59:a3:89:7c:c5:bf:b7:60:84:
51:6f:fb:fd:00:d4:63:c7:33:b6:e9:ca:bc:33:63:
75:62:be:50:78:32:8f:8a:d8:9d:77:75:06:2b:b5:
a6:35:f6:41:5c:c9:7e:5a:66:4d:e0:f1:41:9f:a5:
de:d0:2a:fa:9a:9e:49:68:51:a1:1c:01:bf:16:2c:
dc:66:5d:9c:6f:35:c5:6d:e9:62:31:d2:c9:0d:b9:
e9:84:f7:06:90:87:f9:60:11:dd:6c:fa:6b:71:8b:
13:4a:c6:51:e6:04:d7:14:71:65:7e:96:dc:1a:4b:
df:6a:8c:c9:ab:86:1e:5b:8f:2b:2b:78:58:16:60:
ce:ae:f0:78:b9:1b:2c:0e:77:62:fd:50:26:ef:0a:
87:cf:7d:27:2a:48:a7:b9:cc:ac:04:5e:07:bc:ca:
69:5c:17:91:c0:bf:51:48:ad:2b:09:83:40:53:58:
33:a3:f9:74:58:a0:cc:80:96:00:20:eb:af:83:c3:
4b:d2:9c:78:7e:b5:22:6d:f1:4e:a8:76:a1:b2:d3:
1a:34:0a:6a:3e:48:f3:67:8c:80:ad:05:a1:65:8d:
57:22:f1:4b:e1:ae:1d:fe:4b:37:d7:b3:71:66:c0:
ac:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:4C:A0:4B:6B:06:1B:F7:43:E1:03:5A:B8:C6:4E:27:BB:1C:12:BF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ea62d6-dce3-4c74-b931-0cca87ccadea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c080::/48
Signature Algorithm: sha256WithRSAEncryption
94:7f:fb:d7:b2:9e:ba:6a:ef:ad:b3:e8:30:b5:e1:07:7f:da:
df:c2:64:81:e8:f7:54:75:eb:be:df:39:1d:50:aa:89:41:0f:
3e:7b:7d:d5:b7:28:96:31:d4:9c:83:02:6b:cb:39:e8:ec:55:
bc:5f:ed:3f:1a:2d:7c:7f:7c:2b:a9:4a:11:9b:2b:28:a7:d8:
14:fd:ad:ba:da:83:40:18:0f:2c:50:9a:fc:65:61:96:f2:17:
12:f4:7e:63:71:68:34:8f:73:49:56:52:35:f3:18:8e:02:4b:
99:63:b4:a8:f2:c7:55:ad:8e:22:79:48:19:52:48:5e:58:77:
0d:fb:74:b1:4f:7a:2b:77:3d:23:ea:9b:d5:fc:ea:59:9f:c3:
44:05:50:5a:2f:76:c8:f9:11:8c:b5:c1:33:5a:6c:a4:a8:1d:
ad:77:12:2b:42:70:26:79:f8:e8:d5:cb:e3:34:42:1b:6a:9f:
af:35:ab:38:a4:0f:67:46:88:cb:54:eb:32:52:7c:2e:35:44:
76:fe:68:98:1c:07:e6:83:8a:2d:17:d4:5c:df:43:98:08:b8:
bd:39:11:b2:cc:95:0a:49:ff:c6:b4:de:4a:26:73:8b:c7:43:
cf:5f:44:71:9a:7d:02:1f:99:0f:6e:26:97:4e:11:84:22:10:
55:f2:4e:1e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUX4jBFgAD5XBY+Qv3K1MYop+1J3UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUwNDRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5NzAwYjBmN2YwYWRmNzFmMWY2Y2IyMTZjZTBhMTkzNWI3ZTZjN2RjNWRj
ZWI5MWVhNDJiNWMxYTE4MTJjN2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+Il068Uigh4sw1j+OvPCi+p1pSWaOJfMW/t2CEUW/7/QDUY8cztunKvDNj
dWK+UHgyj4rYnXd1Biu1pjX2QVzJflpmTeDxQZ+l3tAq+pqeSWhRoRwBvxYs3GZd
nG81xW3pYjHSyQ256YT3BpCH+WAR3Wz6a3GLE0rGUeYE1xRxZX6W3BpL32qMyauG
HluPKyt4WBZgzq7weLkbLA53Yv1QJu8Kh899JypIp7nMrAReB7zKaVwXkcC/UUit
KwmDQFNYM6P5dFigzICWACDrr4PDS9KceH61Im3xTqh2obLTGjQKaj5I82eMgK0F
oWWNVyLxS+GuHf5LN9ezcWbArLkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRVTKBL
awYb90PhA1q4xk4nuxwSvzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjllYTYyZDYtZGNlMy00Yzc0LWI5MzEtMGNjYTg3Y2NhZGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
gDANBgkqhkiG9w0BAQsFAAOCAQEAlH/717KeumrvrbPoMLXhB3/a38Jkgej3VHXr
vt85HVCqiUEPPnt91bcoljHUnIMCa8s56OxVvF/tPxotfH98K6lKEZsrKKfYFP2t
utqDQBgPLFCa/GVhlvIXEvR+Y3FoNI9zSVZSNfMYjgJLmWO0qPLHVa2OInlIGVJI
Xlh3Dft0sU96K3c9I+qb1fzqWZ/DRAVQWi92yPkRjLXBM1pspKgdrXcSK0JwJnn4
6NXL4zRCG2qfrzWrOKQPZ0aIy1TrMlJ8LjVEdv5omBwH5oOKLRfUXN9DmAi4vTkR
ssyVCkn/xrTeSiZzi8dDz19EcZp9Ah+ZD24ml04RhCIQVfJOHg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:56 2025 by rpki-client