Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
File: bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa (raw, json)
Hash identifier: 8H2Rjca/JzrUv7kW3uKT2lZY2me/NUB0cjDZ+nYGw20=
Subject key identifier: F9:14:2E:46:E2:5A:C7:B2:BB:2E:E9:E2:FB:D5:EC:DA:A6:60:04:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 240DF8209853D1720F02816137EE15C6EB02CFED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
Signing time: Fri 25 Apr 2025 20:01:31 +0000
ROA not before: Fri 25 Apr 2025 20:01:31 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:0d:f8:20:98:53:d1:72:0f:02:81:61:37:ee:15:c6:eb:02:cf:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:01:31 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=03c77ddb06e5d67b43dbe6da849903b2cd015d0e43b59e96833d960d3ed2cd9f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8a:74:ae:84:31:26:8c:a9:ec:e0:a3:18:9a:
a3:50:00:84:ae:f6:f2:87:3b:ee:6b:9d:fa:05:7f:
c8:8b:83:2e:f0:19:e9:67:a3:61:bb:51:87:cc:f8:
46:a4:7e:90:68:33:2d:cb:61:37:b0:ce:80:0e:00:
da:2f:bd:6f:43:75:4a:2e:c5:2a:04:89:28:2e:ad:
cd:a0:37:9a:e5:c7:1b:34:6f:13:c5:fa:d9:dc:7d:
d5:a4:9c:73:73:df:30:b0:86:dc:bb:40:6c:a8:e4:
e6:d7:0c:f0:e7:8d:13:58:10:7f:3d:84:1f:24:51:
44:b7:88:58:09:b4:57:f6:3f:18:23:27:02:9b:33:
10:c6:0b:61:29:3b:68:30:7e:e3:e1:78:98:28:d6:
98:8f:94:3d:0f:c4:a2:a1:79:09:20:2b:ca:c3:31:
98:3e:e4:48:77:d0:f6:d9:2f:40:ab:8e:26:15:d9:
f3:8b:f9:7c:f5:ac:d3:d0:eb:99:95:d3:f0:48:3f:
5b:74:7e:ec:ea:bf:5f:e7:0d:00:4c:01:02:57:e4:
c3:93:3a:a4:6a:53:aa:9d:5b:b0:6e:3c:d1:a4:eb:
f1:74:cd:95:cd:a7:b7:42:db:a6:64:4e:ca:5c:08:
e0:be:17:8b:18:c6:4a:76:b4:8e:9a:82:50:64:29:
cc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:14:2E:46:E2:5A:C7:B2:BB:2E:E9:E2:FB:D5:EC:DA:A6:60:04:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:5000::/40
Signature Algorithm: sha256WithRSAEncryption
89:8d:dc:22:c3:96:98:3f:af:47:c3:57:cc:05:05:2e:8e:27:
03:70:c8:cb:e6:02:f1:4b:3f:dc:42:e9:c1:27:f5:5d:ae:c6:
76:fb:1e:e6:b0:92:b1:40:e0:37:44:8e:b5:39:10:d6:69:2d:
35:ff:f0:fd:8d:67:b1:75:04:d7:93:6d:a4:a1:2b:57:4b:4e:
1b:3e:a9:a4:67:d3:80:c7:67:a0:a8:2b:16:8b:9f:4d:7f:7f:
91:25:e4:ce:10:4e:74:09:2b:53:40:cb:6d:fd:9c:06:8a:e1:
47:c2:20:e1:a0:aa:d0:32:e1:04:75:72:46:46:e4:e1:d5:b8:
f0:9e:d0:b3:6a:7b:ac:49:92:44:32:6c:9f:e9:95:2a:c9:00:
77:bd:b5:63:c9:01:66:6e:02:bb:79:86:e8:97:85:d0:d9:f0:
d9:81:2d:dd:00:2a:9a:88:53:f9:e0:1f:f5:d7:d5:97:74:3b:
d3:1f:0d:09:d9:d7:14:e3:08:bb:7d:7e:94:d2:a6:a9:5d:9b:
97:5f:9d:8f:2e:f5:45:8b:ea:af:6a:47:7c:3e:d6:ff:a0:84:
12:99:44:a5:9e:de:75:18:03:91:ac:e3:dc:6c:47:8c:6a:b4:
76:33:ab:33:22:da:ff:83:83:77:bb:01:03:ab:b9:e1:b0:f5:
8f:4d:88:6e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJA34IJhT0XIPAoFhN+4VxusCz+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAxMzFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzYzc3ZGRiMDZlNWQ2N2I0M2RiZTZkYTg0OTkwM2IyY2QwMTVkMGU0M2I1
OWU5NjgzM2Q5NjBkM2VkMmNkOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+KdK6EMSaMqezgoxiao1AAhK728oc77mud+gV/yIuDLvAZ6WejYbtRh8z4
RqR+kGgzLcthN7DOgA4A2i+9b0N1Si7FKgSJKC6tzaA3muXHGzRvE8X62dx91aSc
c3PfMLCG3LtAbKjk5tcM8OeNE1gQfz2EHyRRRLeIWAm0V/Y/GCMnApszEMYLYSk7
aDB+4+F4mCjWmI+UPQ/EoqF5CSArysMxmD7kSHfQ9tkvQKuOJhXZ84v5fPWs09Dr
mZXT8Eg/W3R+7Oq/X+cNAEwBAlfkw5M6pGpTqp1bsG480aTr8XTNlc2nt0LbpmRO
ylwI4L4XixjGSna0jpqCUGQpzCUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT5FC5G
4lrHsrsu6eL71ezapmAEHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmM2OWY4ZjYtMDNjOC00NDY4LWE5OGEtZjIzZmU0MGVlYWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCJjdwiw5aYP69Hw1fMBQUujicDcMjL5gLxSz/c
QunBJ/VdrsZ2+x7msJKxQOA3RI61ORDWaS01//D9jWexdQTXk22koStXS04bPqmk
Z9OAx2egqCsWi59Nf3+RJeTOEE50CStTQMtt/ZwGiuFHwiDhoKrQMuEEdXJGRuTh
1bjwntCzanusSZJEMmyf6ZUqyQB3vbVjyQFmbgK7eYbol4XQ2fDZgS3dACqaiFP5
4B/119WXdDvTHw0J2dcU4wi7fX6U0qapXZuXX52PLvVFi+qvakd8Ptb/oIQSmUSl
nt51GAORrOPcbEeMarR2M6szItr/g4N3uwEDq7nhsPWPTYhu
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:43 2025 by rpki-client