Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be610cc2-170e-494b-b1f3-db73bc5ff027.roa
File: be610cc2-170e-494b-b1f3-db73bc5ff027.roa (raw, json)
Hash identifier: 4m8xmyDBxp1Yb8ysGz5nIYefHY2YNvsp2wOFmKJJQdw=
Subject key identifier: A1:38:9B:BF:5E:F9:CD:A0:6B:17:89:DC:B7:E6:92:62:04:35:90:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6DAA5C06A21EEBB963C2F50C35BD1F0937EBFD5B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be610cc2-170e-494b-b1f3-db73bc5ff027.roa
Signing time: Fri 25 Apr 2025 18:50:16 +0000
ROA not before: Fri 25 Apr 2025 18:50:16 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:aa:5c:06:a2:1e:eb:b9:63:c2:f5:0c:35:bd:1f:09:37:eb:fd:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:50:16 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=369541f325b9a473bf42aa36cedee85f62b78bad77386b5cc69c33ea87a13d71, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8d:24:25:52:40:ae:fb:15:de:f0:59:66:4e:
d8:9f:8e:ab:ba:dc:bb:27:bf:18:33:da:00:b0:22:
37:cd:c9:3a:74:b7:d1:38:70:7a:69:ec:ed:e6:e1:
10:51:66:44:af:70:4c:f2:bd:41:16:ba:d7:b3:a1:
74:6e:e0:f0:cd:f3:9c:ba:73:37:a4:55:8b:65:f1:
1e:9e:d1:dc:ed:c0:cb:62:a4:ed:5d:9f:73:aa:b8:
4d:66:63:33:df:2b:d3:e0:94:49:de:0c:52:4e:a6:
5a:49:c4:8b:e3:57:81:89:ba:e3:8f:70:a8:0d:4b:
31:0c:a6:c8:14:2e:bc:81:7b:6d:ce:c8:1b:c8:12:
89:6d:27:a6:10:c7:ea:d0:2c:f2:21:95:16:2a:42:
a8:1a:55:a9:ef:1f:19:30:c2:ca:a2:7a:0a:4a:d0:
43:06:82:f3:5f:76:e0:b7:0b:61:ec:1f:d1:d3:75:
84:90:68:f6:4a:16:92:ca:a5:8b:a1:e6:67:14:ae:
a3:43:9a:87:cc:c4:40:f4:ae:70:55:c1:7f:c2:9a:
8e:7f:63:56:8e:43:41:5a:5a:e1:3f:f1:a0:b3:ff:
3f:47:8f:9a:30:94:56:90:91:2d:e0:13:4c:4e:71:
7b:18:5f:16:f9:6c:7f:4b:4b:11:09:9f:aa:52:cc:
3a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:38:9B:BF:5E:F9:CD:A0:6B:17:89:DC:B7:E6:92:62:04:35:90:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be610cc2-170e-494b-b1f3-db73bc5ff027.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:6080::/48
Signature Algorithm: sha256WithRSAEncryption
45:6a:fe:a1:28:70:7c:d8:ce:f9:1a:e5:7f:77:fe:0a:8b:15:
5c:b5:79:da:c1:f1:3e:cf:a3:29:b6:30:9d:99:3f:50:22:39:
54:32:9a:ab:cb:d5:4e:86:08:26:83:37:96:ec:69:12:d3:89:
4e:19:87:07:6d:5f:5f:59:cd:15:4d:f4:57:04:a2:41:f9:d7:
2f:c5:ac:e2:48:dd:81:33:04:65:fd:e1:55:ed:55:8a:7a:0f:
47:13:9a:e9:b0:19:cf:81:ec:9c:84:52:18:de:91:0d:c2:86:
af:de:ea:e1:2f:58:e6:5c:b7:0c:89:c8:0e:90:f0:0a:6b:f3:
b8:df:9d:b3:fb:f2:6d:f9:e8:e4:3f:7e:a9:14:76:a8:f6:f3:
4c:e5:e3:2d:e8:5f:03:af:1a:16:31:64:c8:d3:4e:d6:9f:44:
88:ac:5c:32:ba:24:09:79:21:0e:20:61:ec:38:b6:32:8b:73:
a2:7e:d3:ce:42:24:6c:55:48:2a:e5:1e:53:62:7d:3e:ed:9c:
b0:58:d8:05:7f:72:8d:b0:f6:9f:72:74:5d:3e:f7:f6:98:7c:
dd:fe:37:f9:11:3a:35:d0:29:eb:ce:e2:4c:d4:fd:3d:ee:c4:
3e:09:c4:e4:60:a7:90:22:06:d6:93:60:14:c0:00:07:34:21:
49:af:8f:43
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbapcBqIe67ljwvUMNb0fCTfr/VswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUwMTZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2OTU0MWYzMjViOWE0NzNiZjQyYWEzNmNlZGVlODVmNjJiNzhiYWQ3NzM4
NmI1Y2M2OWMzM2VhODdhMTNkNzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqNJCVSQK77Fd7wWWZO2J+Oq7rcuye/GDPaALAiN83JOnS30Thwemns7ebh
EFFmRK9wTPK9QRa617OhdG7g8M3znLpzN6RVi2XxHp7R3O3Ay2Kk7V2fc6q4TWZj
M98r0+CUSd4MUk6mWknEi+NXgYm6449wqA1LMQymyBQuvIF7bc7IG8gSiW0nphDH
6tAs8iGVFipCqBpVqe8fGTDCyqJ6CkrQQwaC81924LcLYewf0dN1hJBo9koWksql
i6HmZxSuo0Oah8zEQPSucFXBf8Kajn9jVo5DQVpa4T/xoLP/P0ePmjCUVpCRLeAT
TE5xexhfFvlsf0tLEQmfqlLMOrsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBShOJu/
XvnNoGsXidy35pJiBDWQFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2MTBjYzItMTcwZS00OTRiLWIxZjMtZGI3M2JjNWZmMDI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9g
gDANBgkqhkiG9w0BAQsFAAOCAQEARWr+oShwfNjO+Rrlf3f+CosVXLV52sHxPs+j
KbYwnZk/UCI5VDKaq8vVToYIJoM3luxpEtOJThmHB21fX1nNFU30VwSiQfnXL8Ws
4kjdgTMEZf3hVe1VinoPRxOa6bAZz4HsnIRSGN6RDcKGr97q4S9Y5ly3DInIDpDw
CmvzuN+ds/vybfno5D9+qRR2qPbzTOXjLehfA68aFjFkyNNO1p9EiKxcMrokCXkh
DiBh7Di2Motzon7TzkIkbFVIKuUeU2J9Pu2csFjYBX9yjbD2n3J0XT739ph83f43
+RE6NdAp687iTNT9Pe7EPgnE5GCnkCIG1pNgFMAABzQhSa+PQw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:38 2025 by rpki-client