Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
File: c02bd597-170b-4eec-b8d1-18d678b065fa.roa (raw, json)
Hash identifier: JMrbpfgz9QIHQvQUoY2VHTFhm+Ek+yZDXEtTLnj+zyA=
Subject key identifier: 21:39:95:B0:05:CD:AF:EE:16:A7:BA:BE:23:C1:11:FC:C5:83:6C:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6DBB96A0724730C5C87076E7B0E5576F3E7BC1DC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
Signing time: Fri 25 Apr 2025 18:41:30 +0000
ROA not before: Fri 25 Apr 2025 18:41:30 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:bb:96:a0:72:47:30:c5:c8:70:76:e7:b0:e5:57:6f:3e:7b:c1:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:41:30 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=56d123088ae39b2bfd3c2152d16c57d0ed856df96b7bf5089ec7b21ecb3295d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a2:8d:85:f8:c8:ee:e1:81:7c:c7:88:24:77:
82:15:e5:86:1f:2e:d2:bf:a6:8d:d8:00:fc:ce:bc:
d3:50:0f:b6:a2:51:a3:38:05:84:1a:80:fd:fb:62:
0a:8b:86:84:0f:5b:62:1d:86:65:c4:52:32:5d:77:
ba:9b:e3:26:e3:7c:f8:86:87:79:f6:41:c4:9b:ee:
75:97:fa:4d:38:7d:82:61:f0:70:f3:0c:2b:8f:46:
25:50:42:24:2e:4a:f8:38:56:c3:ea:35:54:6a:78:
26:41:a7:af:c3:5a:51:6c:77:cb:0f:62:be:3e:b7:
b7:98:f8:16:9f:b8:36:c0:0c:6f:34:9b:d1:60:77:
93:ca:3d:fa:25:fc:d9:fe:71:5a:83:e5:2a:93:58:
6a:03:07:1e:8e:6f:18:f5:40:c0:b3:37:fd:c5:46:
06:e2:89:7f:09:61:e9:44:bd:1d:71:5b:dd:0c:16:
ff:58:45:60:59:38:6d:71:9c:47:ad:44:c9:d6:d3:
bb:3b:e4:2f:c2:25:75:4f:73:27:cb:fe:07:2d:95:
d7:98:e2:79:0e:64:d9:87:d1:2e:1e:f5:18:a4:e9:
97:32:68:6c:37:48:e2:9b:14:3f:a0:ba:3b:d2:a7:
09:a6:8f:f7:dc:9d:c6:2c:aa:74:25:ea:d2:e2:4b:
1b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:39:95:B0:05:CD:AF:EE:16:A7:BA:BE:23:C1:11:FC:C5:83:6C:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8010::/48
Signature Algorithm: sha256WithRSAEncryption
7b:bb:d5:8d:94:28:95:ea:40:98:db:3a:54:28:1b:99:46:85:
1b:8b:81:b4:c4:4e:d2:c5:a2:f3:71:f3:f6:f9:82:2d:0a:78:
a6:26:d3:cf:3b:7e:89:d2:0f:8f:a6:5a:2c:c8:17:2f:b9:45:
c6:b1:04:99:f8:d1:2a:f8:f2:30:4a:e1:54:dc:98:53:17:33:
b4:ce:12:ca:e4:3f:13:df:b2:55:f1:3c:c7:f5:f0:1d:2b:43:
57:b4:01:62:6c:7c:05:fa:45:1b:45:b0:14:c0:a6:09:98:6c:
28:59:ad:2d:f1:b1:57:29:7a:bf:44:9a:74:97:6d:08:ec:25:
a7:76:f2:56:79:d1:53:22:96:55:bd:0f:d9:4a:8f:75:c3:88:
3c:65:24:e0:99:19:a2:51:e3:27:2c:8e:d6:6c:07:01:84:45:
a7:9d:f3:34:0b:48:47:ae:ed:a0:dc:16:3b:4f:0a:5f:10:d7:
0c:69:fe:4f:7d:3d:f8:9d:92:56:7f:51:b1:65:41:fb:ca:f4:
e4:74:48:84:60:8a:da:02:c6:a5:c9:dc:71:b5:e6:8e:2a:24:
2f:01:f8:dc:b7:ec:8d:1b:e9:22:ac:e4:d9:98:b2:be:f3:91:
d4:8b:99:99:b9:78:5d:4d:48:bb:63:12:30:16:78:16:19:77:
52:58:f9:84
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbbuWoHJHMMXIcHbnsOVXbz57wdwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQxMzBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2ZDEyMzA4OGFlMzliMmJmZDNjMjE1MmQxNmM1N2QwZWQ4NTZkZjk2Yjdi
ZjUwODllYzdiMjFlY2IzMjk1ZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMaijYX4yO7hgXzHiCR3ghXlhh8u0r+mjdgA/M6801APtqJRozgFhBqA/fti
CouGhA9bYh2GZcRSMl13upvjJuN8+IaHefZBxJvudZf6TTh9gmHwcPMMK49GJVBC
JC5K+DhWw+o1VGp4JkGnr8NaUWx3yw9ivj63t5j4Fp+4NsAMbzSb0WB3k8o9+iX8
2f5xWoPlKpNYagMHHo5vGPVAwLM3/cVGBuKJfwlh6US9HXFb3QwW/1hFYFk4bXGc
R61EydbTuzvkL8IldU9zJ8v+By2V15jieQ5k2YfRLh71GKTplzJobDdI4psUP6C6
O9KnCaaP99ydxiyqdCXq0uJLG/UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQhOZWw
Bc2v7hanur4jwRH8xYNsAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzAyYmQ1OTctMTcwYi00ZWVjLWI4ZDEtMThkNjc4YjA2NWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
EDANBgkqhkiG9w0BAQsFAAOCAQEAe7vVjZQolepAmNs6VCgbmUaFG4uBtMRO0sWi
83Hz9vmCLQp4pibTzzt+idIPj6ZaLMgXL7lFxrEEmfjRKvjyMErhVNyYUxcztM4S
yuQ/E9+yVfE8x/XwHStDV7QBYmx8BfpFG0WwFMCmCZhsKFmtLfGxVyl6v0SadJdt
COwlp3byVnnRUyKWVb0P2UqPdcOIPGUk4JkZolHjJyyO1mwHAYRFp53zNAtIR67t
oNwWO08KXxDXDGn+T309+J2SVn9RsWVB+8r05HRIhGCK2gLGpcnccbXmjiokLwH4
3LfsjRvpIqzk2ZiyvvOR1IuZmbl4XU1Iu2MSMBZ4Fhl3Ulj5hA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:17 2025 by rpki-client