Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d9e2e2dd-303b-4e70-a84b-e795268ed9bb.roa
File: d9e2e2dd-303b-4e70-a84b-e795268ed9bb.roa (raw, json)
Hash identifier: 6+r9ovxCPdW3NwN7oSiquRoktnhTIS5SppLdJ2aXJdk=
Subject key identifier: 36:6C:C3:17:15:DD:8E:81:AF:5B:26:1A:B0:7E:ED:BE:E3:E7:BF:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 28D59DAE5DEFA7BD1CBB3CC37E4953AF654F670B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d9e2e2dd-303b-4e70-a84b-e795268ed9bb.roa
Signing time: Fri 25 Apr 2025 19:41:09 +0000
ROA not before: Fri 25 Apr 2025 19:41:09 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:d5:9d:ae:5d:ef:a7:bd:1c:bb:3c:c3:7e:49:53:af:65:4f:67:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:41:09 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=772a96049a97e80ba79a553763d82fa4e2dbac7c57d075466760ff99105ec903, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:eb:3d:0b:f6:e1:e2:d2:55:b1:70:46:76:e2:
89:7b:f4:c7:41:e4:12:23:fc:f0:00:bf:4a:bc:4a:
ce:3a:a5:17:8c:09:66:62:83:4e:75:81:3c:99:b7:
21:96:27:ce:13:7d:dc:55:a4:62:ad:76:c9:d7:30:
8c:b4:d3:c5:67:e6:62:a9:a8:1c:5a:8a:fe:d7:ea:
2e:cf:3e:4d:03:5c:44:ac:ba:ce:f9:10:c0:c4:17:
9b:d4:cf:3c:32:ee:90:9e:06:bf:dc:94:b6:37:8e:
be:95:f2:17:94:f4:92:4a:e1:8f:4f:67:b2:f6:cc:
d6:0d:7f:0f:5a:d8:31:da:5e:2f:f7:55:c2:aa:ff:
07:72:f1:b7:65:be:c6:09:af:9d:29:c9:e8:12:35:
d2:9d:53:d4:f3:63:51:01:b9:28:84:d0:df:c9:ad:
14:a0:bd:18:91:38:fc:b1:8a:ef:73:63:b1:1b:4e:
f2:66:b8:4e:fe:cc:fc:b8:68:8e:1a:98:60:2d:2f:
8e:12:3f:e7:eb:55:14:b3:e0:19:c0:dc:42:d1:ea:
a8:ab:b6:15:ab:6d:e6:32:65:d1:51:fd:a3:a8:d3:
bc:27:d7:54:5d:4c:b6:b5:2a:e2:09:cb:67:27:98:
64:40:3c:16:d6:91:8e:c4:41:5b:fb:ce:29:37:7c:
f1:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:6C:C3:17:15:DD:8E:81:AF:5B:26:1A:B0:7E:ED:BE:E3:E7:BF:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d9e2e2dd-303b-4e70-a84b-e795268ed9bb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:2000::/40
Signature Algorithm: sha256WithRSAEncryption
17:ed:b4:ff:94:e7:83:bd:ba:8b:ea:ef:78:2c:4d:07:d8:14:
da:25:70:84:28:82:d0:f5:34:f4:00:85:fe:f2:98:79:68:bc:
b2:6b:0f:7a:d1:89:4c:17:1c:8b:9a:f9:2a:2d:40:e4:87:c7:
b2:f4:1b:30:76:80:d6:fc:db:ae:82:81:80:a5:cc:f6:3d:fa:
f7:13:09:90:cb:13:25:46:b9:0b:fc:fd:8d:b3:f7:02:3a:40:
2f:d8:cc:03:b8:cf:a5:55:0d:00:b1:22:e4:42:36:cc:9b:4a:
31:a9:0c:fe:9c:bd:c3:a5:be:17:74:74:13:a0:de:af:08:4e:
dd:09:26:30:bc:35:d2:8c:18:8b:25:c4:1d:cf:ed:87:f9:ec:
62:6f:c7:97:90:b1:91:93:4f:a3:4e:19:b2:b8:d6:c8:27:88:
ac:64:a8:42:53:bf:fa:18:d2:c3:2d:c2:80:c6:10:b9:57:22:
b0:af:c0:9c:26:a8:1a:13:50:35:2e:2a:98:a5:5a:13:79:56:
af:e7:e0:84:c0:0f:2b:ef:5e:04:68:b6:82:50:e6:54:b3:df:
97:e9:3e:f9:33:44:1e:94:6c:56:a9:35:b8:bf:29:18:7a:a5:
7a:4c:4f:f7:20:cd:bc:17:f9:a9:be:03:e8:6d:77:b0:b9:7d:
fa:f0:19:c1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKNWdrl3vp70cuzzDfklTr2VPZwswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQxMDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3MmE5NjA0OWE5N2U4MGJhNzlhNTUzNzYzZDgyZmE0ZTJkYmFjN2M1N2Qw
NzU0NjY3NjBmZjk5MTA1ZWM5MDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHrPQv24eLSVbFwRnbiiXv0x0HkEiP88AC/SrxKzjqlF4wJZmKDTnWBPJm3
IZYnzhN93FWkYq12ydcwjLTTxWfmYqmoHFqK/tfqLs8+TQNcRKy6zvkQwMQXm9TP
PDLukJ4Gv9yUtjeOvpXyF5T0kkrhj09nsvbM1g1/D1rYMdpeL/dVwqr/B3Lxt2W+
xgmvnSnJ6BI10p1T1PNjUQG5KITQ38mtFKC9GJE4/LGK73NjsRtO8ma4Tv7M/Lho
jhqYYC0vjhI/5+tVFLPgGcDcQtHqqKu2Fatt5jJl0VH9o6jTvCfXVF1MtrUq4gnL
ZyeYZEA8FtaRjsRBW/vOKTd88VUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ2bMMX
Fd2Oga9bJhqwfu2+4+e/DzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDllMmUyZGQtMzAzYi00ZTcwLWE4NGItZTc5NTI2OGVkOWJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DUg
MA0GCSqGSIb3DQEBCwUAA4IBAQAX7bT/lOeDvbqL6u94LE0H2BTaJXCEKILQ9TT0
AIX+8ph5aLyyaw960YlMFxyLmvkqLUDkh8ey9BswdoDW/NuugoGApcz2Pfr3EwmQ
yxMlRrkL/P2Ns/cCOkAv2MwDuM+lVQ0AsSLkQjbMm0oxqQz+nL3Dpb4XdHQToN6v
CE7dCSYwvDXSjBiLJcQdz+2H+exib8eXkLGRk0+jThmyuNbIJ4isZKhCU7/6GNLD
LcKAxhC5VyKwr8CcJqgaE1A1LiqYpVoTeVav5+CEwA8r714EaLaCUOZUs9+X6T75
M0QelGxWqTW4vykYeqV6TE/3IM28F/mpvgPobXewuX368BnB
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:29 2025 by rpki-client