Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7459b4-43ce-4e19-8904-9681781506ff.roa
File: dd7459b4-43ce-4e19-8904-9681781506ff.roa (raw, json)
Hash identifier: 8+rxzpdT73KgkBk7YsRGIsvK+ALhXern2lh2bRBZ5v4=
Subject key identifier: 24:DD:C6:65:E4:D2:F6:B8:A7:8A:16:02:41:DE:AC:AF:08:08:9C:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A47750941B0F38F112B14AB18EBBD41BA6E2471
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7459b4-43ce-4e19-8904-9681781506ff.roa
Signing time: Fri 25 Apr 2025 19:31:31 +0000
ROA not before: Fri 25 Apr 2025 19:31:31 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:47:75:09:41:b0:f3:8f:11:2b:14:ab:18:eb:bd:41:ba:6e:24:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:31:31 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=11024602566a31cc9d06fcef0f96635e16ef3a029892861ed16870976441d759, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:fe:4b:f5:b1:f5:92:91:5c:08:87:1d:9d:a8:
d7:4c:a3:cd:94:a1:1e:a8:b3:65:18:a9:95:14:ed:
52:58:76:c1:3c:90:b8:4e:8f:4d:91:d5:b1:7b:4d:
5f:2a:9f:3d:55:8a:8f:73:b1:4a:ad:5e:00:6e:a8:
8e:04:90:79:33:15:b1:9e:c8:18:08:8e:18:d6:76:
7f:e6:9a:72:13:99:f4:a1:52:80:58:e6:d9:ca:26:
f6:7b:77:83:a5:78:53:80:17:30:0a:51:58:e8:02:
6c:da:ec:2c:9d:af:ac:92:64:cf:b1:eb:3d:99:61:
9a:35:46:58:f5:f8:b6:9c:6e:1f:3d:b5:51:15:2b:
ec:c3:7d:3a:5d:31:51:3d:24:41:d2:f4:70:80:36:
f6:b1:0c:45:3a:52:40:93:72:ec:54:9e:70:b0:80:
97:0d:9e:47:c6:01:04:50:d9:6f:0f:9e:ca:bf:06:
6a:32:4e:1e:0d:3b:a6:1c:7a:5c:bf:9a:82:c7:1b:
e7:cf:84:c6:aa:5b:cf:18:aa:2c:b5:f4:0c:0c:52:
48:ce:db:9f:fc:4f:b4:e8:f6:da:73:1a:28:1f:1f:
e0:41:ea:d9:ed:27:ad:f8:e3:88:8d:71:51:31:ba:
95:46:59:0b:3e:e8:60:df:06:59:ea:42:d3:cd:e0:
2d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:DD:C6:65:E4:D2:F6:B8:A7:8A:16:02:41:DE:AC:AF:08:08:9C:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7459b4-43ce-4e19-8904-9681781506ff.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:5000::/40
Signature Algorithm: sha256WithRSAEncryption
35:73:cc:bd:68:ba:c0:03:a2:96:86:b3:b6:fa:ee:ff:dc:27:
22:9e:5e:5e:69:98:f1:f4:f9:01:ec:07:34:46:d0:db:08:6d:
4e:c5:89:9e:1f:61:50:e3:62:96:fc:9a:0d:39:f4:74:7a:c6:
b6:5d:a4:e7:da:76:df:ed:a9:6d:94:06:b5:e7:70:fc:3a:55:
b8:a1:ed:5e:0c:89:d5:53:01:e0:9a:56:cb:7a:bf:f8:c7:e3:
56:74:3a:dd:27:30:85:22:6d:9f:a5:7f:f4:77:28:89:99:79:
55:29:c6:69:05:d3:af:d8:e1:d1:84:26:b0:7b:31:e7:14:5f:
54:65:8d:d2:54:c6:96:25:9e:34:b5:dc:82:d4:3f:91:08:7e:
49:fe:70:3b:1c:ae:ac:64:81:dc:ad:ca:58:7b:8f:28:a8:99:
d3:96:80:c8:c5:35:56:ad:6c:b3:76:4d:af:5c:53:52:2b:2c:
7c:58:47:d4:23:60:5c:4b:d8:3e:e1:89:88:83:61:07:30:bc:
91:c1:fb:c2:46:bc:9a:fa:03:f1:ce:39:0c:cf:4d:dc:b8:ad:
7d:4a:a7:8b:ce:9b:cd:68:31:cb:16:64:ad:15:30:f2:89:45:
48:af:81:29:e0:fb:d4:4d:2b:6a:21:bc:ad:2f:69:dc:58:ef:
1e:1e:70:cc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGkd1CUGw848RKxSrGOu9QbpuJHEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMxMzFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDExMDI0NjAyNTY2YTMxY2M5ZDA2ZmNlZjBmOTY2MzVlMTZlZjNhMDI5ODky
ODYxZWQxNjg3MDk3NjQ0MWQ3NTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIH+S/Wx9ZKRXAiHHZ2o10yjzZShHqizZRiplRTtUlh2wTyQuE6PTZHVsXtN
XyqfPVWKj3OxSq1eAG6ojgSQeTMVsZ7IGAiOGNZ2f+aachOZ9KFSgFjm2com9nt3
g6V4U4AXMApRWOgCbNrsLJ2vrJJkz7HrPZlhmjVGWPX4tpxuHz21URUr7MN9Ol0x
UT0kQdL0cIA29rEMRTpSQJNy7FSecLCAlw2eR8YBBFDZbw+eyr8GajJOHg07phx6
XL+agscb58+ExqpbzxiqLLX0DAxSSM7bn/xPtOj22nMaKB8f4EHq2e0nrfjjiI1x
UTG6lUZZCz7oYN8GWepC083gLQMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQk3cZl
5NL2uKeKFgJB3qyvCAic5jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGQ3NDU5YjQtNDNjZS00ZTE5LTg5MDQtOTY4MTc4MTUwNmZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA1c8y9aLrAA6KWhrO2+u7/3Ccinl5eaZjx9PkB
7Ac0RtDbCG1OxYmeH2FQ42KW/JoNOfR0esa2XaTn2nbf7altlAa153D8OlW4oe1e
DInVUwHgmlbLer/4x+NWdDrdJzCFIm2fpX/0dyiJmXlVKcZpBdOv2OHRhCawezHn
FF9UZY3SVMaWJZ40tdyC1D+RCH5J/nA7HK6sZIHcrcpYe48oqJnTloDIxTVWrWyz
dk2vXFNSKyx8WEfUI2BcS9g+4YmIg2EHMLyRwfvCRrya+gPxzjkMz03cuK19SqeL
zpvNaDHLFmStFTDyiUVIr4Ep4PvUTStqIbytL2ncWO8eHnDM
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:28 2025 by rpki-client