Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7649a8-cae4-4d67-90f1-f01144285a2f.roa
File: dd7649a8-cae4-4d67-90f1-f01144285a2f.roa (raw, json)
Hash identifier: FsaZur1lLVEzcCisbxXAlGKrYB2yU+DnpMq9tHHnJRQ=
Subject key identifier: 35:E8:73:8E:26:65:F3:62:03:4B:92:62:73:82:25:2E:04:E0:65:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 085AA025EB9791A6857BE9510447896CE41C273B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7649a8-cae4-4d67-90f1-f01144285a2f.roa
Signing time: Fri 25 Apr 2025 18:20:15 +0000
ROA not before: Fri 25 Apr 2025 18:20:15 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:5a:a0:25:eb:97:91:a6:85:7b:e9:51:04:47:89:6c:e4:1c:27:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:20:15 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=313889f4291c45de0af05b9bb65af9e620cf0bbbe60b4b668baf3270a649ec97, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ec:c3:35:c4:bf:3c:04:25:0a:0b:84:a2:9a:
aa:84:4e:96:03:8b:f4:03:ce:53:62:5c:a7:22:8c:
92:3d:af:05:1d:b1:bb:9a:b4:f3:3b:f1:83:9d:e6:
35:b7:93:6c:6f:86:9d:28:31:ec:7f:8a:ea:fd:90:
e2:ef:56:81:27:e7:9b:c3:3f:a2:05:30:c3:ff:db:
e0:41:ff:8f:0a:f0:11:0f:a1:5b:e4:54:1d:b6:0b:
05:43:ba:03:d4:66:f1:2f:da:63:a8:07:1d:12:01:
78:14:35:2f:3e:72:08:93:bb:1c:24:c5:4c:1c:8f:
eb:51:48:fc:80:e3:b8:1a:82:a1:74:44:74:c7:6e:
17:bc:60:1a:a1:49:2a:4d:e4:00:d1:ca:ee:54:b3:
6a:ff:6f:03:15:63:fd:a5:e5:ab:cc:1c:77:e4:ca:
4f:87:7a:b8:28:a9:ff:66:0b:87:b0:38:85:f3:11:
5b:6f:5d:c1:3b:57:34:d0:55:7d:d2:94:c6:73:d3:
fd:97:72:ed:36:9f:fe:5f:00:25:57:2d:ca:20:96:
6c:ee:ed:76:c5:d4:3e:f2:1d:d3:39:12:05:81:13:
76:1a:fb:a1:f5:6a:31:d6:3a:bf:1e:01:b3:63:7c:
b6:41:b3:44:0b:78:a2:67:30:c5:ca:f1:6d:1a:1e:
08:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:E8:73:8E:26:65:F3:62:03:4B:92:62:73:82:25:2E:04:E0:65:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7649a8-cae4-4d67-90f1-f01144285a2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4040::/48
Signature Algorithm: sha256WithRSAEncryption
bc:30:ff:4d:db:d2:e6:92:ea:c2:09:43:82:ff:22:d1:16:43:
f8:23:68:1a:0f:9b:3f:b6:60:cd:bb:0a:cf:09:65:70:f0:70:
f2:c7:dc:4a:ea:b5:a3:7e:bc:53:1c:0b:1c:3b:4f:5b:9b:5a:
fd:c5:61:1b:c3:97:38:7c:39:7e:70:4e:52:15:f3:89:c4:fd:
7a:c2:e2:b1:8f:d5:20:7c:2e:63:58:bd:63:0c:a3:ab:0e:22:
bf:36:1c:7c:25:93:71:78:25:90:28:a3:96:78:0c:77:87:c7:
aa:e5:f6:1b:24:0c:76:e0:28:55:24:47:6c:ac:a1:bf:67:92:
41:dc:97:ea:1c:d2:ec:e3:dc:63:85:88:96:0d:86:22:b4:4f:
80:4c:c7:99:4e:1d:90:3a:d9:e5:ea:c2:e9:e4:fe:75:70:38:
f9:46:11:e1:5c:e4:89:32:99:0e:22:43:82:73:24:90:99:d5:
21:2f:ea:a5:b9:31:91:04:a1:d8:34:59:3b:86:0f:2b:e7:c2:
14:ba:54:14:b2:6f:1b:06:78:f0:6e:16:7e:aa:ce:1c:60:66:
b2:6a:7f:68:d1:dd:31:36:14:e7:b2:f4:a6:fb:2e:5e:54:c6:
9f:16:62:7c:a0:18:b1:c8:7e:fe:24:b4:8b:00:a2:e3:54:7e:
ed:66:0b:20
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCFqgJeuXkaaFe+lRBEeJbOQcJzswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODIwMTVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxMzg4OWY0MjkxYzQ1ZGUwYWYwNWI5YmI2NWFmOWU2MjBjZjBiYmJlNjBi
NGI2NjhiYWYzMjcwYTY0OWVjOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrswzXEvzwEJQoLhKKaqoROlgOL9APOU2JcpyKMkj2vBR2xu5q08zvxg53m
NbeTbG+GnSgx7H+K6v2Q4u9WgSfnm8M/ogUww//b4EH/jwrwEQ+hW+RUHbYLBUO6
A9Rm8S/aY6gHHRIBeBQ1Lz5yCJO7HCTFTByP61FI/IDjuBqCoXREdMduF7xgGqFJ
Kk3kANHK7lSzav9vAxVj/aXlq8wcd+TKT4d6uCip/2YLh7A4hfMRW29dwTtXNNBV
fdKUxnPT/Zdy7Taf/l8AJVctyiCWbO7tdsXUPvId0zkSBYETdhr7ofVqMdY6vx4B
s2N8tkGzRAt4omcwxcrxbRoeCFkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ16HOO
JmXzYgNLkmJzgiUuBOBlWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGQ3NjQ5YTgtY2FlNC00ZDY3LTkwZjEtZjAxMTQ0Mjg1YTJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
QDANBgkqhkiG9w0BAQsFAAOCAQEAvDD/TdvS5pLqwglDgv8i0RZD+CNoGg+bP7Zg
zbsKzwllcPBw8sfcSuq1o368UxwLHDtPW5ta/cVhG8OXOHw5fnBOUhXzicT9esLi
sY/VIHwuY1i9Ywyjqw4ivzYcfCWTcXglkCijlngMd4fHquX2GyQMduAoVSRHbKyh
v2eSQdyX6hzS7OPcY4WIlg2GIrRPgEzHmU4dkDrZ5erC6eT+dXA4+UYR4VzkiTKZ
DiJDgnMkkJnVIS/qpbkxkQSh2DRZO4YPK+fCFLpUFLJvGwZ48G4WfqrOHGBmsmp/
aNHdMTYU57L0pvsuXlTGnxZifKAYsch+/iS0iwCi41R+7WYLIA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:07 2025 by rpki-client