Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa
File: decd4459-2e9b-442e-a3bd-6633fdd0250b.roa (raw, json)
Hash identifier: Xyai8DC9hkZB4R5OywjTBis2+ECcNh2BNYGcwzTXMdQ=
Subject key identifier: 72:AC:FF:8C:9F:15:21:54:A7:8A:18:E4:1B:02:8B:54:32:0E:91:D1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63AD8206BA13ED4F052BDE74D0B5D8F0542C3CBD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa
Signing time: Fri 25 Apr 2025 18:31:04 +0000
ROA not before: Fri 25 Apr 2025 18:31:04 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:ad:82:06:ba:13:ed:4f:05:2b:de:74:d0:b5:d8:f0:54:2c:3c:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:31:04 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=1b98592fe758de0a3f690648d9b2fbe1211574773d13b18236e039a670d123f6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:ff:01:29:09:3a:01:de:a4:ec:2c:86:e3:fe:
ff:3a:8c:ad:10:ed:e7:dc:77:32:7f:2f:c3:d2:a6:
40:d0:1b:53:3d:95:6d:86:01:a4:8b:f4:3d:62:8f:
23:e0:5e:c6:92:22:85:75:e1:7d:e8:64:7f:2c:05:
01:70:04:e2:1d:07:9a:6c:7b:ef:d0:55:4a:15:ca:
8e:0d:2e:bf:8d:04:bf:a3:bf:ac:1d:19:77:20:b0:
0c:9c:99:35:0d:ce:5e:63:3d:45:42:3c:58:e9:f1:
a6:13:7d:1e:c7:ef:23:08:6c:77:44:3a:b9:79:df:
d5:3e:e9:da:80:95:25:7f:bc:1f:76:2f:f3:b8:79:
e1:d4:8e:e6:cb:44:ec:c3:be:5b:b1:f2:66:7b:2c:
f1:66:39:1e:87:c8:e4:19:1c:69:59:a9:b9:4c:02:
16:a9:ac:0e:de:45:b6:72:fd:7c:22:ea:49:46:44:
88:89:cc:93:35:ce:53:6a:05:06:c7:ed:f4:e3:c9:
57:39:f3:6a:27:68:59:58:a3:bd:d5:db:7e:dd:1d:
9e:00:88:d7:d1:12:73:5f:a2:09:61:50:34:e6:6a:
31:fe:7d:78:45:8a:1a:8d:ca:40:fb:62:c4:42:e2:
74:29:50:30:3f:1b:a1:07:9e:64:07:df:fe:2c:6d:
1a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:AC:FF:8C:9F:15:21:54:A7:8A:18:E4:1B:02:8B:54:32:0E:91:D1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a000::/40
Signature Algorithm: sha256WithRSAEncryption
a4:01:74:ec:ff:5a:b6:99:93:2c:01:14:01:88:ef:46:e6:02:
68:31:99:58:a3:b4:6a:79:12:fa:4f:f4:08:b8:8d:55:18:89:
a9:aa:b0:c9:e0:6e:5e:7c:e2:ba:f5:5b:b4:a8:c2:1c:eb:11:
bb:27:21:2c:8a:6f:b8:4e:20:87:5d:d7:20:60:0a:cb:01:61:
f2:d9:0d:12:62:d8:3a:9a:bc:d8:a7:88:36:00:b7:90:04:4c:
3d:0d:e9:21:59:4f:95:82:68:b4:fb:85:48:6d:78:61:2a:cf:
a6:c6:6c:4b:41:19:24:4b:a6:26:f6:93:97:d7:91:34:99:58:
dc:cb:72:65:b3:34:df:f0:e9:fb:28:c2:fc:4b:ab:d7:3f:9d:
df:26:1a:95:6f:fe:00:31:ae:81:e9:b0:84:4a:78:94:cd:90:
78:e3:ff:a7:0e:2c:3a:c5:74:28:7e:ac:90:7b:df:70:87:de:
26:b3:19:bc:4a:0e:d1:d4:92:00:39:66:3d:64:43:04:90:8a:
f7:f3:c1:9f:71:c6:06:87:46:3b:70:8f:b0:cf:7c:b1:bd:d7:
f8:65:37:97:97:ba:30:37:2a:b0:47:67:33:63:2f:a0:d0:5b:
1b:d8:6d:50:be:0e:8a:2e:38:af:3d:4d:b1:0e:05:2f:08:2d:
a0:70:8f:e6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY62CBroT7U8FK9500LXY8FQsPL0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMxMDRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiOTg1OTJmZTc1OGRlMGEzZjY5MDY0OGQ5YjJmYmUxMjExNTc0NzczZDEz
YjE4MjM2ZTAzOWE2NzBkMTIzZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPD/ASkJOgHepOwshuP+/zqMrRDt59x3Mn8vw9KmQNAbUz2VbYYBpIv0PWKP
I+BexpIihXXhfehkfywFAXAE4h0Hmmx779BVShXKjg0uv40Ev6O/rB0ZdyCwDJyZ
NQ3OXmM9RUI8WOnxphN9HsfvIwhsd0Q6uXnf1T7p2oCVJX+8H3Yv87h54dSO5stE
7MO+W7HyZnss8WY5HofI5BkcaVmpuUwCFqmsDt5FtnL9fCLqSUZEiInMkzXOU2oF
Bsft9OPJVznzaidoWVijvdXbft0dngCI19ESc1+iCWFQNOZqMf59eEWKGo3KQPti
xELidClQMD8boQeeZAff/ixtGq0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRyrP+M
nxUhVKeKGOQbAotUMg6R0TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGVjZDQ0NTktMmU5Yi00NDJlLWEzYmQtNjYzM2ZkZDAyNTBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKg
MA0GCSqGSIb3DQEBCwUAA4IBAQCkAXTs/1q2mZMsARQBiO9G5gJoMZlYo7RqeRL6
T/QIuI1VGImpqrDJ4G5efOK69Vu0qMIc6xG7JyEsim+4TiCHXdcgYArLAWHy2Q0S
Ytg6mrzYp4g2ALeQBEw9DekhWU+Vgmi0+4VIbXhhKs+mxmxLQRkkS6Ym9pOX15E0
mVjcy3JlszTf8On7KML8S6vXP53fJhqVb/4AMa6B6bCESniUzZB44/+nDiw6xXQo
fqyQe99wh94msxm8Sg7R1JIAOWY9ZEMEkIr388GfccYGh0Y7cI+wz3yxvdf4ZTeX
l7owNyqwR2czYy+g0Fsb2G1Qvg6KLjivPU2xDgUvCC2gcI/m
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:08 2025 by rpki-client