Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3218e14-7351-4916-8f96-9f1bc2dc84b3.roa
File: e3218e14-7351-4916-8f96-9f1bc2dc84b3.roa (raw, json)
Hash identifier: 2kyVOo9re6NRYHy0bQtqAwLzuVKOUICJh3EXHNCWvWc=
Subject key identifier: B3:64:1E:25:5C:E2:54:44:0D:B2:F2:A3:B5:37:E4:EE:15:68:A7:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A4663315D808CD9FC77F4A04F154C8B1E0D200A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3218e14-7351-4916-8f96-9f1bc2dc84b3.roa
Signing time: Thu 17 Apr 2025 20:36:55 +0000
ROA not before: Thu 17 Apr 2025 20:36:55 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:46:63:31:5d:80:8c:d9:fc:77:f4:a0:4f:15:4c:8b:1e:0d:20:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 20:36:55 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=bbb7a18047885897c8371e56018ee2ad92c88cf89f6597c839c5bcf1b11a44cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:82:66:ba:3d:81:62:c9:59:4e:09:30:1d:0f:
0e:a7:e1:15:fb:f8:dd:75:32:42:70:2d:04:db:65:
e9:cf:9c:a1:b2:7a:75:05:32:7e:af:bb:8b:8c:4c:
fd:8c:30:fb:96:95:52:82:10:31:71:96:78:fc:e0:
18:2f:6e:e7:dd:1c:a7:46:cc:1a:19:d7:a8:21:6e:
d3:00:c7:ad:57:3f:8e:2d:d6:8c:96:6c:3f:98:8d:
b4:21:19:74:ca:95:51:f1:ec:b3:2d:8f:3a:a3:73:
54:a5:a9:ed:d8:7f:c8:44:b5:d2:d1:4f:8e:d2:79:
8b:c4:dc:d9:f8:f7:6c:6e:35:fe:2e:62:00:c3:08:
3a:ae:85:07:d0:bb:23:9d:bc:8b:a1:32:a4:dc:4a:
9f:91:45:65:0d:d6:5b:86:7a:38:5f:82:7d:5b:e4:
d3:48:9e:be:23:8b:e9:b5:7b:60:04:f1:6c:65:4c:
47:fd:c0:92:1e:3d:8b:9f:4c:a6:83:ef:f0:c5:22:
13:db:f4:39:9c:ef:1a:8b:36:ed:cf:85:b0:0c:ed:
d0:92:31:b3:cc:69:73:38:87:e7:c2:b3:ef:39:c4:
d8:6d:02:f4:df:32:0d:2a:af:97:0b:ed:54:1f:23:
e3:fc:cf:96:53:b6:10:b2:90:4f:88:e2:9d:3b:2a:
ed:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:64:1E:25:5C:E2:54:44:0D:B2:F2:A3:B5:37:E4:EE:15:68:A7:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3218e14-7351-4916-8f96-9f1bc2dc84b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:2000::/40
Signature Algorithm: sha256WithRSAEncryption
c7:02:6f:ba:c2:a4:a1:f6:98:3d:bf:6b:b2:58:85:de:b4:68:
ab:c8:a2:16:d6:17:90:7c:09:f8:2a:9a:df:fa:16:6c:9d:80:
0a:d7:7e:bf:03:37:32:3f:81:01:cf:aa:cf:19:dc:94:4f:8c:
a3:8d:40:c4:98:c2:9a:19:fc:7a:d6:b1:e5:8a:35:ff:20:93:
89:bc:b0:60:76:6c:ce:e6:da:18:33:0f:61:a1:3e:7e:8f:5d:
de:fa:22:a5:36:d5:e0:ee:04:e2:01:37:7d:fe:ff:29:ea:30:
42:72:83:31:69:ff:7c:93:b1:3b:d5:43:79:5d:0c:43:c1:76:
22:98:cf:75:d5:1f:42:06:38:79:ef:3d:19:88:53:47:24:ad:
92:65:93:d5:a9:74:a4:3e:e8:05:65:b8:45:a6:71:cd:71:d1:
e2:ae:c7:9a:45:2b:a4:08:00:3a:96:3f:96:10:70:48:d0:86:
b0:ba:d1:29:a5:8e:96:eb:7f:34:47:47:62:6e:6b:54:8d:ee:
17:3c:87:64:19:88:9a:f0:b1:aa:cf:57:be:1f:82:3f:21:57:
1e:e5:02:e1:6a:4f:8c:5a:55:f4:60:2f:46:3a:61:8c:6a:11:
34:f4:55:69:b7:87:13:52:1e:b4:12:ae:87:0f:ad:22:25:f6:
be:72:db:49
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKkZjMV2AjNn8d/SgTxVMix4NIAowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcyMDM2NTVaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiYjdhMTgwNDc4ODU4OTdjODM3MWU1NjAxOGVlMmFkOTJjODhjZjg5ZjY1
OTdjODM5YzViY2YxYjExYTQ0Y2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJyCZro9gWLJWU4JMB0PDqfhFfv43XUyQnAtBNtl6c+cobJ6dQUyfq+7i4xM
/Yww+5aVUoIQMXGWePzgGC9u590cp0bMGhnXqCFu0wDHrVc/ji3WjJZsP5iNtCEZ
dMqVUfHssy2POqNzVKWp7dh/yES10tFPjtJ5i8Tc2fj3bG41/i5iAMMIOq6FB9C7
I528i6EypNxKn5FFZQ3WW4Z6OF+CfVvk00ieviOL6bV7YATxbGVMR/3Akh49i59M
poPv8MUiE9v0OZzvGos27c+FsAzt0JIxs8xpcziH58Kz7znE2G0C9N8yDSqvlwvt
VB8j4/zPllO2ELKQT4jinTsq7ccCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSzZB4l
XOJURA2y8qO1N+TuFWin8zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTMyMThlMTQtNzM1MS00OTE2LThmOTYtOWYxYmMyZGM4NGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G4g
MA0GCSqGSIb3DQEBCwUAA4IBAQDHAm+6wqSh9pg9v2uyWIXetGiryKIW1heQfAn4
Kprf+hZsnYAK136/AzcyP4EBz6rPGdyUT4yjjUDEmMKaGfx61rHlijX/IJOJvLBg
dmzO5toYMw9hoT5+j13e+iKlNtXg7gTiATd9/v8p6jBCcoMxaf98k7E71UN5XQxD
wXYimM911R9CBjh57z0ZiFNHJK2SZZPVqXSkPugFZbhFpnHNcdHirseaRSukCAA6
lj+WEHBI0IawutEppY6W6380R0dibmtUje4XPIdkGYia8LGqz1e+H4I/IVce5QLh
ak+MWlX0YC9GOmGMahE09FVpt4cTUh60Eq6HD60iJfa+cttJ
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:48:50 2025 by rpki-client