Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
File: e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa (raw, json)
Hash identifier: jONfKCH5W/qmZOSuc6Ko0efNN/BIJ5XIDMhwA3iOS9Y=
Subject key identifier: F7:6A:DE:D7:49:19:81:1A:35:B2:4C:55:A9:69:B2:AE:84:BF:95:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1687ADB3BFB9D5C05593341C0C9C98EB83B418C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
Signing time: Fri 18 Apr 2025 18:30:16 +0000
ROA not before: Fri 18 Apr 2025 18:30:16 +0000
ROA not after: Fri 23 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:87:ad:b3:bf:b9:d5:c0:55:93:34:1c:0c:9c:98:eb:83:b4:18:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 18 18:30:16 2025 GMT
Not After : May 23 23:59:59 2025 GMT
Subject: serialNumber=0efcca6944f82f6f630abd71334c1e11eb8166b9e1aea516229b36cbafefaaed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1e:58:95:42:bb:de:f2:af:65:91:1a:8b:fe:
27:8a:18:0a:86:92:b5:12:cc:ae:cf:40:0a:2e:0a:
8e:e6:6f:4f:d3:18:4b:81:dc:c5:dc:0c:a1:33:30:
91:7c:f7:1c:5a:a9:6a:c0:ab:0a:31:cf:b2:16:31:
0a:a2:df:0d:e1:aa:1e:bd:5d:00:85:be:bc:ce:37:
2d:85:f1:96:b8:8d:63:53:2e:47:8d:84:b0:6b:09:
42:74:1e:f8:a3:99:2d:62:0a:f0:c4:66:cd:1c:53:
59:1d:34:85:36:7d:d6:9e:68:c2:41:07:d7:b7:b3:
b7:ab:72:d9:bf:e1:eb:0f:28:3a:69:bf:bc:08:4a:
f6:70:ce:14:05:95:03:d9:57:4f:16:31:95:3c:c7:
08:c3:e3:61:a1:34:40:dc:65:d6:f9:86:3c:19:f3:
c5:55:7c:0c:39:36:04:68:33:90:bf:f4:fa:a5:03:
8a:51:d6:04:f5:5c:f0:1d:ab:d3:4e:38:e2:4a:9e:
6d:54:af:aa:35:c5:0e:7e:18:4e:72:37:03:b8:40:
7f:44:82:28:fc:03:dd:37:10:d5:af:ef:3d:af:a3:
ef:b5:dc:da:30:d2:da:54:19:45:4d:09:93:05:68:
04:8e:1a:cb:f3:d8:95:25:02:6c:e0:cc:41:32:59:
1b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:6A:DE:D7:49:19:81:1A:35:B2:4C:55:A9:69:B2:AE:84:BF:95:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:a000::/40
Signature Algorithm: sha256WithRSAEncryption
01:25:92:b9:24:c3:40:e3:12:ca:9c:fe:a2:62:1f:41:be:eb:
74:7c:f4:c9:6e:58:7f:dc:e3:3c:81:5d:fb:7a:cc:81:e5:1b:
06:9b:a0:3d:16:92:1d:af:80:41:cb:86:f8:82:c7:ff:e8:a6:
7a:76:2e:c7:be:73:dd:0c:8f:46:41:04:fb:a8:d0:d5:3c:d4:
e2:28:11:c6:59:9e:ef:b8:77:71:89:bd:65:24:6e:76:a2:0a:
60:bf:4a:1d:b9:9a:d6:eb:6a:9c:a3:73:57:47:7b:2d:66:81:
9d:56:59:1b:68:34:91:b1:c7:e9:e9:df:f4:78:5d:9a:b1:4e:
f9:05:a1:bc:0b:cc:7d:76:82:ac:7d:50:a1:d7:bc:0f:d0:75:
ce:32:1c:35:48:38:e3:f8:19:b4:7c:af:0c:2c:95:cc:b9:b5:
03:d7:c0:1b:5b:47:42:f7:c0:bf:1e:9e:9a:ae:9f:36:83:85:
62:22:fd:6d:c9:f5:fb:d6:bf:a6:be:49:1f:a1:64:78:1e:21:
f6:32:b0:51:13:5e:ae:37:4d:4e:21:50:44:d9:67:90:02:89:
b4:3d:6d:00:e4:2e:b1:01:21:a7:6a:ee:00:63:56:df:df:63:
95:05:cb:b1:d7:f2:b8:4c:45:4b:e0:3c:ca:a5:51:8d:c6:71:
47:7e:cc:c8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFoets7+51cBVkzQcDJyY64O0GMgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTgxODMwMTZaFw0yNTA1MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlZmNjYTY5NDRmODJmNmY2MzBhYmQ3MTMzNGMxZTExZWI4MTY2YjllMWFl
YTUxNjIyOWIzNmNiYWZlZmFhZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8eWJVCu97yr2WRGov+J4oYCoaStRLMrs9ACi4KjuZvT9MYS4HcxdwMoTMw
kXz3HFqpasCrCjHPshYxCqLfDeGqHr1dAIW+vM43LYXxlriNY1MuR42EsGsJQnQe
+KOZLWIK8MRmzRxTWR00hTZ91p5owkEH17ezt6ty2b/h6w8oOmm/vAhK9nDOFAWV
A9lXTxYxlTzHCMPjYaE0QNxl1vmGPBnzxVV8DDk2BGgzkL/0+qUDilHWBPVc8B2r
00444kqebVSvqjXFDn4YTnI3A7hAf0SCKPwD3TcQ1a/vPa+j77Xc2jDS2lQZRU0J
kwVoBI4ay/PYlSUCbODMQTJZG00CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT3at7X
SRmBGjWyTFWpabKuhL+VdjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTYxNWZlYTMtMzgyNi00YzU5LTk1NzQtNzJmYjZjYzhmMmVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hag
MA0GCSqGSIb3DQEBCwUAA4IBAQABJZK5JMNA4xLKnP6iYh9Bvut0fPTJblh/3OM8
gV37esyB5RsGm6A9FpIdr4BBy4b4gsf/6KZ6di7HvnPdDI9GQQT7qNDVPNTiKBHG
WZ7vuHdxib1lJG52ogpgv0oduZrW62qco3NXR3stZoGdVlkbaDSRscfp6d/0eF2a
sU75BaG8C8x9doKsfVCh17wP0HXOMhw1SDjj+Bm0fK8MLJXMubUD18AbW0dC98C/
Hp6arp82g4ViIv1tyfX71r+mvkkfoWR4HiH2MrBRE16uN01OIVBE2WeQAom0PW0A
5C6xASGnau4AY1bf32OVBcux1/K4TEVL4DzKpVGNxnFHfszI
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:22 2025 by rpki-client