Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
File: e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa (raw, json)
Hash identifier: gSNE+nlbmCe6yZb+CY26uukfIg25bUtVFGQJRuBO4Tw=
Subject key identifier: 87:07:FD:DE:82:C5:BD:C8:7B:CC:D8:0F:AB:B4:80:51:E6:CD:8C:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13DC95D1E0AC2B5423D74FCDE967F89124CAF5FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
Signing time: Tue 15 Apr 2025 15:00:08 +0000
ROA not before: Tue 15 Apr 2025 15:00:08 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:6000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:dc:95:d1:e0:ac:2b:54:23:d7:4f:cd:e9:67:f8:91:24:ca:f5:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:00:08 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=29162a3e93d173e3629ccdbce2a0bc435266e341c0992469de576c78d7764fef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3e:aa:b9:62:e0:13:b3:87:c1:9b:b3:da:3d:
20:d2:e4:9a:7f:9f:49:f4:cd:fd:13:05:58:83:2f:
73:5b:b0:d0:88:3e:d1:ce:c3:54:9c:ac:09:ec:59:
81:1d:f3:cf:c9:3a:d9:6a:88:a0:1f:a2:d4:a5:ad:
ca:b2:98:15:d0:4a:d5:86:d0:a7:68:8f:6a:33:56:
ba:e2:c7:89:71:bd:59:e5:2c:d3:6b:50:d4:20:b1:
91:59:4f:f9:b4:2a:2d:ae:5b:73:ca:7a:e8:ac:cf:
e1:50:be:96:1d:8c:8b:bc:da:21:05:31:02:a3:3e:
13:93:bf:1d:37:c2:e4:ac:0f:14:f2:20:fd:7b:72:
52:1f:92:23:97:55:6f:b4:5f:b2:de:2c:e0:29:72:
85:cd:30:38:ea:d1:31:d4:76:e4:d6:5e:41:9c:e8:
e6:e0:c1:24:79:24:a5:b7:cb:0d:b7:06:1a:9c:ff:
80:b1:2a:63:91:da:a1:ec:de:0e:4e:ae:f5:7f:14:
cf:ef:ed:95:3f:7b:1b:bd:0f:2b:fd:40:2a:48:0a:
c7:f3:8e:ef:f7:38:6f:01:b8:d4:7d:9c:7d:5a:18:
b8:a5:97:53:b4:72:63:69:97:dc:b1:55:e1:6e:65:
21:45:29:73:2e:c2:1c:d1:ea:60:36:82:9e:4a:76:
59:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:07:FD:DE:82:C5:BD:C8:7B:CC:D8:0F:AB:B4:80:51:E6:CD:8C:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:6000::/48
Signature Algorithm: sha256WithRSAEncryption
16:7b:8a:26:7b:92:97:68:e4:6c:df:a1:94:e3:31:36:13:f0:
b8:63:77:f0:bf:5a:0e:30:1e:3c:64:4d:b3:45:2f:49:69:81:
bd:bd:1b:5a:34:66:16:64:ec:c2:7d:ff:50:bb:cf:1f:64:ff:
e2:ab:0c:79:df:f9:4b:5e:37:89:51:b2:ad:4b:05:0e:45:c1:
ac:1b:0d:a0:08:5f:ea:ef:31:85:08:7c:eb:63:44:b1:d5:4e:
4a:19:1a:69:91:08:2b:c1:4a:8f:7f:2b:b7:99:fe:25:6a:8f:
cb:c9:38:1a:33:b9:51:f4:2b:09:33:9f:77:16:0e:41:27:77:
e9:63:dc:08:d7:77:c7:2e:98:15:05:da:fa:68:10:fa:92:c5:
86:59:9e:55:21:c6:69:62:6a:0a:f2:4e:06:b4:b9:54:e9:f0:
74:18:57:cd:b3:08:d8:1f:ab:cb:24:52:6d:d5:f5:f9:6d:34:
64:0a:4d:74:4f:95:8d:2b:26:ae:e5:33:45:97:0e:4b:5f:0a:
c3:c4:43:2a:04:93:95:be:92:ab:0e:61:23:8d:70:87:42:77:
2c:36:77:56:97:96:ce:43:58:8c:85:c8:62:69:12:e4:f5:ad:
35:a6:c3:28:87:b4:ff:57:55:c0:5d:e1:a0:3e:e4:91:66:10:
83:36:68:d5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUE9yV0eCsK1Qj10/N6Wf4kSTK9f4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAwMDhaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5MTYyYTNlOTNkMTczZTM2MjljY2RiY2UyYTBiYzQzNTI2NmUzNDFjMDk5
MjQ2OWRlNTc2Yzc4ZDc3NjRmZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJQ+qrli4BOzh8Gbs9o9INLkmn+fSfTN/RMFWIMvc1uw0Ig+0c7DVJysCexZ
gR3zz8k62WqIoB+i1KWtyrKYFdBK1YbQp2iPajNWuuLHiXG9WeUs02tQ1CCxkVlP
+bQqLa5bc8p66KzP4VC+lh2Mi7zaIQUxAqM+E5O/HTfC5KwPFPIg/XtyUh+SI5dV
b7Rfst4s4Clyhc0wOOrRMdR25NZeQZzo5uDBJHkkpbfLDbcGGpz/gLEqY5Haoeze
Dk6u9X8Uz+/tlT97G70PK/1AKkgKx/OO7/c4bwG41H2cfVoYuKWXU7RyY2mX3LFV
4W5lIUUpcy7CHNHqYDaCnkp2WVECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSHB/3e
gsW9yHvM2A+rtIBR5s2MRDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTliMjRhZDEtMDY5Yi00OTE2LTlkMzMtMzFhZDY5MzdmYjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZg
ADANBgkqhkiG9w0BAQsFAAOCAQEAFnuKJnuSl2jkbN+hlOMxNhPwuGN38L9aDjAe
PGRNs0UvSWmBvb0bWjRmFmTswn3/ULvPH2T/4qsMed/5S143iVGyrUsFDkXBrBsN
oAhf6u8xhQh862NEsdVOShkaaZEIK8FKj38rt5n+JWqPy8k4GjO5UfQrCTOfdxYO
QSd36WPcCNd3xy6YFQXa+mgQ+pLFhlmeVSHGaWJqCvJOBrS5VOnwdBhXzbMI2B+r
yyRSbdX1+W00ZApNdE+VjSsmruUzRZcOS18Kw8RDKgSTlb6Sqw5hI41wh0J3LDZ3
VpeWzkNYjIXIYmkS5PWtNabDKIe0/1dVwF3hoD7kkWYQgzZo1Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:36 2025 by rpki-client