Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
File: ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa (raw, json)
Hash identifier: SSldiv5nT79mJ6aC+fhU1FD9ONIRDcv4WO87mgQysvk=
Subject key identifier: 32:70:C1:19:11:87:6A:62:07:01:9C:34:18:D7:D1:3F:BA:C4:17:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A2964EA1B739945D8A7720F5068DE618CF2700F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
Signing time: Fri 11 Apr 2025 00:40:05 +0000
ROA not before: Fri 11 Apr 2025 00:40:05 +0000
ROA not after: Fri 16 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:29:64:ea:1b:73:99:45:d8:a7:72:0f:50:68:de:61:8c:f2:70:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 11 00:40:05 2025 GMT
Not After : May 16 23:59:59 2025 GMT
Subject: serialNumber=1c8cf8fc492e06ce882a2e2ffea3e39c96e31a8fa0f684d8a488c28243e98152, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:96:c6:df:70:57:1f:c3:14:70:0f:43:88:9b:
c0:c4:21:64:f2:d9:30:18:b6:9b:d2:80:1b:0e:fa:
12:c6:c4:d3:c8:9d:8c:a0:a4:7c:5f:65:f3:32:4b:
b0:38:af:4e:b6:1f:c7:93:d6:cd:85:12:49:18:3b:
44:91:dc:a6:3f:fb:b2:bd:cd:5b:60:1e:96:bc:aa:
be:bf:43:f1:e2:44:23:52:4b:ae:6d:e3:f7:13:fe:
c7:b1:fe:02:0b:c7:02:35:bb:e2:74:4a:bc:c3:cd:
4b:0b:0f:ec:8f:5e:cf:9f:cd:35:18:26:de:aa:d6:
d1:ab:3c:2e:ed:bd:a3:ad:80:89:fd:63:e3:d6:60:
97:64:a0:62:f9:b5:4a:49:98:73:24:77:67:56:23:
6d:64:78:49:b1:69:fd:af:c8:e6:26:90:a9:6d:9e:
54:7a:2e:2c:ab:1e:81:5c:06:af:f8:1b:b9:21:60:
5e:3a:a0:f3:b0:76:b7:a0:86:9f:d2:bc:5c:6f:25:
14:0b:0d:3e:c9:97:62:57:81:70:d4:77:11:9b:e4:
ff:17:3c:7a:40:69:fe:02:72:36:0c:8b:4f:b7:4b:
bb:87:e5:7d:66:1e:c6:a2:5a:f8:e6:7d:f7:eb:14:
4f:70:25:81:b1:c6:d3:3b:70:5f:f6:85:c0:c5:07:
01:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:70:C1:19:11:87:6A:62:07:01:9C:34:18:D7:D1:3F:BA:C4:17:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:4000::/40
Signature Algorithm: sha256WithRSAEncryption
8c:35:42:6e:34:72:03:3b:df:f4:1d:e2:48:ce:03:4f:a8:4c:
fb:35:cf:62:f7:3a:cd:14:ca:92:71:e2:14:86:7e:fa:11:ca:
c5:e9:a7:67:7c:1a:a6:f2:72:bf:5e:31:db:d5:64:7b:62:06:
f5:f3:5b:5a:f0:60:64:9e:68:a7:ea:bc:e6:29:1f:9f:88:a9:
d7:6e:aa:7c:73:77:d9:85:99:f0:e0:56:a4:06:4e:aa:26:52:
5c:1b:14:b9:b1:60:5f:62:68:d4:a6:69:4f:22:e0:98:cf:70:
47:b7:e7:52:33:71:15:bd:c8:de:f8:fe:ee:42:df:56:e9:49:
61:07:62:ab:53:16:a8:0a:a4:4a:ed:1a:69:09:cc:17:48:89:
38:c9:5c:5f:67:3e:b8:74:f4:05:be:88:ba:a2:26:80:bc:01:
23:c9:14:59:03:b7:cf:fe:b1:62:2e:c6:57:e8:ec:59:92:ad:
7d:ad:d4:80:47:3c:f4:bf:e1:cc:ee:3f:01:9d:4c:be:68:ad:
14:58:c1:c6:af:50:d3:44:ec:cf:4b:1b:ec:3a:d5:5d:69:2d:
80:90:b7:75:a5:2a:0d:fc:b2:1b:03:01:cb:9b:56:5e:d9:22:
d2:5e:82:45:0e:64:2d:83:e0:a3:2f:8d:f6:4e:7e:e7:28:06:
96:9e:1e:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCilk6htzmUXYp3IPUGjeYYzycA8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTEwMDQwMDVaFw0yNTA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjOGNmOGZjNDkyZTA2Y2U4ODJhMmUyZmZlYTNlMzljOTZlMzFhOGZhMGY2
ODRkOGE0ODhjMjgyNDNlOTgxNTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANyWxt9wVx/DFHAPQ4ibwMQhZPLZMBi2m9KAGw76EsbE08idjKCkfF9l8zJL
sDivTrYfx5PWzYUSSRg7RJHcpj/7sr3NW2Aelryqvr9D8eJEI1JLrm3j9xP+x7H+
AgvHAjW74nRKvMPNSwsP7I9ez5/NNRgm3qrW0as8Lu29o62Aif1j49Zgl2SgYvm1
SkmYcyR3Z1YjbWR4SbFp/a/I5iaQqW2eVHouLKsegVwGr/gbuSFgXjqg87B2t6CG
n9K8XG8lFAsNPsmXYleBcNR3EZvk/xc8ekBp/gJyNgyLT7dLu4flfWYexqJa+OZ9
9+sUT3AlgbHG0ztwX/aFwMUHAcUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQycMEZ
EYdqYgcBnDQY19E/usQXITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWRlNTIwMGUtNTVjOC00YTg5LTljY2YtY2Y0NjVjNmRkYjUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJA
MA0GCSqGSIb3DQEBCwUAA4IBAQCMNUJuNHIDO9/0HeJIzgNPqEz7Nc9i9zrNFMqS
ceIUhn76EcrF6adnfBqm8nK/XjHb1WR7Ygb181ta8GBknmin6rzmKR+fiKnXbqp8
c3fZhZnw4FakBk6qJlJcGxS5sWBfYmjUpmlPIuCYz3BHt+dSM3EVvcje+P7uQt9W
6UlhB2KrUxaoCqRK7RppCcwXSIk4yVxfZz64dPQFvoi6oiaAvAEjyRRZA7fP/rFi
LsZX6OxZkq19rdSARzz0v+HM7j8BnUy+aK0UWMHGr1DTROzPSxvsOtVdaS2AkLd1
pSoN/LIbAwHLm1Ze2SLSXoJFDmQtg+CjL432Tn7nKAaWnh7+
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:27 2025 by rpki-client