Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
File: 68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa (raw, json)
Hash identifier: 4vy85KkSzTaKrQTkDT6UUT4sUiNEwEEB2xVfFbALmek=
Subject key identifier: 94:9F:5C:66:E2:BC:A2:CE:2B:2E:FC:01:08:B8:26:12:9C:58:C2:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 404BAB9C4350FA49D9A5F7423C15EC2050A71EAF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
Signing time: Mon 31 Mar 2025 20:51:39 +0000
ROA not before: Mon 31 Mar 2025 20:51:39 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:4b:ab:9c:43:50:fa:49:d9:a5:f7:42:3c:15:ec:20:50:a7:1e:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:51:39 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=6f58b3b5eba6a3287b5bf5b39c0dec702c5f935223b4cd08f50f9e2fa9682d6a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3a:76:75:71:4c:42:4b:6d:d0:a9:0b:4d:1d:
8b:61:70:98:a0:ae:14:f3:cd:e6:da:6e:4e:55:0d:
d1:ce:55:f8:c4:c0:23:60:d1:72:ab:47:45:5e:86:
75:e7:4f:a8:11:98:44:10:a8:af:00:bd:72:78:d6:
12:5a:8b:31:bb:36:ee:94:59:c2:2a:87:a2:99:28:
3d:1b:98:f3:f2:91:99:92:1b:97:00:1d:aa:72:6a:
21:3a:2f:bf:eb:84:8e:85:e0:2e:45:c4:d2:77:29:
0e:f6:cd:af:25:f4:86:10:f9:17:83:d1:67:d6:be:
04:5e:ec:3e:4b:4e:62:96:f8:ca:8f:25:09:fd:b7:
2c:a0:30:bc:5d:4a:bf:15:c9:fe:36:ff:47:aa:86:
e1:e9:15:64:78:0f:30:fc:fe:bf:50:bb:0d:b5:87:
35:34:bb:06:e2:0b:5c:93:fb:38:55:9e:f6:c8:81:
fc:7f:6b:6e:ad:c6:39:61:33:cf:15:7c:01:d4:c4:
fb:d6:d7:b7:d2:31:ad:6d:16:3c:b1:d9:7e:b2:9e:
53:ee:1f:d0:c3:fb:4f:7b:3e:c2:83:11:27:c5:85:
fd:9e:0b:68:75:3c:5d:08:fc:ef:e0:62:f9:86:37:
b7:1c:4c:6d:7e:62:c2:75:d7:b0:cc:69:9c:8e:d4:
c1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:9F:5C:66:E2:BC:A2:CE:2B:2E:FC:01:08:B8:26:12:9C:58:C2:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:a000::/40
Signature Algorithm: sha256WithRSAEncryption
1c:b1:3e:93:a7:fa:06:cc:bb:b3:98:47:cb:e9:9c:11:37:3e:
34:06:23:68:74:37:79:bc:62:38:07:2e:97:1b:ee:fa:8c:90:
eb:e7:72:ab:ed:09:ce:7b:e1:13:e9:6b:63:d9:52:90:a8:73:
07:f5:3c:f1:6f:44:70:66:64:d7:c0:16:e5:54:e4:23:0a:ec:
c7:2c:b9:b5:c1:5b:b6:09:d8:45:0e:0e:4d:9b:9f:73:05:7c:
fc:3a:f9:10:4f:8e:be:c1:2d:8d:74:89:70:ff:c0:41:bd:62:
19:2e:39:31:9d:00:10:f9:f9:ba:49:4f:9f:1f:a1:d2:b1:0f:
ff:b2:20:b8:f0:43:0e:d3:b4:fd:13:78:1f:68:f3:d6:89:84:
f9:a1:d3:ab:a4:83:1f:5d:f0:9d:9e:ef:39:56:78:6d:2f:31:
2e:c3:0c:ab:19:22:97:eb:3b:28:19:cd:3a:85:10:e0:7d:50:
38:b8:1b:de:66:cf:03:b7:c4:b6:0a:8b:77:55:1e:e7:8f:19:
0c:38:9a:92:05:13:fa:da:d2:37:2a:ee:27:a6:ec:2f:f8:2f:
16:79:40:60:8e:ef:f9:89:48:16:41:7a:51:6e:db:7c:ae:a4:
ea:b8:a6:98:36:29:da:64:98:17:d8:6e:6d:ff:13:a5:ff:64:
23:03:84:cc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQEurnENQ+knZpfdCPBXsIFCnHq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDUxMzlaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmNThiM2I1ZWJhNmEzMjg3YjViZjViMzljMGRlYzcwMmM1ZjkzNTIyM2I0
Y2QwOGY1MGY5ZTJmYTk2ODJkNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANM6dnVxTEJLbdCpC00di2FwmKCuFPPN5tpuTlUN0c5V+MTAI2DRcqtHRV6G
dedPqBGYRBCorwC9cnjWElqLMbs27pRZwiqHopkoPRuY8/KRmZIblwAdqnJqITov
v+uEjoXgLkXE0ncpDvbNryX0hhD5F4PRZ9a+BF7sPktOYpb4yo8lCf23LKAwvF1K
vxXJ/jb/R6qG4ekVZHgPMPz+v1C7DbWHNTS7BuILXJP7OFWe9siB/H9rbq3GOWEz
zxV8AdTE+9bXt9IxrW0WPLHZfrKeU+4f0MP7T3s+woMRJ8WF/Z4LaHU8XQj87+Bi
+YY3txxMbX5iwnXXsMxpnI7UwUECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSUn1xm
4ryizisu/AEIuCYSnFjC9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhkNWQ5MzQtZmVkNi00OWE1LWFlMDMtYTI4YTU4NmU5YzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fig
MA0GCSqGSIb3DQEBCwUAA4IBAQAcsT6Tp/oGzLuzmEfL6ZwRNz40BiNodDd5vGI4
By6XG+76jJDr53Kr7QnOe+ET6Wtj2VKQqHMH9Tzxb0RwZmTXwBblVOQjCuzHLLm1
wVu2CdhFDg5Nm59zBXz8OvkQT46+wS2NdIlw/8BBvWIZLjkxnQAQ+fm6SU+fH6HS
sQ//siC48EMO07T9E3gfaPPWiYT5odOrpIMfXfCdnu85VnhtLzEuwwyrGSKX6zso
Gc06hRDgfVA4uBveZs8Dt8S2Cot3VR7njxkMOJqSBRP62tI3Ku4npuwv+C8WeUBg
ju/5iUgWQXpRbtt8rqTquKaYNinaZJgX2G5t/xOl/2QjA4TM
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:19 2025 by rpki-client