Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
File: fec4786d-f73f-4e64-99a3-0377bdf5c566.roa (raw, json)
Hash identifier: S25ZysPpjsCrpEDMQNqq6VVQrxp6oq/YlNnrvmdbbE8=
Subject key identifier: 1E:AD:A4:31:28:C6:94:7F:FF:F7:B8:5A:82:53:08:24:99:EA:49:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 417018A2421777AECFCAE148470770248810BF12
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
Signing time: Mon 31 Mar 2025 21:20:53 +0000
ROA not before: Mon 31 Mar 2025 21:20:53 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02e::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:70:18:a2:42:17:77:ae:cf:ca:e1:48:47:07:70:24:88:10:bf:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:20:53 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=b5a9f837703a87dfc68b6b3fb19326f5b73eaeb5c385ee76d0f8f0451d92e795, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:76:0f:f1:d5:a7:70:e0:f0:44:5f:3d:08:50:
b5:82:1a:ee:ee:5e:1a:7e:a4:7b:6d:22:92:ee:6d:
66:88:fa:64:f7:42:ae:6a:87:2c:f6:03:34:5c:24:
1e:12:30:94:16:6d:52:61:42:d3:9c:f0:71:4d:d6:
c6:43:96:4b:7a:d7:a4:66:96:ef:e5:cd:26:39:3b:
43:06:cd:7c:aa:a3:85:4c:a2:25:ad:9c:9c:bd:b6:
df:a4:23:11:fa:0d:56:d2:20:0e:7b:bc:82:0e:a9:
ab:dd:27:53:62:62:9c:1a:e7:56:15:9d:61:9d:5b:
35:21:54:70:74:c9:2f:b9:11:d2:e3:89:31:f4:c4:
4e:f2:a3:49:f7:7d:ac:69:c5:d7:8f:cb:f1:ce:cc:
86:92:42:a0:f1:1c:df:4a:84:36:39:69:6e:07:36:
5c:bd:be:08:b3:f3:b6:54:1d:29:de:d6:51:57:80:
9b:2b:c6:e1:12:7b:34:a8:91:44:41:20:2a:9b:bc:
3e:9b:74:7b:22:a3:7a:96:8f:ee:d7:a5:7a:c3:e9:
ba:ee:b7:24:69:a2:5e:3c:5d:ac:45:dd:5d:9a:64:
10:0d:7c:c4:d3:38:3e:5a:ca:a3:b3:2f:86:7d:e6:
64:c5:25:20:82:3b:1a:9d:08:b2:1f:75:11:44:cd:
99:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AD:A4:31:28:C6:94:7F:FF:F7:B8:5A:82:53:08:24:99:EA:49:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02e::/36
Signature Algorithm: sha256WithRSAEncryption
32:6c:9d:b9:09:79:60:36:ae:2e:3a:5d:ca:a8:d4:83:e2:81:
b6:33:d3:88:06:c3:0f:61:90:ab:b2:74:bb:cd:fa:05:f3:b4:
05:1b:9b:ea:9f:26:b9:e2:37:8e:aa:78:21:d3:8a:32:98:c6:
5e:41:9b:f7:ca:b0:e6:30:02:26:71:32:1b:c1:16:23:d3:5d:
68:e1:15:6d:48:0f:77:d7:e3:15:03:a9:b6:1f:eb:97:9a:aa:
72:0a:45:63:39:79:65:84:22:e4:1a:f4:39:c6:3c:de:a9:d3:
89:49:bd:ac:90:cb:f2:82:fc:5f:85:dd:e1:74:6f:45:85:16:
ec:00:84:45:f9:fe:ab:03:54:1a:ee:fe:1e:bb:a2:e4:70:68:
cb:83:2c:0d:14:bb:9a:a4:94:c4:96:b5:99:58:9d:61:5f:a9:
67:24:41:4f:4a:b4:b9:b0:89:b7:18:16:32:b6:a8:33:5b:3a:
b0:25:98:f1:a1:f1:a1:d2:f2:cc:7f:a2:6a:ad:86:6b:42:4b:
f6:c4:5c:d4:17:3c:73:5b:17:2a:d0:34:7a:a0:81:6f:a2:38:
38:e9:aa:88:16:09:db:98:4d:6d:5f:c6:36:2a:57:cb:30:c6:
9e:a8:0d:94:fd:3d:74:50:77:63:9b:bf:b1:9d:54:b1:ea:5d:
9e:62:6d:6b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQXAYokIXd67PyuFIRwdwJIgQvxIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTIwNTNaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1YTlmODM3NzAzYTg3ZGZjNjhiNmIzZmIxOTMyNmY1YjczZWFlYjVjMzg1
ZWU3NmQwZjhmMDQ1MWQ5MmU3OTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJd2D/HVp3Dg8ERfPQhQtYIa7u5eGn6ke20iku5tZoj6ZPdCrmqHLPYDNFwk
HhIwlBZtUmFC05zwcU3WxkOWS3rXpGaW7+XNJjk7QwbNfKqjhUyiJa2cnL2236Qj
EfoNVtIgDnu8gg6pq90nU2JinBrnVhWdYZ1bNSFUcHTJL7kR0uOJMfTETvKjSfd9
rGnF14/L8c7MhpJCoPEc30qENjlpbgc2XL2+CLPztlQdKd7WUVeAmyvG4RJ7NKiR
REEgKpu8Ppt0eyKjepaP7telesPpuu63JGmiXjxdrEXdXZpkEA18xNM4PlrKo7Mv
hn3mZMUlIII7Gp0Ish91EUTNmfUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQeraQx
KMaUf//3uFqCUwgkmepJnTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmVjNDc4NmQtZjczZi00ZTY0LTk5YTMtMDM3N2JkZjVjNTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C4A
MA0GCSqGSIb3DQEBCwUAA4IBAQAybJ25CXlgNq4uOl3KqNSD4oG2M9OIBsMPYZCr
snS7zfoF87QFG5vqnya54jeOqngh04oymMZeQZv3yrDmMAImcTIbwRYj011o4RVt
SA931+MVA6m2H+uXmqpyCkVjOXllhCLkGvQ5xjzeqdOJSb2skMvygvxfhd3hdG9F
hRbsAIRF+f6rA1Qa7v4eu6LkcGjLgywNFLuapJTElrWZWJ1hX6lnJEFPSrS5sIm3
GBYytqgzWzqwJZjxofGh0vLMf6JqrYZrQkv2xFzUFzxzWxcq0DR6oIFvojg46aqI
FgnbmE1tX8Y2KlfLMMaeqA2U/T10UHdjm7+xnVSx6l2eYm1r
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:06:19 2025 by rpki-client