Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96fe570a-1746-48fc-bd00-83c97ad1cbac.roa
File: 96fe570a-1746-48fc-bd00-83c97ad1cbac.roa (raw, json)
Hash identifier: cS8yR9KH/pD8/E3dD8J4MbMKQFMKQijyQUFFGa9v2nY=
Subject key identifier: DD:7D:7A:AD:3B:23:E0:50:16:56:7A:EF:3D:88:71:1D:70:81:EE:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 492B739DC7A6FD12FFF332CF68978E11A3F2FE02
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96fe570a-1746-48fc-bd00-83c97ad1cbac.roa
Signing time: Thu 22 May 2025 01:37:02 +0000
ROA not before: Thu 22 May 2025 01:37:02 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:2b:73:9d:c7:a6:fd:12:ff:f3:32:cf:68:97:8e:11:a3:f2:fe:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:37:02 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=aa057ae9930eaca5fd51277cf0931f0d7360f02cd738017cedfb316a79061323, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5d:b7:59:4a:81:75:80:c9:58:3c:12:38:cc:
cc:30:81:6d:b1:4c:23:a1:ec:84:e3:24:f1:ea:0a:
3e:67:43:5e:49:e2:93:cc:e7:a5:df:9c:e9:6c:63:
75:44:10:f7:69:85:6b:a9:2c:ea:0b:9a:a7:bd:e9:
cc:a0:6b:ef:78:d2:5f:86:c9:6b:6a:0c:0c:88:9d:
22:aa:f9:b3:eb:ce:78:58:02:56:87:1c:0d:c2:f4:
d5:41:42:6b:e9:7d:a7:17:38:3b:c0:23:c9:7c:71:
30:ce:f7:13:9e:d7:13:ff:62:5d:6f:91:c7:90:55:
40:e7:2c:3b:02:e3:9d:2a:39:18:70:88:88:e0:21:
de:b4:87:4c:6a:69:c5:4c:cc:3f:06:e8:a2:c2:8c:
05:00:5b:ca:4d:e8:5b:c4:3b:50:fd:b2:26:6f:74:
c2:41:39:64:52:e8:d8:e3:2e:dc:39:4a:ba:ff:fc:
17:6b:be:ae:20:92:b7:22:c2:b7:64:dd:87:46:b3:
78:02:e1:d3:f5:5c:01:69:54:9e:28:ec:4c:9b:dc:
e7:38:a4:42:a2:70:42:f7:84:4a:48:ca:c5:f0:d7:
6a:f1:ec:16:c5:90:d0:40:63:4f:6b:42:31:89:bb:
3c:48:05:e0:a6:5f:8b:da:c6:ec:d3:19:e5:41:03:
35:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7D:7A:AD:3B:23:E0:50:16:56:7A:EF:3D:88:71:1D:70:81:EE:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96fe570a-1746-48fc-bd00-83c97ad1cbac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:e000::/40
Signature Algorithm: sha256WithRSAEncryption
0f:d4:fd:68:c1:79:1c:76:6d:53:3c:fc:56:2d:4e:8b:89:bd:
7d:bc:bc:26:b2:0b:60:8f:5c:43:99:67:5f:9d:83:78:81:64:
4b:33:74:21:fe:e2:00:0c:98:7b:8d:b8:ab:79:ab:bb:c0:74:
f9:8c:30:b3:32:04:b0:a6:56:b2:67:eb:0e:9e:1f:d9:45:ba:
ba:5d:c0:ec:35:57:ee:f0:56:2b:7b:e9:6d:5f:bd:21:0a:f3:
54:38:20:f5:38:79:3c:2f:23:1d:01:9c:8a:20:e2:d9:e4:b5:
28:b1:10:91:2a:df:6a:ef:e3:fe:b4:4d:33:84:61:18:18:27:
ba:a1:82:85:58:eb:14:a9:a2:65:86:c5:ab:0b:f5:50:fc:cb:
c6:23:51:0b:ef:34:d0:fa:df:b6:53:43:71:2e:37:94:12:7c:
a8:83:4c:8f:20:d5:00:89:4d:09:7d:02:85:38:01:ec:0a:d4:
b7:9e:05:72:6f:7f:bc:d1:2e:19:bb:26:c6:90:8e:da:03:62:
10:8b:c2:d5:40:67:78:ba:70:3c:63:9f:bd:b3:01:d0:36:81:
e3:74:b4:01:75:a9:2a:f9:2a:9d:8d:ab:97:3b:61:3d:5d:3c:
25:1b:1b:89:e1:8e:a1:78:07:a1:05:e4:9c:96:99:2a:cc:e7:
4d:16:b5:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSStzncem/RL/8zLPaJeOEaPy/gIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTM3MDJaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhMDU3YWU5OTMwZWFjYTVmZDUxMjc3Y2YwOTMxZjBkNzM2MGYwMmNkNzM4
MDE3Y2VkZmIzMTZhNzkwNjEzMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhdt1lKgXWAyVg8EjjMzDCBbbFMI6HshOMk8eoKPmdDXknik8znpd+c6Wxj
dUQQ92mFa6ks6guap73pzKBr73jSX4bJa2oMDIidIqr5s+vOeFgCVoccDcL01UFC
a+l9pxc4O8AjyXxxMM73E57XE/9iXW+Rx5BVQOcsOwLjnSo5GHCIiOAh3rSHTGpp
xUzMPwboosKMBQBbyk3oW8Q7UP2yJm90wkE5ZFLo2OMu3DlKuv/8F2u+riCStyLC
t2Tdh0azeALh0/VcAWlUnijsTJvc5zikQqJwQveESkjKxfDXavHsFsWQ0EBjT2tC
MYm7PEgF4KZfi9rG7NMZ5UEDNUkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTdfXqt
OyPgUBZWeu89iHEdcIHuTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTZmZTU3MGEtMTc0Ni00OGZjLWJkMDAtODNjOTdhZDFjYmFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fng
MA0GCSqGSIb3DQEBCwUAA4IBAQAP1P1owXkcdm1TPPxWLU6Lib19vLwmsgtgj1xD
mWdfnYN4gWRLM3Qh/uIADJh7jbireau7wHT5jDCzMgSwplayZ+sOnh/ZRbq6XcDs
NVfu8FYre+ltX70hCvNUOCD1OHk8LyMdAZyKIOLZ5LUosRCRKt9q7+P+tE0zhGEY
GCe6oYKFWOsUqaJlhsWrC/VQ/MvGI1EL7zTQ+t+2U0NxLjeUEnyog0yPINUAiU0J
fQKFOAHsCtS3ngVyb3+80S4ZuybGkI7aA2IQi8LVQGd4unA8Y5+9swHQNoHjdLQB
dakq+SqdjauXO2E9XTwlGxuJ4Y6heAehBeSclpkqzOdNFrV0
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:49 2025 by rpki-client