Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b67c662a-6e73-47c9-9455-74ad9ce3cdb3.roa
File: b67c662a-6e73-47c9-9455-74ad9ce3cdb3.roa (raw, json)
Hash identifier: q5xrB8UxVclF3X22zw+N8rA05zxOxllKHlu4z7FCJHQ=
Subject key identifier: 84:36:8A:3C:6D:1C:66:D7:95:46:A5:D8:4C:CE:97:F2:74:D9:86:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 166F8C2CC0C75953B126B58EF9DF9421731A0B96
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b67c662a-6e73-47c9-9455-74ad9ce3cdb3.roa
Signing time: Sat 25 Jan 2025 00:00:00 +0000
ROA not before: Sat 25 Jan 2025 00:00:00 +0000
ROA not after: Sat 01 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:6f:8c:2c:c0:c7:59:53:b1:26:b5:8e:f9:df:94:21:73:1a:0b:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 25 00:00:00 2025 GMT
Not After : Mar 1 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:dd:21:56:49:f4:2d:80:39:ff:96:a7:3f:80:
3e:21:49:34:af:15:ca:24:bc:76:ad:95:fb:76:89:
22:73:bc:17:f1:7d:68:31:1c:89:e5:9f:dc:43:c8:
18:16:8a:b2:40:3b:a7:1c:55:99:86:94:05:50:a2:
88:02:d1:fc:da:c8:54:73:43:10:b5:92:6f:50:35:
dd:47:22:12:dd:60:3e:e9:c4:8b:1d:5a:2b:60:2b:
cc:48:0c:f8:b9:6b:e0:7d:28:eb:31:ed:25:54:3e:
c9:17:5b:b2:a8:35:e7:4d:96:82:b9:90:5f:2c:1c:
67:bc:c1:d4:fc:cf:59:55:13:ac:8f:95:9d:ec:24:
1e:16:da:36:42:dc:1e:10:f7:cf:b5:3d:19:87:3b:
28:9c:c1:97:83:a1:63:75:91:00:65:d6:43:36:7c:
31:11:30:a5:aa:8c:4b:8b:8a:53:ae:18:01:e9:a6:
58:5b:4e:51:45:93:74:f9:9f:d0:e0:39:d3:56:16:
6f:21:c1:19:fa:a1:a5:ed:2a:e0:1b:90:8f:e8:e3:
56:eb:b0:e3:ec:93:8d:36:0a:c3:20:ea:44:4d:ec:
5b:49:49:3d:88:ef:bb:71:4b:f8:e8:d0:20:5e:e6:
92:53:9c:90:0d:82:d0:8c:1c:32:4f:43:10:51:95:
f1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:36:8A:3C:6D:1C:66:D7:95:46:A5:D8:4C:CE:97:F2:74:D9:86:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b67c662a-6e73-47c9-9455-74ad9ce3cdb3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:8000::/40
Signature Algorithm: sha256WithRSAEncryption
02:c0:4c:24:e0:88:e9:b7:1e:5d:b8:6e:79:65:62:d7:2f:21:
1a:90:b4:5a:2b:6f:70:dd:61:9e:8a:1d:07:0b:2b:c9:14:bb:
4c:15:52:28:89:8a:89:56:eb:b2:f6:9d:99:b0:17:9e:ec:bb:
3b:7d:1f:2b:18:b8:4d:9e:8c:45:ad:6c:21:25:f7:24:04:1d:
be:b1:48:f5:95:f9:86:03:ba:52:3b:48:55:c2:6b:64:6a:aa:
0a:66:07:8e:28:22:c2:8a:0f:8e:dd:65:74:28:db:09:bb:2f:
86:96:16:bf:46:f8:42:c5:54:f1:31:fe:e9:22:f8:ed:8e:ea:
69:96:37:9c:a3:99:8a:d6:2a:2f:42:5f:ea:f4:6b:8e:2e:f2:
a8:8d:86:f2:1e:2b:09:9e:c7:ce:a8:19:e9:7e:76:3f:9e:e8:
93:02:be:ab:c6:aa:6d:5d:9f:2e:20:ce:4b:85:ed:2e:8a:a3:
5d:1e:c3:4d:84:25:72:36:46:4f:64:d8:6d:d4:1a:40:63:55:
ad:44:09:e6:fc:f1:e2:3a:1e:14:d2:8d:84:b3:8d:6a:e4:d7:
97:e5:64:c2:54:c9:bd:b0:d7:58:71:70:59:32:41:02:c5:84:
2b:17:10:a6:2b:21:6e:3d:68:f4:f8:79:e5:4b:d5:58:4b:83:
a5:49:05:38
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFm+MLMDHWVOxJrWO+d+UIXMaC5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjUwMDAwMDBaFw0yNTAzMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyZGJiYWU4ZGRlZTQ5YWQ5NWIzNmY5OTBkMzc4NjJhMmM3ZGU4ZWY2NDUx
MjU4MjY2NDUzYThkZjVkYWFjMmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOjdIVZJ9C2AOf+Wpz+APiFJNK8VyiS8dq2V+3aJInO8F/F9aDEcieWf3EPI
GBaKskA7pxxVmYaUBVCiiALR/NrIVHNDELWSb1A13UciEt1gPunEix1aK2ArzEgM
+Llr4H0o6zHtJVQ+yRdbsqg1502WgrmQXywcZ7zB1PzPWVUTrI+VnewkHhbaNkLc
HhD3z7U9GYc7KJzBl4OhY3WRAGXWQzZ8MREwpaqMS4uKU64YAemmWFtOUUWTdPmf
0OA501YWbyHBGfqhpe0q4BuQj+jjVuuw4+yTjTYKwyDqRE3sW0lJPYjvu3FL+OjQ
IF7mklOckA2C0IwcMk9DEFGV8V0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSENoo8
bRxm15VGpdhMzpfydNmG0DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjY3YzY2MmEtNmU3My00N2M5LTk0NTUtNzRhZDljZTNjZGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKA
MA0GCSqGSIb3DQEBCwUAA4IBAQACwEwk4Ijptx5duG55ZWLXLyEakLRaK29w3WGe
ih0HCyvJFLtMFVIoiYqJVuuy9p2ZsBee7Ls7fR8rGLhNnoxFrWwhJfckBB2+sUj1
lfmGA7pSO0hVwmtkaqoKZgeOKCLCig+O3WV0KNsJuy+Glha/RvhCxVTxMf7pIvjt
juppljeco5mK1iovQl/q9GuOLvKojYbyHisJnsfOqBnpfnY/nuiTAr6rxqptXZ8u
IM5Lhe0uiqNdHsNNhCVyNkZPZNht1BpAY1WtRAnm/PHiOh4U0o2Es41q5NeX5WTC
VMm9sNdYcXBZMkECxYQrFxCmKyFuPWj0+HnlS9VYS4OlSQU4
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:31:14 2025 by rpki-client