Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/002c315b-3412-464e-b865-645f657f136d.roa
File: 002c315b-3412-464e-b865-645f657f136d.roa (raw, json)
Hash identifier: so6cRh7qSwmiB0sTd3sCu4NQNnW95HSOkr97frPLOxI=
Subject key identifier: 27:F3:87:22:FE:70:D4:26:49:8C:17:D4:B8:CF:57:65:7E:44:6B:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6301AA337C584983D3E3159D262168D7F92B5E39
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/002c315b-3412-464e-b865-645f657f136d.roa
Signing time: Tue 15 Apr 2025 15:10:14 +0000
ROA not before: Tue 15 Apr 2025 15:10:14 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:01:aa:33:7c:58:49:83:d3:e3:15:9d:26:21:68:d7:f9:2b:5e:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:10:14 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=77e44f6b36c168bc417b9c1cc0ded9840836910b10cccdc0b01bfbcd3304fb73, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c5:26:9e:63:26:45:c0:50:5f:ae:c4:0c:a2:
ee:89:9f:e0:ae:1e:e7:bc:a8:a0:43:e6:49:0a:aa:
af:a2:7e:21:32:34:08:b3:20:25:05:99:51:b9:6f:
a7:11:7c:ee:3a:72:a8:cf:98:f4:00:c0:01:4b:53:
ee:a9:7b:0b:17:88:50:4c:13:82:d7:62:1a:8e:14:
eb:13:05:c8:d0:96:0f:51:17:4e:5d:c7:2d:a6:88:
08:24:96:10:10:04:e0:c0:01:3c:7e:44:7a:c6:0e:
5a:95:e6:ae:83:52:b7:7a:91:18:5b:d1:d0:21:b6:
52:95:25:9b:8b:0c:49:00:92:cb:1b:7a:fe:95:a5:
48:95:54:c8:b5:b8:52:98:07:dd:de:6b:37:70:69:
a2:0d:09:9d:7a:b1:8f:78:ce:d7:5f:2c:34:8d:71:
e4:d8:98:e1:74:44:e0:2e:8d:f3:5b:bc:13:1b:06:
a1:52:0c:9d:73:87:1f:ac:9b:1c:92:08:1f:3c:63:
cf:f2:0c:fe:a8:32:d7:c8:cc:b3:df:95:63:44:1b:
d0:ef:a7:a0:59:b0:77:cd:d5:ff:cc:ac:42:43:63:
55:19:c3:fa:4e:b9:fd:9f:84:2c:22:26:5e:84:61:
99:d0:44:af:34:85:4a:b9:fb:d3:a5:5a:39:8a:09:
8d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:F3:87:22:FE:70:D4:26:49:8C:17:D4:B8:CF:57:65:7E:44:6B:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/002c315b-3412-464e-b865-645f657f136d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079::/32
Signature Algorithm: sha256WithRSAEncryption
6c:da:8e:0f:c5:d6:d0:58:bd:55:5f:71:12:0d:8a:3f:2d:5f:
02:d1:04:aa:29:48:ad:c2:e5:e7:f0:90:8a:00:c6:af:4c:37:
ff:94:32:f1:0c:00:8b:7e:06:85:de:32:c3:8c:e6:2a:01:a9:
9d:7a:ac:4c:17:0e:ea:1b:2a:16:3c:b6:5a:78:19:16:41:0a:
ec:a6:e8:9e:05:be:4e:90:37:c2:ee:bc:43:e9:aa:c7:f0:d0:
3d:41:7c:06:66:23:96:56:9e:8a:11:c3:42:68:92:35:ad:c9:
a4:1d:fc:34:dd:3f:71:24:0c:03:91:4e:91:5f:f2:ac:ba:1a:
13:2e:98:41:e6:a3:d0:e1:aa:13:9c:e8:24:6d:06:af:c5:2a:
9b:96:24:39:75:39:88:37:3f:6e:11:d6:ac:22:84:0b:69:36:
f1:bf:35:d7:99:b9:05:45:99:11:46:ce:1e:9d:69:1b:65:0f:
3f:bf:7b:24:62:63:03:98:93:67:c3:53:11:48:da:86:ef:65:
0b:1c:eb:0c:55:b4:90:33:5c:c8:03:8f:57:21:d2:72:b2:1a:
5b:d7:99:f6:d6:59:28:81:e1:b9:7f:d1:cd:9a:a1:29:49:42:
ed:72:ae:72:73:72:a7:a7:0e:b2:81:97:9d:39:0c:98:fd:58:
c3:f0:eb:75
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUYwGqM3xYSYPT4xWdJiFo1/krXjkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTEwMTRaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3ZTQ0ZjZiMzZjMTY4YmM0MTdiOWMxY2MwZGVkOTg0MDgzNjkxMGIxMGNj
Y2RjMGIwMWJmYmNkMzMwNGZiNzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjFJp5jJkXAUF+uxAyi7omf4K4e57yooEPmSQqqr6J+ITI0CLMgJQWZUblv
pxF87jpyqM+Y9ADAAUtT7ql7CxeIUEwTgtdiGo4U6xMFyNCWD1EXTl3HLaaICCSW
EBAE4MABPH5EesYOWpXmroNSt3qRGFvR0CG2UpUlm4sMSQCSyxt6/pWlSJVUyLW4
UpgH3d5rN3Bpog0JnXqxj3jO118sNI1x5NiY4XRE4C6N81u8ExsGoVIMnXOHH6yb
HJIIHzxjz/IM/qgy18jMs9+VY0Qb0O+noFmwd83V/8ysQkNjVRnD+k65/Z+ELCIm
XoRhmdBErzSFSrn706VaOYoJja0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQn84ci
/nDUJkmMF9S4z1dlfkRrhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDAyYzMxNWItMzQxMi00NjRlLWI4NjUtNjQ1ZjY1N2YxMzZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hkw
DQYJKoZIhvcNAQELBQADggEBAGzajg/F1tBYvVVfcRINij8tXwLRBKopSK3C5efw
kIoAxq9MN/+UMvEMAIt+BoXeMsOM5ioBqZ16rEwXDuobKhY8tlp4GRZBCuym6J4F
vk6QN8LuvEPpqsfw0D1BfAZmI5ZWnooRw0JokjWtyaQd/DTdP3EkDAORTpFf8qy6
GhMumEHmo9DhqhOc6CRtBq/FKpuWJDl1OYg3P24R1qwihAtpNvG/NdeZuQVFmRFG
zh6daRtlDz+/eyRiYwOYk2fDUxFI2obvZQsc6wxVtJAzXMgDj1ch0nKyGlvXmfbW
WSiB4bl/0c2aoSlJQu1yrnJzcqenDrKBl505DJj9WMPw63U=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:45:15 2025 by rpki-client