Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
File: 0e68fbde-eead-4e29-b902-4eed053693ac.roa (raw, json)
Hash identifier: IzeuZqGaIsgpfNjKc3Tc88qQ6mngV+V+Y3MJTtxlcXM=
Subject key identifier: 2B:21:FD:52:03:9B:66:27:92:0C:BA:47:9F:75:AF:AE:E3:89:BE:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C31A6BB1B9A53B42620E00B1FD843D1B81C7EB7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
Signing time: Tue 20 May 2025 20:30:17 +0000
ROA not before: Tue 20 May 2025 20:30:17 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:31:a6:bb:1b:9a:53:b4:26:20:e0:0b:1f:d8:43:d1:b8:1c:7e:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:30:17 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ff308a8ae9dbd55cfbf8dbaa307780670a5b9bac9ea5ff8bbf0d5061d1a4ad84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:73:8b:31:86:4a:38:36:1d:8b:f2:80:2a:38:
b7:c7:c1:39:d3:cb:d9:98:a9:46:d3:23:59:58:c4:
4c:d5:1d:51:20:7c:df:22:56:72:ac:da:90:f9:e3:
31:12:ff:60:4b:9e:23:3c:f5:9b:07:d9:74:36:20:
9b:27:dd:48:0c:52:64:a6:25:d8:3d:df:db:c9:07:
12:62:b5:80:9a:25:11:90:0a:c0:86:15:e3:d4:4c:
87:2c:0d:36:ee:60:1d:3c:4c:d8:33:d3:ad:e4:58:
dd:a8:cc:61:ae:9d:82:87:bb:70:4d:f7:ea:6b:3f:
53:06:bf:f4:ba:76:41:f6:dd:2e:ba:1b:70:cc:73:
3a:4b:be:20:68:06:a9:d2:55:d8:6d:a0:a9:07:78:
4b:11:02:b4:a5:c7:cf:fb:e3:21:6c:6c:9d:0e:e3:
08:29:0d:1e:34:4f:78:a1:60:4a:31:35:93:2c:5d:
6d:7d:02:7d:cd:49:1e:18:24:5a:62:62:a0:b2:65:
a2:e4:fd:11:fe:04:d3:38:4a:3c:90:41:0c:dd:50:
fc:62:1d:a1:46:cd:ab:5e:4b:73:9b:da:26:1d:e4:
58:87:dd:60:f7:20:c6:e8:6b:8b:5e:7c:07:f1:53:
33:7e:bb:8a:ae:69:69:28:b5:06:2f:b2:a5:86:92:
a9:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:21:FD:52:03:9B:66:27:92:0C:BA:47:9F:75:AF:AE:E3:89:BE:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/36
Signature Algorithm: sha256WithRSAEncryption
33:fb:11:ee:2a:ba:95:73:f1:7d:9a:05:62:21:66:54:02:2d:
d2:83:eb:ee:95:ad:74:91:db:5f:d8:60:22:5f:01:b1:aa:c7:
07:a7:7e:48:43:85:28:76:cc:3d:92:37:cf:36:1c:bc:e7:85:
f8:25:6d:df:e6:67:7c:dc:cc:0a:05:89:44:af:28:c7:5f:96:
78:c1:57:35:37:d3:6d:87:4f:9d:3c:60:f2:bc:f4:84:83:52:
d8:bb:85:5b:f9:d2:30:fe:88:f0:1b:10:64:4e:6c:17:ee:93:
54:14:95:ca:5d:47:7f:85:29:95:54:81:c2:d0:2b:4e:83:9c:
16:1c:d2:e9:b0:24:9f:68:27:66:1e:9d:6f:08:1e:50:47:59:
8a:7e:e7:21:53:12:8a:e5:90:63:d7:a6:01:87:68:40:c6:d5:
6f:e3:b9:5a:3a:8c:38:ae:6b:e0:f9:02:3e:c2:99:29:ee:16:
e6:3c:96:09:11:01:82:29:35:81:d6:2e:42:01:6f:59:29:c9:
79:6d:29:76:f8:2d:09:ba:8e:ad:c9:de:36:a1:01:4b:7f:50:
4f:b1:30:a1:6c:7c:f6:f2:6e:76:6c:2d:61:13:4a:1a:c0:dd:
ec:47:73:76:19:4d:0d:21:30:fa:39:93:38:bc:91:1c:5a:90:
3d:3a:46:5a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXDGmuxuaU7QmIOALH9hD0bgcfrcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMwMTdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmMzA4YThhZTlkYmQ1NWNmYmY4ZGJhYTMwNzc4MDY3MGE1YjliYWM5ZWE1
ZmY4YmJmMGQ1MDYxZDFhNGFkODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJVzizGGSjg2HYvygCo4t8fBOdPL2ZipRtMjWVjETNUdUSB83yJWcqzakPnj
MRL/YEueIzz1mwfZdDYgmyfdSAxSZKYl2D3f28kHEmK1gJolEZAKwIYV49RMhywN
Nu5gHTxM2DPTreRY3ajMYa6dgoe7cE336ms/Uwa/9Lp2QfbdLrobcMxzOku+IGgG
qdJV2G2gqQd4SxECtKXHz/vjIWxsnQ7jCCkNHjRPeKFgSjE1kyxdbX0Cfc1JHhgk
WmJioLJlouT9Ef4E0zhKPJBBDN1Q/GIdoUbNq15Lc5vaJh3kWIfdYPcgxuhri158
B/FTM367iq5paSi1Bi+ypYaSqWUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQrIf1S
A5tmJ5IMukefda+u44m+9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGU2OGZiZGUtZWVhZC00ZTI5LWI5MDItNGVlZDA1MzY5M2FjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQAz+xHuKrqVc/F9mgViIWZUAi3Sg+vula10kdtf
2GAiXwGxqscHp35IQ4Uodsw9kjfPNhy854X4JW3f5md83MwKBYlEryjHX5Z4wVc1
N9Nth0+dPGDyvPSEg1LYu4Vb+dIw/ojwGxBkTmwX7pNUFJXKXUd/hSmVVIHC0CtO
g5wWHNLpsCSfaCdmHp1vCB5QR1mKfuchUxKK5ZBj16YBh2hAxtVv47laOow4rmvg
+QI+wpkp7hbmPJYJEQGCKTWB1i5CAW9ZKcl5bSl2+C0Juo6tyd42oQFLf1BPsTCh
bHz28m52bC1hE0oawN3sR3N2GU0NITD6OZM4vJEcWpA9OkZa
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:15 2025 by rpki-client