Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/191b6a6c-2595-4848-a6b3-22a230649f67.roa
File: 191b6a6c-2595-4848-a6b3-22a230649f67.roa (raw, json)
Hash identifier: jG/MoeFuDh4Zf3WaiznKAXdGhELBpVo6W4VlmsunnRs=
Subject key identifier: A8:DF:81:70:09:73:2E:2B:25:77:E0:28:B2:80:02:E2:25:B9:E7:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3801E586C200C42488F4C479C5E0A1573ECF97F4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/191b6a6c-2595-4848-a6b3-22a230649f67.roa
Signing time: Fri 25 Apr 2025 19:31:03 +0000
ROA not before: Fri 25 Apr 2025 19:31:03 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:5040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:01:e5:86:c2:00:c4:24:88:f4:c4:79:c5:e0:a1:57:3e:cf:97:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:31:03 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=818fc9931926ff58354054eb45433729aae33e37e274fd604dd2e1d325bd0e7e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:82:37:fc:e8:61:ae:f6:2c:46:1c:79:67:5e:
70:25:ca:c2:c1:72:7a:4f:fe:bc:e6:95:1b:3b:11:
8a:b5:c2:a6:39:2c:de:86:e4:9e:13:52:2a:bf:c5:
24:94:b8:87:05:19:d8:c6:1a:ef:af:40:c1:d8:36:
6e:b2:a7:98:79:c4:56:a8:67:38:a4:36:3a:23:31:
42:3c:c5:6f:03:af:87:13:07:2a:ce:fe:b1:68:0a:
97:88:da:fc:e0:27:3a:71:b6:bc:9b:97:b1:62:c8:
d0:bb:4a:34:12:6b:bc:3b:08:77:9f:45:a5:fc:50:
01:82:40:26:e6:9e:04:15:16:6e:1c:36:de:94:ca:
5a:39:ac:c2:87:27:70:ef:90:4f:1c:09:2d:7e:b2:
7a:f1:d7:95:27:7a:9e:b5:4a:94:4b:7e:d2:f5:3a:
0d:44:a7:8a:10:fd:50:b2:97:9c:82:54:d9:1f:17:
bb:07:ed:68:fc:ef:e0:b8:47:f9:4d:70:e8:b9:d3:
eb:a0:96:34:c3:a9:89:77:42:46:9a:da:6b:d8:07:
f5:81:29:34:31:db:14:57:6c:d2:8e:e4:4a:19:a8:
a4:74:1c:15:80:9b:6d:a5:a2:f9:09:a4:e4:0d:00:
2b:05:28:e9:6d:6e:26:5d:70:c6:c4:53:14:fd:5d:
eb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:DF:81:70:09:73:2E:2B:25:77:E0:28:B2:80:02:E2:25:B9:E7:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/191b6a6c-2595-4848-a6b3-22a230649f67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:5040::/46
Signature Algorithm: sha256WithRSAEncryption
a7:21:b7:05:af:8f:1f:67:7a:ef:e4:b0:95:ea:df:63:1e:fc:
15:c0:4c:29:03:0e:25:ce:5f:e3:cc:44:4f:6e:1f:68:78:38:
f3:c2:c6:02:22:15:dd:c8:af:06:c1:33:68:25:4a:d1:5e:c2:
4d:65:3b:c1:09:24:37:3e:a9:de:06:ba:f2:bf:8b:33:cd:e5:
eb:ed:ba:23:91:26:f1:ab:54:92:ff:57:ba:53:f1:35:26:db:
96:f4:f3:57:10:94:52:9c:6d:5f:25:d1:41:2b:79:57:a3:7a:
e1:68:aa:55:77:19:6e:e4:2d:e1:87:fd:c9:28:d9:eb:e6:05:
24:7a:69:c2:67:b3:ea:f8:19:2e:fc:71:79:64:9d:f8:11:2d:
65:7b:4d:2d:b7:f6:b3:e0:db:20:a6:5a:65:b5:b6:43:fb:15:
fc:ed:7e:a1:62:59:02:1b:a1:03:13:37:31:53:6c:ff:89:a4:
5c:17:ed:ad:f9:45:e6:62:4c:61:cf:56:a4:b1:fb:bf:a2:68:
b3:c0:7d:3c:b2:21:5c:6c:33:5f:9c:c3:d6:23:21:b8:16:44:
fc:69:e8:7b:26:6e:55:51:df:7b:49:1d:40:e6:bb:4c:88:09:
24:30:35:a6:c2:52:3e:98:70:aa:f5:bf:3e:ae:35:79:4a:f6:
c8:ca:97:be
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOAHlhsIAxCSI9MR5xeChVz7Pl/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMxMDNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxOGZjOTkzMTkyNmZmNTgzNTQwNTRlYjQ1NDMzNzI5YWFlMzNlMzdlMjc0
ZmQ2MDRkZDJlMWQzMjViZDBlN2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOOCN/zoYa72LEYceWdecCXKwsFyek/+vOaVGzsRirXCpjks3obknhNSKr/F
JJS4hwUZ2MYa769Awdg2brKnmHnEVqhnOKQ2OiMxQjzFbwOvhxMHKs7+sWgKl4ja
/OAnOnG2vJuXsWLI0LtKNBJrvDsId59FpfxQAYJAJuaeBBUWbhw23pTKWjmswocn
cO+QTxwJLX6yevHXlSd6nrVKlEt+0vU6DUSnihD9ULKXnIJU2R8XuwftaPzv4LhH
+U1w6LnT66CWNMOpiXdCRpraa9gH9YEpNDHbFFds0o7kShmopHQcFYCbbaWi+Qmk
5A0AKwUo6W1uJl1wxsRTFP1d65UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSo34Fw
CXMuKyV34CiygALiJbnniTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTkxYjZhNmMtMjU5NS00ODQ4LWE2YjMtMjJhMjMwNjQ5ZjY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HdQ
QDANBgkqhkiG9w0BAQsFAAOCAQEApyG3Ba+PH2d67+SwlerfYx78FcBMKQMOJc5f
48xET24faHg488LGAiIV3civBsEzaCVK0V7CTWU7wQkkNz6p3ga68r+LM83l6+26
I5Em8atUkv9XulPxNSbblvTzVxCUUpxtXyXRQSt5V6N64WiqVXcZbuQt4Yf9ySjZ
6+YFJHppwmez6vgZLvxxeWSd+BEtZXtNLbf2s+DbIKZaZbW2Q/sV/O1+oWJZAhuh
AxM3MVNs/4mkXBftrflF5mJMYc9WpLH7v6Jos8B9PLIhXGwzX5zD1iMhuBZE/Gno
eyZuVVHfe0kdQOa7TIgJJDA1psJSPphwqvW/Pq41eUr2yMqXvg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:17 2025 by rpki-client