Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa
File: 19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa (raw, json)
Hash identifier: gWg+cdfl2fg0Y0PJ7kX1n+0s6UNNKRaTitPg+mCOPfI=
Subject key identifier: FF:1B:26:55:31:19:F3:CD:EA:3E:BC:F2:25:AD:65:67:8D:B3:DC:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6152F5E52A0E306E7429A9C0D8673F539287D07A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa
Signing time: Fri 25 Apr 2025 18:21:07 +0000
ROA not before: Fri 25 Apr 2025 18:21:07 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:52:f5:e5:2a:0e:30:6e:74:29:a9:c0:d8:67:3f:53:92:87:d0:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:21:07 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=63780f3f8b0e4ebdcab67390a7570079905669395ae75475b2ef8636e5a3e726, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2b:c8:5c:68:79:3b:27:39:d6:2d:67:df:43:
fa:86:c3:0c:61:b4:e8:f2:62:76:b2:96:ab:03:f4:
3e:2c:19:66:5d:6f:da:7f:bc:72:f6:5e:4d:c0:f7:
ab:62:78:9d:2a:01:09:fa:a8:26:e6:dd:86:07:45:
82:7e:85:b0:4c:45:2a:0e:fb:46:25:6f:bb:8c:46:
18:4b:4b:90:b6:8e:b9:21:cb:9e:b3:b9:c2:50:70:
d6:91:11:28:2c:6f:1d:62:54:b8:09:32:ca:19:ac:
e8:66:ff:bd:58:21:74:49:72:5f:ce:16:7e:ac:5a:
a3:6d:e8:cd:11:ed:f1:36:d7:4b:65:6a:db:c5:1d:
a1:ee:26:f7:5e:eb:21:37:64:bf:44:bb:b3:bd:0b:
6d:a7:8e:ab:3a:75:a5:e5:98:4c:52:bf:4a:25:c8:
7a:76:2e:e8:c7:bb:a3:37:f7:d0:8c:4c:d2:e1:c8:
9f:1a:82:71:f6:a6:3a:4a:ae:94:c9:95:ae:47:18:
5c:22:0f:90:84:67:d2:72:87:29:75:43:43:b4:c6:
6c:7e:b2:62:ea:3a:27:68:d2:8a:7e:11:16:f0:ff:
42:7b:04:8e:de:f7:3d:bd:29:4b:85:0e:33:61:8c:
43:74:88:10:c5:a3:04:09:e2:64:fe:23:b2:db:72:
3d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:1B:26:55:31:19:F3:CD:EA:3E:BC:F2:25:AD:65:67:8D:B3:DC:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:5080::/48
Signature Algorithm: sha256WithRSAEncryption
87:31:38:21:f6:89:15:00:d0:08:bd:fb:4c:50:60:f7:17:b1:
cc:a0:4d:a8:1a:27:da:77:9e:f2:a6:ae:70:0a:21:40:a6:39:
3a:4f:af:50:e9:a6:ba:87:0d:0e:c9:ee:e2:a3:50:7a:55:66:
56:22:5e:c1:23:19:b3:73:d0:11:5e:5c:f7:24:6d:17:08:d0:
6d:bd:80:3d:8a:af:59:81:d9:49:5a:43:11:99:3f:d0:98:df:
bc:cc:ec:89:de:e9:ca:60:9f:a2:48:88:f9:a9:13:83:83:2c:
73:47:d4:78:2e:0a:36:af:c0:88:27:a2:97:0f:38:26:a9:3a:
85:2c:3b:e8:11:2e:34:c1:f4:dc:06:9c:64:0d:43:82:47:c2:
09:9d:d2:6a:b2:8c:a1:19:8f:38:b9:3a:bb:55:58:75:f8:84:
f4:77:58:5c:30:e1:16:4e:ab:b5:7c:b3:b7:69:63:8f:51:1b:
60:a6:1b:89:ae:74:1d:49:4d:3a:05:1d:60:ca:5c:7e:a8:0d:
eb:45:92:7b:cf:70:0e:fd:90:a6:84:fe:6f:c4:70:4c:cd:a6:
92:31:78:53:f6:96:72:51:f6:8e:e7:08:cb:e0:a9:c1:3d:5d:
aa:1c:59:fc:0f:84:a8:09:2e:e4:4d:fe:9e:2c:5d:9a:58:b3:
23:c3:d2:ff
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYVL15SoOMG50KanA2Gc/U5KH0HowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODIxMDdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzNzgwZjNmOGIwZTRlYmRjYWI2NzM5MGE3NTcwMDc5OTA1NjY5Mzk1YWU3
NTQ3NWIyZWY4NjM2ZTVhM2U3MjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUryFxoeTsnOdYtZ99D+obDDGG06PJidrKWqwP0PiwZZl1v2n+8cvZeTcD3
q2J4nSoBCfqoJubdhgdFgn6FsExFKg77RiVvu4xGGEtLkLaOuSHLnrO5wlBw1pER
KCxvHWJUuAkyyhms6Gb/vVghdElyX84Wfqxao23ozRHt8TbXS2Vq28Udoe4m917r
ITdkv0S7s70LbaeOqzp1peWYTFK/SiXIenYu6Me7ozf30IxM0uHInxqCcfamOkqu
lMmVrkcYXCIPkIRn0nKHKXVDQ7TGbH6yYuo6J2jSin4RFvD/QnsEjt73Pb0pS4UO
M2GMQ3SIEMWjBAniZP4jsttyPWsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT/GyZV
MRnzzeo+vPIlrWVnjbPcnDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTlhMjdkOWYtM2NjOS00YWM0LTlhZmItMzk5ZjY2YmVlNjBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q
gDANBgkqhkiG9w0BAQsFAAOCAQEAhzE4IfaJFQDQCL37TFBg9xexzKBNqBon2nee
8qaucAohQKY5Ok+vUOmmuocNDsnu4qNQelVmViJewSMZs3PQEV5c9yRtFwjQbb2A
PYqvWYHZSVpDEZk/0JjfvMzsid7pymCfokiI+akTg4Msc0fUeC4KNq/AiCeilw84
Jqk6hSw76BEuNMH03AacZA1DgkfCCZ3SarKMoRmPOLk6u1VYdfiE9HdYXDDhFk6r
tXyzt2ljj1EbYKYbia50HUlNOgUdYMpcfqgN60WSe89wDv2QpoT+b8RwTM2mkjF4
U/aWclH2jucIy+CpwT1dqhxZ/A+EqAku5E3+nixdmlizI8PS/w==
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:15:50 2025 by rpki-client