Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
File: 2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa (raw, json)
Hash identifier: FetNmgAwsUgS2fYqUggYSNP2gyiKEwr+XA/3sI2k/HU=
Subject key identifier: BD:A9:AA:81:7B:C8:27:92:84:67:57:B3:C8:C5:BE:44:C4:C3:8B:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 399F094FAD2738B330B650E5BCA18896FA6F2E81
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
Signing time: Tue 20 May 2025 20:00:22 +0000
ROA not before: Tue 20 May 2025 20:00:22 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:9f:09:4f:ad:27:38:b3:30:b6:50:e5:bc:a1:88:96:fa:6f:2e:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:00:22 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=84c7bb218a7352413bb9e736d83f0cb56e91df4e390ee62f14ca500ace8096c2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d5:63:83:76:65:57:7a:94:40:9a:ae:5d:07:
61:44:35:40:43:d7:6d:12:bf:1c:d5:65:3c:da:ec:
c8:18:89:b2:ad:dd:d5:c6:6a:60:0a:b8:3c:ba:4b:
4c:2a:04:2b:bb:ba:ae:59:36:dc:29:8c:20:9f:fc:
b7:c0:7a:78:a5:45:c8:80:c6:e3:2c:b9:39:7f:28:
59:da:4e:5b:9d:52:65:49:a6:ee:2d:c4:2f:38:14:
4a:5f:70:29:e8:7c:c3:6d:33:da:4d:47:17:48:e7:
41:fa:0c:f3:69:31:49:e0:17:9d:ff:e4:09:3e:58:
d5:1e:70:d6:e7:bf:c2:f9:3a:03:3d:26:92:02:d4:
5c:c3:06:43:9d:8c:92:30:48:41:1b:a3:a2:5e:30:
50:94:bf:8e:88:8a:4a:42:96:3c:e7:18:54:eb:82:
b9:f2:fb:37:e0:3d:d8:cd:ae:af:a1:05:61:78:1e:
ff:2f:ee:a7:03:c7:e3:00:ff:65:60:7c:37:4e:ea:
33:af:3d:e7:3e:57:6d:ae:20:0b:27:7a:20:ec:fe:
76:ee:49:b5:9b:22:a7:31:fd:17:69:71:10:98:f3:
8a:83:3e:66:a2:e9:bc:eb:a3:f1:4c:6e:4e:50:69:
b2:6a:e9:d7:8c:a5:9a:f2:dd:b6:80:4d:12:bd:47:
38:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:A9:AA:81:7B:C8:27:92:84:67:57:B3:C8:C5:BE:44:C4:C3:8B:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:a000::/40
Signature Algorithm: sha256WithRSAEncryption
56:1d:7e:e1:2b:67:a6:cb:2e:47:b6:46:b0:e4:bd:d9:b4:60:
92:57:1e:c1:fe:b7:74:27:62:f9:8e:8f:89:c9:05:d6:56:3d:
5c:7c:f7:13:9f:51:7a:3e:ef:be:2f:3c:96:15:ea:08:a9:e7:
13:a8:9a:8c:59:0b:7c:ad:2f:de:73:31:fc:54:ef:48:f7:8d:
d4:38:ff:ad:71:7b:ea:2d:3f:0f:2c:59:83:ad:59:ae:41:d8:
25:cd:51:3c:04:2f:76:e5:b7:2a:dc:cb:e5:d0:17:e4:42:22:
b7:ca:01:3b:31:c2:c7:c3:66:34:59:7b:69:3f:8d:a5:f1:fc:
c5:dd:6a:3b:17:a2:0a:57:7f:33:de:ac:c4:cf:2a:49:2e:8b:
ea:51:5c:73:8b:7e:ee:2c:42:ae:f6:10:13:72:b7:d3:4d:89:
2a:22:b3:10:6a:43:fc:bb:9b:53:66:80:7b:c2:9d:44:56:3b:
74:9a:16:44:ad:e2:3b:f9:bb:6c:71:f1:3d:0c:09:f0:e8:f5:
f6:2c:de:64:bc:d4:17:c3:e6:dc:11:3a:93:ec:a9:a4:63:d2:
08:a0:46:a8:88:37:ad:70:f8:b8:e2:df:96:12:2c:39:b8:40:
d9:de:6c:2d:0f:ee:70:93:e2:43:3b:f2:27:1d:4c:9a:1f:7e:
79:c3:04:05
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOZ8JT60nOLMwtlDlvKGIlvpvLoEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAwMjJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0YzdiYjIxOGE3MzUyNDEzYmI5ZTczNmQ4M2YwY2I1NmU5MWRmNGUzOTBl
ZTYyZjE0Y2E1MDBhY2U4MDk2YzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIfVY4N2ZVd6lECarl0HYUQ1QEPXbRK/HNVlPNrsyBiJsq3d1cZqYAq4PLpL
TCoEK7u6rlk23CmMIJ/8t8B6eKVFyIDG4yy5OX8oWdpOW51SZUmm7i3ELzgUSl9w
Keh8w20z2k1HF0jnQfoM82kxSeAXnf/kCT5Y1R5w1ue/wvk6Az0mkgLUXMMGQ52M
kjBIQRujol4wUJS/joiKSkKWPOcYVOuCufL7N+A92M2ur6EFYXge/y/upwPH4wD/
ZWB8N07qM6895z5Xba4gCyd6IOz+du5JtZsipzH9F2lxEJjzioM+ZqLpvOuj8Uxu
TlBpsmrp14ylmvLdtoBNEr1HOL8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS9qaqB
e8gnkoRnV7PIxb5ExMOLIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRjN2I1NjQtYzNlMS00OWVmLWE3OGMtZjM2ZjQxMzliNDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hig
MA0GCSqGSIb3DQEBCwUAA4IBAQBWHX7hK2emyy5Htkaw5L3ZtGCSVx7B/rd0J2L5
jo+JyQXWVj1cfPcTn1F6Pu++LzyWFeoIqecTqJqMWQt8rS/eczH8VO9I943UOP+t
cXvqLT8PLFmDrVmuQdglzVE8BC925bcq3Mvl0BfkQiK3ygE7McLHw2Y0WXtpP42l
8fzF3Wo7F6IKV38z3qzEzypJLovqUVxzi37uLEKu9hATcrfTTYkqIrMQakP8u5tT
ZoB7wp1EVjt0mhZEreI7+btscfE9DAnw6PX2LN5kvNQXw+bcETqT7KmkY9IIoEao
iDetcPi44t+WEiw5uEDZ3mwtD+5wk+JDO/InHUyaH355wwQF
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:31 2025 by rpki-client