Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
File: 3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa (raw, json)
Hash identifier: Yki8R7fHQJ7JKRLl798ftk70yCukufo6RY7gAP7q1C4=
Subject key identifier: E0:65:68:2F:76:43:99:18:ED:14:B3:42:10:2A:7A:5B:69:45:D1:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 324A8D9BBD8763B13CEC1B73E461B8F004DCBF8B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
Signing time: Tue 10 Jun 2025 17:30:09 +0000
ROA not before: Tue 10 Jun 2025 17:30:09 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:4a:8d:9b:bd:87:63:b1:3c:ec:1b:73:e4:61:b8:f0:04:dc:bf:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:30:09 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=67d77cf61957d92dd4b9915df4bf533c4057e6c31b5e613a89d03c66ddf85163, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6e:eb:28:eb:29:3a:74:90:e0:b1:ad:1b:f3:
c5:ba:e4:84:a9:62:eb:d9:2e:77:47:76:93:b6:b5:
dd:14:d0:fc:ce:2d:50:8c:f9:22:ed:91:ec:1e:26:
55:3c:d3:b9:3f:ea:9b:92:c0:a9:45:92:60:db:ce:
70:22:e9:43:80:d1:3a:d5:1a:24:03:c1:cf:3a:8a:
4b:19:3f:fb:ee:ba:2a:19:eb:cf:be:d1:fe:83:72:
37:66:63:9d:59:76:21:15:7f:93:2c:b1:89:7b:f6:
4b:d9:fe:d7:8e:95:49:1c:4d:dd:c0:44:23:ee:96:
32:08:dc:d4:c5:1f:de:28:81:fc:4f:f0:e3:47:60:
0e:1f:4d:31:ed:bb:3a:1d:ad:bb:37:b2:e9:ee:64:
f5:28:47:10:5b:9a:12:bc:ff:ed:d9:2f:47:3e:21:
3b:31:58:c2:22:34:bc:e7:06:b2:b7:ba:45:95:1b:
a8:83:2b:22:9d:60:78:eb:e5:ad:f2:e1:92:73:eb:
36:dc:4b:5a:d3:2a:ff:e2:2d:75:08:0a:0d:35:9a:
f8:8e:2a:2f:60:29:3c:5d:4c:fd:a2:ac:76:c7:a8:
81:49:0f:e7:19:3c:3a:41:ed:35:6f:6c:37:d6:62:
2e:2b:1d:79:f6:e7:09:e5:4e:7e:4e:7d:a5:04:41:
c6:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:65:68:2F:76:43:99:18:ED:14:B3:42:10:2A:7A:5B:69:45:D1:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020::/28
Signature Algorithm: sha256WithRSAEncryption
b4:89:5f:31:f2:2a:88:e2:c8:f6:a6:f9:3c:b2:d7:38:ec:7c:
4f:38:c7:d0:51:80:e4:31:16:d0:64:97:ca:fd:e9:b7:68:6f:
af:2f:52:43:e5:28:61:3a:99:e2:bf:7c:ba:d7:0b:04:52:f5:
db:08:b2:f5:a6:11:f4:ec:6d:62:36:0b:c7:dc:43:b8:95:2d:
4a:91:89:24:b1:60:2f:27:c9:ff:20:9d:78:af:99:27:58:ff:
c8:9f:75:21:b7:ed:65:08:58:3e:7f:a5:2f:32:fa:5d:3e:b0:
2c:30:8f:93:58:e3:1e:93:44:42:2e:4e:87:3b:83:59:9c:c1:
97:10:ab:ac:12:5f:3b:53:aa:5a:15:35:73:47:cd:23:4b:2a:
6f:c4:b0:67:8a:3c:82:bb:e4:db:09:3a:54:fe:17:a5:33:a2:
40:e6:0a:26:fc:1f:d5:7a:64:10:bd:e6:98:2c:46:97:f8:f9:
5c:b5:57:56:fe:85:e1:ed:09:2e:4c:69:f4:4c:fd:8b:2d:e0:
ba:91:e4:51:20:d9:52:e7:e9:a4:23:ac:6b:ce:19:dd:d7:d2:
97:6c:d3:a6:8d:1c:18:e2:22:68:01:e2:e1:dd:9c:68:85:aa:
51:e4:20:95:78:cc:3f:67:5a:3a:3e:a0:c9:ef:5f:90:02:7d:
6c:5b:33:fe
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUMkqNm72HY7E87Btz5GG48ATcv4swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzMwMDlaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3ZDc3Y2Y2MTk1N2Q5MmRkNGI5OTE1ZGY0YmY1MzNjNDA1N2U2YzMxYjVl
NjEzYTg5ZDAzYzY2ZGRmODUxNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJdu6yjrKTp0kOCxrRvzxbrkhKli69kud0d2k7a13RTQ/M4tUIz5Iu2R7B4m
VTzTuT/qm5LAqUWSYNvOcCLpQ4DROtUaJAPBzzqKSxk/++66Khnrz77R/oNyN2Zj
nVl2IRV/kyyxiXv2S9n+146VSRxN3cBEI+6WMgjc1MUf3iiB/E/w40dgDh9NMe27
Oh2tuzey6e5k9ShHEFuaErz/7dkvRz4hOzFYwiI0vOcGsre6RZUbqIMrIp1geOvl
rfLhknPrNtxLWtMq/+ItdQgKDTWa+I4qL2ApPF1M/aKsdseogUkP5xk8OkHtNW9s
N9ZiLisdefbnCeVOfk59pQRBxmkCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTgZWgv
dkOZGO0Us0IQKnpbaUXRqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzEzNmEzMjItZjlkNC00Yzc3LWI0OGItM2E0YTViMmQzZDU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBCoF0CAw
DQYJKoZIhvcNAQELBQADggEBALSJXzHyKojiyPam+Tyy1zjsfE84x9BRgOQxFtBk
l8r96bdob68vUkPlKGE6meK/fLrXCwRS9dsIsvWmEfTsbWI2C8fcQ7iVLUqRiSSx
YC8nyf8gnXivmSdY/8ifdSG37WUIWD5/pS8y+l0+sCwwj5NY4x6TREIuToc7g1mc
wZcQq6wSXztTqloVNXNHzSNLKm/EsGeKPIK75NsJOlT+F6UzokDmCib8H9V6ZBC9
5pgsRpf4+Vy1V1b+heHtCS5MafRM/Yst4LqR5FEg2VLn6aQjrGvOGd3X0pds06aN
HBjiImgB4uHdnGiFqlHkIJV4zD9nWjo+oMnvX5ACfWxbM/4=
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:54 2025 by rpki-client