Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
File: 33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa (raw, json)
Hash identifier: eIktZkI7GI4SprXZ6OpTjJnBC+lwjyqw+KOTqUeyDZw=
Subject key identifier: AE:A2:3D:DD:3E:5E:50:56:34:62:EE:4D:75:A3:E8:B5:12:14:A3:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74257841E27F42BD3A01F8A9B05C5DA4769E2E8C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
Signing time: Tue 20 May 2025 20:01:39 +0000
ROA not before: Tue 20 May 2025 20:01:39 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:25:78:41:e2:7f:42:bd:3a:01:f8:a9:b0:5c:5d:a4:76:9e:2e:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:01:39 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=30886ef18c113b162c70caa5a7622627ad0b2dfd9b5173e45dafb7c5c0bed093, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e6:15:f0:5f:fa:43:85:70:4d:7f:ba:b7:83:
1a:5a:8e:ac:56:cb:f2:6b:b9:5c:ff:78:eb:ca:02:
8f:36:2f:45:3d:9a:97:68:a3:52:94:f8:0a:8b:b7:
2c:d7:5e:42:b6:5e:e6:7a:37:3f:ed:83:ca:ce:e9:
63:70:a8:06:ad:d1:42:92:b5:5d:52:10:5d:7f:8b:
9a:02:28:68:c7:e1:92:7e:70:7e:9f:3f:74:03:19:
e8:8e:6b:4b:0f:e8:84:c8:36:d2:30:e4:c1:b7:31:
a1:df:c7:64:ac:eb:9c:8a:70:b7:2d:70:33:b0:72:
9f:e8:51:2c:74:1f:86:e5:a9:94:47:00:e3:e0:2e:
ee:ad:3d:33:0b:51:3a:ed:77:ae:95:95:56:9b:ea:
dd:72:9c:28:be:de:92:65:fa:ee:8e:f0:59:55:81:
71:f5:b7:2b:8b:48:8a:7c:4a:04:c1:7f:e9:bc:0d:
f9:97:67:6a:92:64:32:dd:17:d4:76:e2:6f:63:9f:
f6:85:98:ef:4f:ac:42:6d:7b:d3:fe:ad:6e:51:25:
84:f8:d0:6f:72:51:62:09:d5:c8:7c:eb:55:78:cd:
98:18:89:b9:e5:08:4b:ea:4c:ee:c8:c9:a7:16:5a:
1d:ec:bd:a8:95:fa:b4:7f:e4:20:24:62:cc:04:cc:
45:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A2:3D:DD:3E:5E:50:56:34:62:EE:4D:75:A3:E8:B5:12:14:A3:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:6000::/40
Signature Algorithm: sha256WithRSAEncryption
41:e3:6c:01:d9:78:5e:b4:b0:8a:75:10:7d:e4:e0:e1:7e:20:
d4:25:47:39:47:9c:57:de:cc:6b:1e:0e:19:8b:44:13:8d:38:
e4:86:c3:5a:48:14:6e:1b:f4:79:dc:52:8a:19:ac:6f:6e:7f:
b7:42:58:4a:01:35:5b:f7:c8:00:f3:ff:07:7d:a1:4a:e8:be:
0e:ba:77:2a:ed:5d:e9:11:0e:75:17:80:41:ca:85:49:f4:52:
af:15:ab:f8:5e:e9:88:84:ec:13:6a:af:c3:bb:37:fb:96:91:
89:ab:93:06:27:27:28:65:74:17:d1:a8:e7:5d:6b:c4:40:7f:
c2:85:3b:04:06:c1:6c:8f:3b:33:20:28:8e:96:b0:13:32:ce:
5a:4f:2e:08:4a:d0:57:d6:57:13:16:f7:30:f0:00:c1:2e:c4:
b2:c0:30:1b:31:cf:d8:9f:88:75:12:02:5c:04:1e:4a:90:d1:
17:55:50:00:a2:55:03:11:4e:7a:e1:5f:07:d4:bc:12:78:95:
4e:b7:2a:90:68:e0:1e:1c:30:7b:00:23:d4:88:51:c6:e1:79:
08:42:dc:dd:11:97:60:32:f2:a6:25:46:28:14:78:fb:9b:e6:
9e:84:06:d9:27:f3:de:f9:28:d8:1f:e7:81:4d:07:41:91:2c:
b4:33:83:8d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdCV4QeJ/Qr06AfipsFxdpHaeLowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAxMzlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwODg2ZWYxOGMxMTNiMTYyYzcwY2FhNWE3NjIyNjI3YWQwYjJkZmQ5YjUx
NzNlNDVkYWZiN2M1YzBiZWQwOTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLmFfBf+kOFcE1/ureDGlqOrFbL8mu5XP9468oCjzYvRT2al2ijUpT4Cou3
LNdeQrZe5no3P+2Dys7pY3CoBq3RQpK1XVIQXX+LmgIoaMfhkn5wfp8/dAMZ6I5r
Sw/ohMg20jDkwbcxod/HZKzrnIpwty1wM7Byn+hRLHQfhuWplEcA4+Au7q09MwtR
Ou13rpWVVpvq3XKcKL7ekmX67o7wWVWBcfW3K4tIinxKBMF/6bwN+ZdnapJkMt0X
1Hbib2Of9oWY70+sQm170/6tblElhPjQb3JRYgnVyHzrVXjNmBiJueUIS+pM7sjJ
pxZaHey9qJX6tH/kICRizATMRSsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSuoj3d
Pl5QVjRi7k11o+i1EhSj/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzNmNDQyZTEtNzY2ZS00NjFkLWEzYjktMmIwZmQwMWIwOGNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hhg
MA0GCSqGSIb3DQEBCwUAA4IBAQBB42wB2XhetLCKdRB95ODhfiDUJUc5R5xX3sxr
Hg4Zi0QTjTjkhsNaSBRuG/R53FKKGaxvbn+3QlhKATVb98gA8/8HfaFK6L4Ouncq
7V3pEQ51F4BByoVJ9FKvFav4XumIhOwTaq/Duzf7lpGJq5MGJycoZXQX0ajnXWvE
QH/ChTsEBsFsjzszICiOlrATMs5aTy4IStBX1lcTFvcw8ADBLsSywDAbMc/Yn4h1
EgJcBB5KkNEXVVAAolUDEU564V8H1LwSeJVOtyqQaOAeHDB7ACPUiFHG4XkIQtzd
EZdgMvKmJUYoFHj7m+aehAbZJ/Pe+SjYH+eBTQdBkSy0M4ON
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:56 2025 by rpki-client