Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36851825-b64c-4907-b152-006b17b6b7d7.roa
File: 36851825-b64c-4907-b152-006b17b6b7d7.roa (raw, json)
Hash identifier: P/CgbDI6rfDWgChql53cS8jmxKh9/xCiPM8tgqIEUNI=
Subject key identifier: 1E:76:62:4B:C8:C6:83:28:04:93:F3:00:79:36:2E:35:9F:B2:A1:F0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30D73E24447B2D5401B8F9A931F6A8A26EF1382B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36851825-b64c-4907-b152-006b17b6b7d7.roa
Signing time: Fri 25 Apr 2025 18:20:06 +0000
ROA not before: Fri 25 Apr 2025 18:20:06 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:d7:3e:24:44:7b:2d:54:01:b8:f9:a9:31:f6:a8:a2:6e:f1:38:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:20:06 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=107fbf4473f9301a8722caedc8181bf3057dbce30d3e528d92dad69439fb0a4a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:68:af:86:28:0d:87:ec:d2:d3:60:9c:de:83:
25:42:90:36:3f:3c:7f:b3:e0:b2:57:39:ed:fb:56:
f7:ba:50:0a:4a:8a:d2:e3:c1:03:1d:3f:ea:41:f3:
ec:ed:0e:11:d5:28:50:09:58:3f:26:82:7c:b9:7d:
9b:ea:2e:23:77:03:d4:86:42:f4:3f:d4:e6:0e:fd:
c7:ec:62:e7:47:ab:ed:f6:83:5f:c8:bb:40:79:c4:
6f:ea:df:41:40:11:da:3e:09:64:bf:3f:0f:40:8e:
f5:7d:b2:2d:ec:61:15:66:93:c9:4f:55:5b:41:a5:
85:e5:76:e0:e6:5e:ef:16:4d:6d:e3:f7:d7:0f:7d:
c6:12:41:86:19:5d:e2:d9:ea:60:73:0c:f5:38:f4:
09:37:78:c3:25:2e:8d:bc:47:1d:9e:b9:d0:01:ba:
86:66:0c:35:58:b2:10:26:c8:52:29:0a:7f:bb:bd:
27:82:ee:59:ea:0e:b3:a7:4d:c2:52:54:9a:03:bd:
24:17:5e:10:8e:11:1b:33:ad:89:f5:93:93:23:55:
55:7e:33:31:d1:a2:01:5e:20:d6:85:4c:29:87:21:
1d:2b:d1:ce:e4:24:96:b1:07:b4:1e:f7:6b:97:06:
f4:8e:3c:90:2a:b0:2e:0c:f5:15:e7:bb:e0:d7:ab:
0c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:76:62:4B:C8:C6:83:28:04:93:F3:00:79:36:2E:35:9F:B2:A1:F0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36851825-b64c-4907-b152-006b17b6b7d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:b000::/40
Signature Algorithm: sha256WithRSAEncryption
69:c2:eb:53:9f:fb:e1:25:51:d0:b5:a8:ea:70:0a:43:e6:90:
ad:b9:a4:db:91:1f:99:2a:a0:66:33:34:20:bc:2b:31:23:56:
69:00:32:cc:c5:aa:aa:0b:bd:f9:98:a0:22:56:52:1d:db:54:
80:c8:ef:ec:ed:53:6e:93:5c:21:be:6c:5a:1a:0e:21:53:2c:
74:aa:36:d5:51:0b:f0:14:94:99:e9:11:f0:0e:2d:59:17:1f:
22:4d:16:13:31:c7:ec:27:ed:d4:18:24:10:40:2c:a4:4d:9a:
9b:95:06:5d:1b:6c:34:b8:b4:82:3e:d9:84:69:5c:df:92:6b:
15:ec:f3:23:5a:c9:33:16:b8:b3:a9:92:fe:f2:ff:a0:12:5a:
69:48:66:e4:35:b8:70:4f:16:c8:a1:f7:de:a3:8b:13:cc:30:
51:36:d6:af:21:52:4f:ca:2a:96:7c:38:99:86:ad:9b:ff:c4:
97:69:12:99:f4:42:16:71:e4:3b:5b:5d:78:15:a9:f0:ab:12:
51:42:33:bf:7e:b5:56:e8:8b:08:73:ee:c4:79:23:b9:ef:48:
68:f4:c6:46:69:fe:8f:fc:c1:84:7f:1a:9b:f7:d5:9e:31:59:
96:3c:74:3b:69:2f:45:88:73:5c:6f:b1:81:8f:90:9b:25:1e:
d3:27:9a:75
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMNc+JER7LVQBuPmpMfaoom7xOCswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODIwMDZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwN2ZiZjQ0NzNmOTMwMWE4NzIyY2FlZGM4MTgxYmYzMDU3ZGJjZTMwZDNl
NTI4ZDkyZGFkNjk0MzlmYjBhNGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRor4YoDYfs0tNgnN6DJUKQNj88f7Pgslc57ftW97pQCkqK0uPBAx0/6kHz
7O0OEdUoUAlYPyaCfLl9m+ouI3cD1IZC9D/U5g79x+xi50er7faDX8i7QHnEb+rf
QUAR2j4JZL8/D0CO9X2yLexhFWaTyU9VW0GlheV24OZe7xZNbeP31w99xhJBhhld
4tnqYHMM9Tj0CTd4wyUujbxHHZ650AG6hmYMNViyECbIUikKf7u9J4LuWeoOs6dN
wlJUmgO9JBdeEI4RGzOtifWTkyNVVX4zMdGiAV4g1oVMKYchHSvRzuQklrEHtB73
a5cG9I48kCqwLgz1Fee74NerDLECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQedmJL
yMaDKAST8wB5Ni41n7Kh8DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzY4NTE4MjUtYjY0Yy00OTA3LWIxNTItMDA2YjE3YjZiN2Q3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGw
MA0GCSqGSIb3DQEBCwUAA4IBAQBpwutTn/vhJVHQtajqcApD5pCtuaTbkR+ZKqBm
MzQgvCsxI1ZpADLMxaqqC735mKAiVlId21SAyO/s7VNuk1whvmxaGg4hUyx0qjbV
UQvwFJSZ6RHwDi1ZFx8iTRYTMcfsJ+3UGCQQQCykTZqblQZdG2w0uLSCPtmEaVzf
kmsV7PMjWskzFrizqZL+8v+gElppSGbkNbhwTxbIoffeo4sTzDBRNtavIVJPyiqW
fDiZhq2b/8SXaRKZ9EIWceQ7W114FanwqxJRQjO/frVW6IsIc+7EeSO570ho9MZG
af6P/MGEfxqb99WeMVmWPHQ7aS9FiHNcb7GBj5CbJR7TJ5p1
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:06 2025 by rpki-client