Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa
File: 36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa (raw, json)
Hash identifier: 543/bsjbLjARyeafl9REe7F3lErM3gipTW6TwMgztrA=
Subject key identifier: CA:16:FA:E6:27:3F:20:C7:43:6F:26:DD:17:BA:DC:38:F2:CE:CA:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1632B3C44BDA6B83CBAA9500ED306104F356D451
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa
Signing time: Tue 20 May 2025 19:10:17 +0000
ROA not before: Tue 20 May 2025 19:10:17 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:32:b3:c4:4b:da:6b:83:cb:aa:95:00:ed:30:61:04:f3:56:d4:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:10:17 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=346415eab24237c59617017e77260e3106786312c2255785d5ff489c3e2ba3dd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:71:26:29:8a:70:28:66:b2:b8:3c:ca:01:3f:
96:ec:47:c3:c8:98:ac:02:e7:6d:f1:9e:32:a0:12:
a5:23:cb:5d:19:99:42:ce:60:26:45:54:ce:20:e1:
a1:7f:ed:a3:a7:15:96:50:e3:94:08:6c:8a:41:47:
fc:c6:83:6e:bd:4d:c1:a8:c6:81:81:9e:a1:0b:76:
57:2c:61:86:e5:65:e8:3b:48:b2:95:ed:6c:ec:2a:
79:39:e3:64:21:c1:f1:fc:bd:e9:1f:73:e1:c8:08:
39:9b:8f:ea:61:70:92:42:e8:86:da:9e:e8:91:bc:
48:42:e1:62:50:1c:d7:ae:38:31:f9:7e:ff:84:72:
71:6e:26:01:09:77:6d:ee:9a:8f:81:ad:b6:62:ea:
e8:68:61:6a:46:93:52:33:db:ed:79:cb:a1:ae:3d:
05:d6:47:36:d3:0d:50:52:90:67:1f:c8:79:39:68:
12:0e:c1:d2:a1:62:3a:2d:17:44:f4:33:dd:ac:37:
2f:9f:4b:cb:34:bb:13:55:7f:aa:28:17:bc:32:c1:
89:fe:2b:34:64:aa:e4:f5:2f:6f:39:32:23:8c:36:
d7:96:0e:c9:ca:c6:43:c2:80:7e:9b:f1:8b:2c:b8:
89:ee:2b:80:95:4d:1f:80:ba:cf:3b:f5:1f:91:50:
bf:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:16:FA:E6:27:3F:20:C7:43:6F:26:DD:17:BA:DC:38:F2:CE:CA:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a020::/48
Signature Algorithm: sha256WithRSAEncryption
4d:a8:31:6a:fb:8e:55:30:60:2f:70:bd:d1:a7:a7:c2:cb:4b:
7c:9f:51:82:5c:a7:56:62:c2:88:f1:1d:1f:8f:d5:18:94:ac:
21:92:bb:61:63:33:a5:12:67:e4:6c:a5:8a:95:fe:7c:78:de:
1e:86:1c:82:ac:6d:c8:ea:5c:0f:ce:44:11:39:c8:69:b8:d1:
01:13:ab:1b:97:0d:14:bb:72:86:1f:0f:6f:16:a1:1d:73:a8:
ab:89:11:fd:42:37:a0:29:a6:64:cf:49:43:ab:4b:05:25:54:
51:77:53:bd:23:ab:3d:29:43:92:b7:50:63:e0:3e:c8:dd:6a:
f0:e3:22:17:07:7a:c7:1e:4a:96:43:79:bd:ad:4c:79:dd:58:
3e:bb:fe:e3:d1:d1:60:9c:04:4b:f8:2a:20:4f:f0:1d:1e:6e:
03:75:9a:b8:72:3b:20:88:79:66:8d:a8:07:74:5a:65:41:e1:
1f:f1:5a:ab:45:e0:e0:90:b0:46:38:58:24:c0:a4:85:9c:8a:
ac:97:4b:48:25:5d:d8:1c:0a:4c:06:8b:73:bb:ca:53:33:45:
8c:7a:2c:cd:29:6c:fc:e4:af:c8:85:78:ef:cb:f8:6f:f0:04:
78:af:0f:72:20:21:3d:92:f1:75:93:be:1d:1c:4c:f9:1c:f1:
f4:00:c4:cb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFjKzxEvaa4PLqpUA7TBhBPNW1FEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTEwMTdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0NjQxNWVhYjI0MjM3YzU5NjE3MDE3ZTc3MjYwZTMxMDY3ODYzMTJjMjI1
NTc4NWQ1ZmY0ODljM2UyYmEzZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJpxJimKcChmsrg8ygE/luxHw8iYrALnbfGeMqASpSPLXRmZQs5gJkVUziDh
oX/to6cVllDjlAhsikFH/MaDbr1NwajGgYGeoQt2VyxhhuVl6DtIspXtbOwqeTnj
ZCHB8fy96R9z4cgIOZuP6mFwkkLohtqe6JG8SELhYlAc1644Mfl+/4RycW4mAQl3
be6aj4GttmLq6GhhakaTUjPb7XnLoa49BdZHNtMNUFKQZx/IeTloEg7B0qFiOi0X
RPQz3aw3L59LyzS7E1V/qigXvDLBif4rNGSq5PUvbzkyI4w215YOycrGQ8KAfpvx
iyy4ie4rgJVNH4C6zzv1H5FQv3kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTKFvrm
Jz8gx0NvJt0Xutw48s7KPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzZmZGU0YzctMzA1Yy00ZTlkLThkMWYtYmE4NWMzNjUwMjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
IDANBgkqhkiG9w0BAQsFAAOCAQEATagxavuOVTBgL3C90aenwstLfJ9RglynVmLC
iPEdH4/VGJSsIZK7YWMzpRJn5GylipX+fHjeHoYcgqxtyOpcD85EETnIabjRAROr
G5cNFLtyhh8PbxahHXOoq4kR/UI3oCmmZM9JQ6tLBSVUUXdTvSOrPSlDkrdQY+A+
yN1q8OMiFwd6xx5KlkN5va1Med1YPrv+49HRYJwES/gqIE/wHR5uA3WauHI7IIh5
Zo2oB3RaZUHhH/Faq0Xg4JCwRjhYJMCkhZyKrJdLSCVd2BwKTAaLc7vKUzNFjHos
zSls/OSvyIV478v4b/AEeK8PciAhPZLxdZO+HRxM+Rzx9ADEyw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:19 2025 by rpki-client