Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
File: 3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa (raw, json)
Hash identifier: SE3f9QrgJMZfoPErZTCibhoWsasHRxBxUhTTU1N3/gM=
Subject key identifier: FD:E4:AC:6F:1B:87:34:FB:85:ED:D0:8A:E7:CD:27:3C:D0:E1:C2:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 051164A5280F99BCB0A86D11145E6211A68143C7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
Signing time: Tue 10 Jun 2025 17:21:11 +0000
ROA not before: Tue 10 Jun 2025 17:21:11 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:11:64:a5:28:0f:99:bc:b0:a8:6d:11:14:5e:62:11:a6:81:43:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:21:11 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=76263a9e3bf1504fdfc1aca77477fbc7b7c7a5c927f345de9bb3a5a02b2d3716, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cf:28:ad:f3:46:f3:48:84:de:32:24:c3:bf:
02:61:26:ad:a4:20:85:db:0c:02:53:53:60:72:34:
c2:8b:f0:8f:7f:c9:04:73:4c:64:8f:67:6e:43:c0:
35:c2:77:81:b0:01:0f:12:72:46:d3:a1:56:b6:02:
3f:bf:49:89:ea:6c:e3:bb:8c:9c:3a:92:6f:c9:91:
cd:6d:1f:4f:1b:11:b1:03:d7:59:83:23:45:99:45:
c6:71:f3:43:b3:95:59:39:22:b1:58:3e:fe:8f:a8:
cf:67:e1:60:e6:1d:8d:3a:ec:bb:17:7a:49:bb:51:
f8:cc:1f:71:5f:55:93:6b:4a:34:16:d3:2d:de:4c:
a6:0b:88:bd:49:05:40:1e:ec:c1:70:b9:2a:c0:ed:
ce:bf:1a:7d:46:0c:fb:98:3a:8d:bd:0e:00:ec:8e:
61:f9:e7:ab:82:f6:bf:f9:9d:ee:14:83:27:a1:37:
9b:d4:5c:4a:b9:1e:06:44:a9:30:6c:12:07:91:61:
4e:38:a1:9a:b3:73:87:1e:d6:7e:a4:30:3a:80:ae:
cb:ac:70:69:75:0f:89:c3:8a:ae:3c:fc:f6:a1:af:
73:61:65:d3:fe:ef:74:36:c8:08:9f:02:31:ef:d2:
29:3e:e6:32:45:72:81:aa:c2:7b:a7:90:0b:28:3f:
24:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:E4:AC:6F:1B:87:34:FB:85:ED:D0:8A:E7:CD:27:3C:D0:E1:C2:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036::/32
Signature Algorithm: sha256WithRSAEncryption
50:6e:9b:7d:85:3b:5e:b4:0f:5a:89:f2:66:fe:f5:ef:6c:15:
ae:01:0e:54:2d:af:94:3d:4a:b3:1e:b2:0d:9a:1f:7c:a5:a6:
bb:74:0f:d5:d8:53:11:2b:b0:76:ac:1d:ea:1d:bb:08:bd:85:
d1:5a:8e:fd:dd:18:c3:d9:e1:6e:33:d6:19:47:00:aa:0c:77:
ff:63:ff:8e:52:b4:4f:41:2e:2c:57:20:31:1d:bc:5b:39:4b:
70:71:02:f6:68:25:27:da:da:91:9e:49:43:2f:d2:6f:70:f0:
d3:75:75:c3:0c:23:45:7d:45:98:e1:8c:ff:f5:0d:06:c6:c8:
60:69:9d:62:37:2c:e7:3d:0d:ab:cf:97:d1:79:4e:90:b0:2f:
11:aa:8c:4b:d6:95:36:38:fd:d9:32:d2:f5:d0:9b:8c:01:85:
59:86:7f:7d:d8:ba:21:4c:e2:e5:d1:28:8d:3c:0c:9f:fb:be:
78:10:07:e2:6a:dc:cf:4f:0c:51:39:23:0b:7e:64:d9:a5:5b:
32:56:6b:5e:5d:08:89:db:12:0e:88:72:ae:b6:a3:93:8e:75:
42:ea:57:e1:c9:50:7f:9c:35:c0:c3:3c:4d:d5:f3:44:5b:0c:
3c:68:51:47:6d:1f:49:24:32:10:b7:aa:3d:2c:7f:33:ab:f6:
6b:d9:41:e1
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUBRFkpSgPmbywqG0RFF5iEaaBQ8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIxMTFaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2MjYzYTllM2JmMTUwNGZkZmMxYWNhNzc0NzdmYmM3YjdjN2E1YzkyN2Yz
NDVkZTliYjNhNWEwMmIyZDM3MTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzPKK3zRvNIhN4yJMO/AmEmraQghdsMAlNTYHI0wovwj3/JBHNMZI9nbkPA
NcJ3gbABDxJyRtOhVrYCP79Jieps47uMnDqSb8mRzW0fTxsRsQPXWYMjRZlFxnHz
Q7OVWTkisVg+/o+oz2fhYOYdjTrsuxd6SbtR+MwfcV9Vk2tKNBbTLd5MpguIvUkF
QB7swXC5KsDtzr8afUYM+5g6jb0OAOyOYfnnq4L2v/md7hSDJ6E3m9RcSrkeBkSp
MGwSB5FhTjihmrNzhx7WfqQwOoCuy6xwaXUPicOKrjz89qGvc2Fl0/7vdDbICJ8C
Me/SKT7mMkVygarCe6eQCyg/JHcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBT95Kxv
G4c0+4Xt0IrnzSc80OHC+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2ExNWFmMzktNjgxOC00ZWViLWJiYWYtMjgzYjdiZmZmYmE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DYw
DQYJKoZIhvcNAQELBQADggEBAFBum32FO160D1qJ8mb+9e9sFa4BDlQtr5Q9SrMe
sg2aH3ylprt0D9XYUxErsHasHeoduwi9hdFajv3dGMPZ4W4z1hlHAKoMd/9j/45S
tE9BLixXIDEdvFs5S3BxAvZoJSfa2pGeSUMv0m9w8NN1dcMMI0V9RZjhjP/1DQbG
yGBpnWI3LOc9DavPl9F5TpCwLxGqjEvWlTY4/dky0vXQm4wBhVmGf33YuiFM4uXR
KI08DJ/7vngQB+Jq3M9PDFE5Iwt+ZNmlWzJWa15dCInbEg6Icq62o5OOdULqV+HJ
UH+cNcDDPE3V80RbDDxoUUdtH0kkMhC3qj0sfzOr9mvZQeE=
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:29 2025 by rpki-client