Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
File: 3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa (raw, json)
Hash identifier: ee/0+nNYEHxuHJ28Ic/1Npn00HZvp290G+2w5xaNOxk=
Subject key identifier: 35:33:5B:DC:4D:E9:42:6A:62:39:19:36:0A:0C:29:E4:0D:96:BE:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72987D40289AC2E96B961D304A2280B2ABC56180
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
Signing time: Fri 25 Apr 2025 20:01:31 +0000
ROA not before: Fri 25 Apr 2025 20:01:31 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:98:7d:40:28:9a:c2:e9:6b:96:1d:30:4a:22:80:b2:ab:c5:61:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:01:31 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=17744a85560574a74dfe67390859abc7a877ecb4948a4f42d2cc7b2583bfee2a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:02:b5:29:39:33:55:89:eb:67:ce:18:98:7a:
64:85:f9:cb:54:81:2d:ad:4d:58:72:c5:ba:8d:cd:
79:06:dd:89:d2:14:6f:3c:26:49:b7:b9:75:90:80:
f6:c4:9e:6a:a5:9f:4e:52:28:d5:9e:15:ff:00:6b:
6a:b2:f2:bf:98:6f:fa:d1:3e:ea:75:76:b9:ca:7f:
e3:83:a4:5d:96:a2:f2:8d:71:5c:e4:33:13:e1:a3:
ad:45:f0:1e:9a:ce:f9:86:74:e5:d1:b9:dd:84:25:
4a:78:89:ef:67:9e:0f:da:81:c4:99:b6:7c:6b:86:
74:c3:73:7d:04:f3:4f:42:10:10:52:7e:2d:f5:ad:
aa:72:76:a8:7d:5c:be:a3:05:3b:a3:6f:50:65:cf:
c9:0a:bb:3d:4d:74:81:1d:c7:fb:96:62:b8:60:be:
af:8a:3e:24:cd:b7:df:14:d0:bd:5f:56:bd:b0:d3:
0a:87:e6:c2:d7:5e:29:c0:37:2a:ff:bd:32:ab:2e:
1e:28:f0:8f:eb:2b:26:76:ec:bc:d2:a8:0d:d8:3d:
4d:07:50:47:e0:2a:ef:69:84:48:fb:cd:38:03:fe:
20:a8:8d:7d:49:34:4b:0d:e1:c9:1c:b6:9b:d5:51:
c4:53:03:28:2c:7c:af:52:ae:0d:f2:19:d5:62:61:
f7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:33:5B:DC:4D:E9:42:6A:62:39:19:36:0A:0C:29:E4:0D:96:BE:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036::/32
Signature Algorithm: sha256WithRSAEncryption
53:7f:9c:ba:26:76:aa:a4:da:e1:37:bf:d5:55:91:2d:14:b9:
b8:ca:d9:ec:d1:2b:a7:bf:93:de:bc:67:6d:8e:e7:c4:2c:9d:
38:54:fd:21:70:c2:c5:14:5d:e5:c0:67:61:c9:c4:41:7d:26:
af:ba:e3:b2:09:46:aa:06:11:65:cc:83:56:25:56:3f:8b:a2:
2b:e5:b6:49:cb:fa:b3:04:26:ea:5e:b1:ba:88:c1:e5:60:1f:
71:99:cf:c5:f1:37:6d:06:57:e0:70:4c:69:76:d5:5d:e7:1a:
00:59:36:3d:17:fb:c6:d0:24:7b:df:87:e9:81:56:a3:96:17:
d5:24:bf:bb:96:f9:e5:d3:ec:92:00:a1:67:5d:b5:b3:38:46:
18:91:cb:8a:cd:3f:84:50:54:69:b2:ef:c0:c5:d3:eb:ab:2b:
c6:95:fe:87:17:74:4b:47:57:e6:79:82:a3:f7:96:9e:78:c0:
44:0e:1a:d4:ca:c4:68:22:c4:85:06:ef:b9:80:20:ae:ef:7c:
d3:50:a6:64:b5:ba:bd:24:64:dc:2d:f9:0a:04:2e:8c:aa:ee:
55:75:95:11:1b:d8:ee:83:b9:27:49:c5:00:cf:bb:47:3d:62:
e3:f9:7a:af:09:fa:f3:13:89:56:fd:5b:da:cc:40:24:f4:d0:
9a:f2:cc:cc
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUcph9QCiawulrlh0wSiKAsqvFYYAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAxMzFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3NzQ0YTg1NTYwNTc0YTc0ZGZlNjczOTA4NTlhYmM3YTg3N2VjYjQ5NDhh
NGY0MmQyY2M3YjI1ODNiZmVlMmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANkCtSk5M1WJ62fOGJh6ZIX5y1SBLa1NWHLFuo3NeQbdidIUbzwmSbe5dZCA
9sSeaqWfTlIo1Z4V/wBrarLyv5hv+tE+6nV2ucp/44OkXZai8o1xXOQzE+GjrUXw
HprO+YZ05dG53YQlSniJ72eeD9qBxJm2fGuGdMNzfQTzT0IQEFJ+LfWtqnJ2qH1c
vqMFO6NvUGXPyQq7PU10gR3H+5ZiuGC+r4o+JM233xTQvV9WvbDTCofmwtdeKcA3
Kv+9MqsuHijwj+srJnbsvNKoDdg9TQdQR+Aq72mESPvNOAP+IKiNfUk0Sw3hyRy2
m9VRxFMDKCx8r1KuDfIZ1WJh970CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQ1M1vc
TelCamI5GTYKDCnkDZa+fTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2ExNWFmMzktNjgxOC00ZWViLWJiYWYtMjgzYjdiZmZmYmE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DYw
DQYJKoZIhvcNAQELBQADggEBAFN/nLomdqqk2uE3v9VVkS0UubjK2ezRK6e/k968
Z22O58QsnThU/SFwwsUUXeXAZ2HJxEF9Jq+647IJRqoGEWXMg1YlVj+LoivltknL
+rMEJupesbqIweVgH3GZz8XxN20GV+BwTGl21V3nGgBZNj0X+8bQJHvfh+mBVqOW
F9Ukv7uW+eXT7JIAoWddtbM4RhiRy4rNP4RQVGmy78DF0+urK8aV/ocXdEtHV+Z5
gqP3lp54wEQOGtTKxGgixIUG77mAIK7vfNNQpmS1ur0kZNwt+QoELoyq7lV1lREb
2O6DuSdJxQDPu0c9YuP5eq8J+vMTiVb9W9rMQCT00JryzMw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:58 2025 by rpki-client