Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
File: 3af05485-fd97-4026-a50e-0227f46bd107.roa (raw, json)
Hash identifier: HT9U4sdkP1Hod+gdEsZemeESAJi+NcYpox+rXliJP2U=
Subject key identifier: 55:D7:C9:17:6E:85:F2:60:6F:1C:F0:03:4E:4C:07:59:73:ED:A8:4D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C965CA6A4010BF637ACE18DCCA89F6611A63A11
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
Signing time: Fri 25 Apr 2025 18:50:50 +0000
ROA not before: Fri 25 Apr 2025 18:50:50 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:96:5c:a6:a4:01:0b:f6:37:ac:e1:8d:cc:a8:9f:66:11:a6:3a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:50:50 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=94f5571a986adccd60b2e2073e17734d2fe987b85ac65fea61982d0cd6ac6396, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:76:dc:63:b5:aa:ed:ac:66:69:c6:8a:7f:66:
c2:f3:8a:96:52:bd:fc:b0:4f:9e:a6:fe:85:a9:3e:
f2:89:52:43:60:1c:25:c3:42:07:b8:04:99:ed:12:
18:25:d7:40:2d:df:ff:d9:cb:11:12:5f:ee:07:e6:
e6:76:6b:9a:44:47:69:55:b2:2c:1b:aa:15:fb:4b:
0f:13:ce:c1:9a:70:10:b7:b7:0d:16:ce:aa:1c:cc:
cf:f0:16:1e:67:55:54:12:36:75:5f:4e:49:f2:e8:
ba:3c:ee:10:ef:22:d7:a9:cf:35:66:fb:ed:78:1d:
ab:08:41:86:2c:d2:3c:b2:1d:94:aa:76:a9:af:39:
c5:e4:99:2f:90:f5:49:07:bd:1e:46:76:bd:43:da:
05:9b:5c:ec:f6:82:3e:e3:6a:73:29:82:85:ee:d5:
27:5d:83:ce:22:31:65:6c:37:f1:77:1e:15:17:35:
fc:a1:d6:58:f5:0d:61:e9:fb:08:da:f4:c6:c6:8b:
eb:f5:d9:ae:81:26:19:d4:01:d5:1d:61:99:07:9b:
a6:a0:5f:8e:1f:17:a7:77:76:fe:3b:e3:11:cc:59:
81:aa:71:96:69:8f:81:b0:39:fb:4a:43:17:cf:c8:
35:2d:42:4d:33:db:4b:2c:00:62:ab:c8:c1:0c:e9:
ff:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:D7:C9:17:6E:85:F2:60:6F:1C:F0:03:4E:4C:07:59:73:ED:A8:4D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:6000::/40
Signature Algorithm: sha256WithRSAEncryption
35:67:14:e3:38:80:97:56:75:aa:54:d1:f4:14:37:49:95:74:
74:70:21:66:6f:40:f4:f3:ef:f2:08:b0:2a:7d:0f:6c:11:0e:
70:30:ad:c3:5f:a4:59:9a:09:21:61:f7:33:de:5a:1b:20:39:
a8:af:a5:78:e5:51:d7:ee:fb:26:13:0d:ad:80:2d:39:70:aa:
af:04:ea:e5:dd:ec:d9:43:78:60:0a:75:11:17:93:a4:9d:38:
1e:66:fb:a7:37:4c:8a:bb:45:ae:94:03:5e:90:f9:37:17:af:
81:41:d2:35:a8:f9:ce:ba:96:a2:b9:89:5a:16:7b:63:6c:23:
34:a4:a6:93:dd:5c:14:1a:e0:3c:5f:5d:91:75:3e:67:08:e0:
1f:6f:97:2d:f7:e2:66:30:3e:0d:f5:ea:7d:23:e8:5c:89:23:
d7:4b:6c:12:cc:58:1e:c7:a0:15:3b:c2:f1:e9:f3:04:a9:57:
bb:c8:61:5d:30:53:a6:ac:35:dc:36:7b:c2:08:36:95:97:3c:
23:12:fb:55:40:56:47:c1:53:0f:3b:b3:d6:9d:a9:61:f1:70:
d5:cf:d3:53:93:61:31:2a:0f:ad:5a:ab:fb:11:71:31:cd:cf:
b3:cc:c9:ea:ac:4e:93:a6:f6:f8:6a:f0:92:78:f6:e8:80:27:
8a:ff:a0:e2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbJZcpqQBC/Y3rOGNzKifZhGmOhEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUwNTBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0ZjU1NzFhOTg2YWRjY2Q2MGIyZTIwNzNlMTc3MzRkMmZlOTg3Yjg1YWM2
NWZlYTYxOTgyZDBjZDZhYzYzOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM523GO1qu2sZmnGin9mwvOKllK9/LBPnqb+hak+8olSQ2AcJcNCB7gEme0S
GCXXQC3f/9nLERJf7gfm5nZrmkRHaVWyLBuqFftLDxPOwZpwELe3DRbOqhzMz/AW
HmdVVBI2dV9OSfLoujzuEO8i16nPNWb77XgdqwhBhizSPLIdlKp2qa85xeSZL5D1
SQe9HkZ2vUPaBZtc7PaCPuNqcymChe7VJ12DziIxZWw38XceFRc1/KHWWPUNYen7
CNr0xsaL6/XZroEmGdQB1R1hmQebpqBfjh8Xp3d2/jvjEcxZgapxlmmPgbA5+0pD
F8/INS1CTTPbSywAYqvIwQzp/zkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRV18kX
boXyYG8c8ANOTAdZc+2oTTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2FmMDU0ODUtZmQ5Ny00MDI2LWE1MGUtMDIyN2Y0NmJkMTA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9g
MA0GCSqGSIb3DQEBCwUAA4IBAQA1ZxTjOICXVnWqVNH0FDdJlXR0cCFmb0D08+/y
CLAqfQ9sEQ5wMK3DX6RZmgkhYfcz3lobIDmor6V45VHX7vsmEw2tgC05cKqvBOrl
3ezZQ3hgCnURF5OknTgeZvunN0yKu0WulANekPk3F6+BQdI1qPnOupaiuYlaFntj
bCM0pKaT3VwUGuA8X12RdT5nCOAfb5ct9+JmMD4N9ep9I+hciSPXS2wSzFgex6AV
O8Lx6fMEqVe7yGFdMFOmrDXcNnvCCDaVlzwjEvtVQFZHwVMPO7PWnalh8XDVz9NT
k2ExKg+tWqv7EXExzc+zzMnqrE6Tpvb4avCSePbogCeK/6Di
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:23 2025 by rpki-client