Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
File: 3c7c4703-2876-4e04-b857-8c0298bd0897.roa (raw, json)
Hash identifier: zICsxKRr8KMbnpv66q8ChUWK8G4Mjl8YGpXS2EFZi50=
Subject key identifier: 20:D7:C3:31:A4:B1:F6:C6:9D:29:5E:65:E5:5B:96:FA:27:03:32:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E31CF36104398BF81E2C80D00636AB47C127C90
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
Signing time: Fri 25 Apr 2025 18:30:26 +0000
ROA not before: Fri 25 Apr 2025 18:30:26 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:31:cf:36:10:43:98:bf:81:e2:c8:0d:00:63:6a:b4:7c:12:7c:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:30:26 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=a5fdaf62e3a00ed6cbf45702f37105a084aaf0261a14acab1667d4585816ecd9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0b:82:b2:aa:01:40:04:a6:2b:63:8c:de:e1:
fa:41:26:f1:7d:28:4c:8d:ea:32:6b:20:53:27:26:
b9:54:05:72:ee:19:c9:c5:b5:1e:b6:c0:99:04:fb:
c0:59:d6:04:28:06:1c:8b:b6:44:5a:79:fb:19:4d:
95:5d:cb:a2:a2:42:c8:d8:d1:8b:75:f7:5d:f4:65:
7d:e6:78:55:75:ad:07:98:05:15:49:af:b9:f3:55:
80:8d:a9:73:4f:fb:6f:da:cf:9a:9d:4d:ca:05:a1:
b1:37:20:86:0f:84:63:bd:82:3b:76:17:ea:2c:9c:
1e:71:94:74:5e:b9:73:fa:8f:d4:b8:12:d1:bf:ab:
5f:1f:ff:24:86:93:f2:32:f4:93:15:62:ca:9f:1f:
fc:ea:1f:16:79:f2:93:72:ab:0b:44:81:4d:11:e4:
ed:14:3d:a9:6e:89:37:a7:25:a1:4c:5d:af:c5:db:
9d:63:fb:e3:3f:10:4e:e6:2c:23:94:48:fd:dc:a1:
34:3c:a1:c0:64:f1:8d:5c:00:6c:56:b3:48:d1:d0:
02:15:c6:a1:1a:38:72:d9:30:0f:32:b6:bc:44:e4:
c0:da:7b:69:c2:b7:e3:83:35:70:c1:41:4e:f6:db:
b7:70:16:55:d2:76:b1:69:01:4a:97:bc:be:b1:43:
23:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:D7:C3:31:A4:B1:F6:C6:9D:29:5E:65:E5:5B:96:FA:27:03:32:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
c8:30:7f:ee:3c:bd:1b:41:22:99:69:7f:2e:df:42:07:90:ee:
f2:11:23:4b:ef:d4:c0:b5:f3:e5:5e:c9:0c:97:1a:fb:40:5f:
0a:e6:12:3f:92:1d:78:83:5d:92:31:bb:54:69:0a:04:a9:30:
88:a2:8e:95:49:60:cc:59:1c:3d:c0:ef:c9:93:b2:2a:2f:5d:
ea:6f:c4:cb:33:37:c3:9f:79:a1:59:1f:ed:33:47:61:a9:bf:
3b:4a:ab:83:b7:bb:b1:ee:a3:c4:6f:65:fc:90:cb:83:80:3e:
e9:ca:92:aa:64:e0:1b:34:9b:1b:7c:18:71:2d:48:44:be:63:
0c:7f:ba:b7:a9:b4:1c:a8:74:4b:74:f5:02:5b:e7:c3:7c:f2:
c2:c4:de:6b:c4:a9:ca:70:07:1c:c9:4c:b8:9d:3d:0c:af:4d:
b2:b2:97:2e:18:0d:ae:c4:57:b6:80:3e:34:27:07:e0:ce:17:
1b:1d:5c:05:25:b0:c9:3a:b2:1c:0a:87:0a:5d:0f:fd:4e:30:
58:63:5d:39:c7:d4:61:2c:88:f1:3b:b5:ad:41:ae:28:32:98:
4a:6b:1a:55:e9:33:02:ff:16:a8:e3:44:01:d8:20:31:6e:b1:
f4:7e:b8:d8:79:c4:ab:5d:ee:e4:51:e3:1e:60:06:e8:16:86:
80:c2:93:37
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfjHPNhBDmL+B4sgNAGNqtHwSfJAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMwMjZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1ZmRhZjYyZTNhMDBlZDZjYmY0NTcwMmYzNzEwNWEwODRhYWYwMjYxYTE0
YWNhYjE2NjdkNDU4NTgxNmVjZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKcLgrKqAUAEpitjjN7h+kEm8X0oTI3qMmsgUycmuVQFcu4ZycW1HrbAmQT7
wFnWBCgGHIu2RFp5+xlNlV3LoqJCyNjRi3X3XfRlfeZ4VXWtB5gFFUmvufNVgI2p
c0/7b9rPmp1NygWhsTcghg+EY72CO3YX6iycHnGUdF65c/qP1LgS0b+rXx//JIaT
8jL0kxViyp8f/OofFnnyk3KrC0SBTRHk7RQ9qW6JN6cloUxdr8XbnWP74z8QTuYs
I5RI/dyhNDyhwGTxjVwAbFazSNHQAhXGoRo4ctkwDzK2vETkwNp7acK344M1cMFB
Tvbbt3AWVdJ2sWkBSpe8vrFDI90CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQg18Mx
pLH2xp0pXmXlW5b6JwMyYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2M3YzQ3MDMtMjg3Ni00ZTA0LWI4NTctOGMwMjk4YmQwODk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+w
MA0GCSqGSIb3DQEBCwUAA4IBAQDIMH/uPL0bQSKZaX8u30IHkO7yESNL79TAtfPl
XskMlxr7QF8K5hI/kh14g12SMbtUaQoEqTCIoo6VSWDMWRw9wO/Jk7IqL13qb8TL
MzfDn3mhWR/tM0dhqb87SquDt7ux7qPEb2X8kMuDgD7pypKqZOAbNJsbfBhxLUhE
vmMMf7q3qbQcqHRLdPUCW+fDfPLCxN5rxKnKcAccyUy4nT0Mr02yspcuGA2uxFe2
gD40JwfgzhcbHVwFJbDJOrIcCocKXQ/9TjBYY105x9RhLIjxO7WtQa4oMphKaxpV
6TMC/xao40QB2CAxbrH0frjYecSrXe7kUeMeYAboFoaAwpM3
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:23 2025 by rpki-client