Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
File: 404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa (raw, json)
Hash identifier: alTJm6HkP01iT1UfOrmzmqzzSaYa1k7zxyNPslqt6EA=
Subject key identifier: D0:F8:84:55:60:05:3E:4F:73:7A:E8:A4:28:7D:26:85:45:63:BB:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2CA7234BAAE2BC465E9CB9A8D69CDA41A3E808F2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
Signing time: Tue 20 May 2025 20:40:07 +0000
ROA not before: Tue 20 May 2025 20:40:07 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d017::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:a7:23:4b:aa:e2:bc:46:5e:9c:b9:a8:d6:9c:da:41:a3:e8:08:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:40:07 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=2117261c5bbbb37be552c81f0a1654a014e7a3eb93732a5d834b5c22966cf0aa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ef:51:d5:a1:fa:ba:44:56:b3:ab:8a:62:8a:
3a:8c:b3:f0:d5:6e:82:64:19:af:85:8e:27:a1:5c:
f7:e5:e6:da:b7:49:d0:eb:f6:26:f2:ad:7a:c3:ad:
e9:3f:b8:67:94:33:f9:5c:5e:a0:14:fa:65:ba:a8:
e3:84:c7:94:0d:86:39:45:a2:f4:bf:0f:20:8b:23:
10:a4:6f:1f:1f:4f:64:cf:27:30:7b:4a:bf:e2:ea:
c4:1f:ef:09:1b:42:ab:a5:d2:ff:0c:aa:8f:a2:c5:
da:5c:b7:87:c0:7d:8e:5a:36:60:85:39:4d:96:67:
5c:85:d4:f6:05:d3:39:69:52:ef:f2:78:50:22:3e:
d1:e5:69:8c:6c:cd:cf:29:4a:a3:06:fa:42:44:ce:
c4:3b:f8:db:cd:f9:a5:1d:ae:0d:7a:58:af:4f:80:
24:eb:c2:8d:3b:5a:90:c0:e9:c1:e3:42:cb:91:28:
25:33:ab:19:ad:ae:86:69:6b:de:72:38:02:97:c5:
82:47:10:66:90:83:49:0e:e9:a5:41:0b:14:bf:43:
3e:50:58:11:ca:ae:a6:91:89:31:05:d6:73:6c:40:
9d:5d:a6:23:14:33:21:31:54:a4:5a:56:f0:35:c3:
9b:b7:d4:20:ea:3f:0a:31:1e:ee:e2:04:fc:78:13:
60:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F8:84:55:60:05:3E:4F:73:7A:E8:A4:28:7D:26:85:45:63:BB:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d017::/36
Signature Algorithm: sha256WithRSAEncryption
2b:f6:25:dc:2b:78:ae:c8:1a:02:79:8a:be:0f:4a:ea:5d:10:
c7:d9:08:3d:03:ab:ed:a8:7a:5f:a6:64:4e:e1:cf:4d:53:ac:
a2:34:84:06:ab:f3:26:4b:b7:af:68:9d:8b:98:0b:a6:26:f2:
32:f7:c1:fe:0c:a8:a3:00:8a:ac:7e:47:7d:83:c3:32:4b:1e:
51:cd:1e:92:40:bb:54:c9:f4:29:ec:9d:30:b1:ea:84:35:af:
5e:a2:ee:72:96:bb:88:03:84:97:3c:97:fe:8d:5d:21:5f:52:
1f:ba:f7:b8:17:d2:a6:57:07:f8:62:b0:4e:c3:3b:e7:d8:0e:
bb:30:72:68:48:d4:3a:ad:63:e4:01:30:cb:1a:0c:81:f3:16:
1a:a7:fd:73:80:0f:3c:3b:e5:3d:d8:71:7b:50:5d:88:f8:eb:
ad:a8:ff:1e:7f:0d:47:a2:d9:1e:54:67:79:c3:b7:89:05:ae:
83:08:19:46:5b:80:2d:65:fd:1d:20:4a:47:4a:c2:c4:ea:f3:
10:8d:a4:73:a9:1f:c9:8c:3e:a7:01:02:02:fc:66:9c:bd:c6:
18:b3:a7:6c:f0:76:24:6e:08:1a:d5:06:22:67:ad:fc:a8:ed:
3e:64:49:23:47:33:65:0d:71:11:48:d8:ce:2a:12:27:9a:ad:
65:9e:39:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULKcjS6rivEZenLmo1pzaQaPoCPIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDQwMDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxMTcyNjFjNWJiYmIzN2JlNTUyYzgxZjBhMTY1NGEwMTRlN2EzZWI5Mzcz
MmE1ZDgzNGI1YzIyOTY2Y2YwYWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3vUdWh+rpEVrOrimKKOoyz8NVugmQZr4WOJ6Fc9+Xm2rdJ0Ov2JvKtesOt
6T+4Z5Qz+VxeoBT6Zbqo44THlA2GOUWi9L8PIIsjEKRvHx9PZM8nMHtKv+LqxB/v
CRtCq6XS/wyqj6LF2ly3h8B9jlo2YIU5TZZnXIXU9gXTOWlS7/J4UCI+0eVpjGzN
zylKowb6QkTOxDv42835pR2uDXpYr0+AJOvCjTtakMDpweNCy5EoJTOrGa2uhmlr
3nI4ApfFgkcQZpCDSQ7ppUELFL9DPlBYEcquppGJMQXWc2xAnV2mIxQzITFUpFpW
8DXDm7fUIOo/CjEe7uIE/HgTYNMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTQ+IRV
YAU+T3N66KQofSaFRWO7FDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA0ZWYxYWYtZTA1Mi00MWI4LWEwYmYtNzBlM2ZhMGFhMDUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BcA
MA0GCSqGSIb3DQEBCwUAA4IBAQAr9iXcK3iuyBoCeYq+D0rqXRDH2Qg9A6vtqHpf
pmRO4c9NU6yiNIQGq/MmS7evaJ2LmAumJvIy98H+DKijAIqsfkd9g8MySx5RzR6S
QLtUyfQp7J0wseqENa9eou5ylruIA4SXPJf+jV0hX1Ifuve4F9KmVwf4YrBOwzvn
2A67MHJoSNQ6rWPkATDLGgyB8xYap/1zgA88O+U92HF7UF2I+OutqP8efw1Hotke
VGd5w7eJBa6DCBlGW4AtZf0dIEpHSsLE6vMQjaRzqR/JjD6nAQIC/GacvcYYs6ds
8HYkbgga1QYiZ638qO0+ZEkjRzNlDXERSNjOKhInmq1lnjmR
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:11 2025 by rpki-client