Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
File: 4304a130-e9d1-47a4-8ecf-5d755740a478.roa (raw, json)
Hash identifier: TEVFB0S3K1lqMr0vSV7aYVGSU324gfKx3Lh5MFKToGI=
Subject key identifier: EA:94:11:95:7E:40:78:3E:F2:12:9D:1A:18:B9:61:BC:5C:32:C5:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34CC95F3624E4DF6A588F2DF62B22F4F662A65A2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
Signing time: Fri 25 Apr 2025 18:50:55 +0000
ROA not before: Fri 25 Apr 2025 18:50:55 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:cc:95:f3:62:4e:4d:f6:a5:88:f2:df:62:b2:2f:4f:66:2a:65:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:50:55 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b8d5c3b568a6178255b18a6859de69fb46c15bcc8a758681b4dc108c0914b251, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8a:47:f4:e8:96:1b:de:77:3d:a9:65:e7:75:
56:ec:05:70:b4:01:d4:27:c8:4e:6f:0f:6b:81:e4:
cb:6d:b7:4c:fb:ec:0f:70:98:ed:48:80:5e:e7:54:
7b:ab:26:b0:09:d6:73:c5:31:48:8e:37:99:f2:a6:
a4:46:0b:4f:bb:3a:6d:77:70:5b:59:03:07:75:ec:
25:2d:66:55:77:31:67:c2:ff:8c:3d:f5:9c:cf:b3:
9f:21:7d:18:6f:f2:52:43:a5:9d:9d:cf:a6:3f:db:
51:03:85:3e:7b:a0:0e:ac:93:09:b7:ba:63:c8:61:
51:aa:3b:02:89:6d:af:d9:95:bc:82:bf:6a:10:d2:
eb:e0:9d:56:0e:9c:4f:d4:57:d9:5f:aa:c0:a6:32:
25:e9:9d:f6:4c:d0:91:d4:a8:b5:c0:55:a8:cb:58:
95:bc:dc:c7:5a:12:40:2d:f4:b6:af:27:54:ef:e8:
dc:d5:d0:2e:bc:bc:ed:9f:36:97:37:18:b1:3d:89:
3e:2b:78:20:29:5b:4a:b5:75:70:fe:23:48:e0:73:
79:4c:37:70:7a:73:42:ae:18:1e:86:24:ca:70:e6:
57:c5:cd:62:20:d4:fe:a0:2c:87:b7:1c:c1:75:ad:
39:1d:db:89:eb:be:02:01:4e:cb:1c:4f:8d:f8:ff:
a4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:94:11:95:7E:40:78:3E:F2:12:9D:1A:18:B9:61:BC:5C:32:C5:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80e0::/48
Signature Algorithm: sha256WithRSAEncryption
a4:82:3c:d2:c3:2c:06:e0:13:97:01:d3:c1:27:59:b0:33:8f:
c2:e9:27:47:50:18:70:c3:eb:9c:56:09:46:09:d4:85:ac:17:
c1:a4:d8:3f:9b:c9:0e:6e:dc:70:cb:14:24:17:9e:71:fd:f0:
5e:20:d0:c8:1a:d7:0f:5c:63:0a:6e:eb:f3:b9:c0:cb:77:a2:
23:8f:21:5b:df:c9:c6:f6:b1:4d:7c:3f:17:bd:28:21:23:cc:
e7:e3:fc:3a:f5:ea:9b:cd:0a:16:45:b3:d8:c7:1c:58:14:b1:
61:9a:e8:2c:5c:f5:f4:a0:d6:8a:60:cd:4b:fa:15:a6:70:7f:
3b:40:e9:f3:10:a6:84:ff:dc:52:a0:e6:26:51:37:bd:bb:c5:
90:60:39:06:93:e0:b5:14:6c:a6:ad:11:af:cd:f4:ec:87:47:
62:af:e1:55:50:92:5e:89:b1:e4:fb:a4:2e:9d:32:fe:7a:ea:
98:9a:d3:bf:66:48:8d:13:5a:8b:2b:41:77:46:57:18:82:49:
6e:75:08:7f:2e:05:ed:eb:dd:30:b7:97:03:8c:93:44:79:a4:
b8:56:96:a7:5e:17:dd:32:35:0d:ea:d3:a2:1c:bc:4a:d1:1c:
c3:3d:d8:84:a9:e7:2c:ec:9f:03:44:21:51:76:bd:b2:f4:df:
d7:6f:76:a7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNMyV82JOTfaliPLfYrIvT2YqZaIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUwNTVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4ZDVjM2I1NjhhNjE3ODI1NWIxOGE2ODU5ZGU2OWZiNDZjMTViY2M4YTc1
ODY4MWI0ZGMxMDhjMDkxNGIyNTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKaKR/Tolhvedz2pZed1VuwFcLQB1CfITm8Pa4Hky223TPvsD3CY7UiAXudU
e6smsAnWc8UxSI43mfKmpEYLT7s6bXdwW1kDB3XsJS1mVXcxZ8L/jD31nM+znyF9
GG/yUkOlnZ3Ppj/bUQOFPnugDqyTCbe6Y8hhUao7Aoltr9mVvIK/ahDS6+CdVg6c
T9RX2V+qwKYyJemd9kzQkdSotcBVqMtYlbzcx1oSQC30tq8nVO/o3NXQLry87Z82
lzcYsT2JPit4IClbSrV1cP4jSOBzeUw3cHpzQq4YHoYkynDmV8XNYiDU/qAsh7cc
wXWtOR3bieu+AgFOyxxPjfj/pJsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTqlBGV
fkB4PvISnRoYuWG8XDLFKzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDMwNGExMzAtZTlkMS00N2E0LThlY2YtNWQ3NTU3NDBhNDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
4DANBgkqhkiG9w0BAQsFAAOCAQEApII80sMsBuATlwHTwSdZsDOPwuknR1AYcMPr
nFYJRgnUhawXwaTYP5vJDm7ccMsUJBeecf3wXiDQyBrXD1xjCm7r87nAy3eiI48h
W9/JxvaxTXw/F70oISPM5+P8OvXqm80KFkWz2MccWBSxYZroLFz19KDWimDNS/oV
pnB/O0Dp8xCmhP/cUqDmJlE3vbvFkGA5BpPgtRRspq0Rr8307IdHYq/hVVCSXomx
5PukLp0y/nrqmJrTv2ZIjRNaiytBd0ZXGIJJbnUIfy4F7evdMLeXA4yTRHmkuFaW
p14X3TI1DerTohy8StEcwz3YhKnnLOyfA0QhUXa9svTf1292pw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:18 2025 by rpki-client