Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
File: 4aa20760-fb28-4393-bec8-9ffb467f03e4.roa (raw, json)
Hash identifier: uDsKLziYyjOachY2bJsK28vMJgU4PxzIG1D9veVjBzA=
Subject key identifier: 07:FB:54:D9:A2:43:F9:0D:02:C5:72:80:AF:3A:D5:F6:2B:EF:35:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23B76DD308CD2AA7973AFED91C6C71AAFDD7B727
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
Signing time: Tue 20 May 2025 20:00:57 +0000
ROA not before: Tue 20 May 2025 20:00:57 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:b7:6d:d3:08:cd:2a:a7:97:3a:fe:d9:1c:6c:71:aa:fd:d7:b7:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:00:57 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=f68fd51700e708c90b648f3053a305f2eef6d4e67c22b2f0e2b98e7842766987, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:eb:20:c8:e3:18:a4:40:ea:e8:a4:3d:1d:38:
59:56:2e:3b:81:08:18:40:ca:1b:b6:67:37:79:c1:
8d:db:3a:48:83:a0:7a:b6:6c:13:bc:25:2a:eb:99:
28:76:ee:a0:f3:dd:d0:4d:42:35:20:53:72:8e:16:
23:f6:d1:c6:73:04:74:a0:c5:8f:2b:26:f1:77:7b:
0d:49:84:d4:8b:48:7d:b8:24:e9:2a:38:da:db:d2:
c4:d2:7b:60:04:1a:73:0e:7a:0b:6d:79:bd:7e:b2:
6b:e1:b3:03:ab:15:d3:c2:db:5b:8c:cb:15:73:b5:
8d:71:79:d5:4c:38:33:4c:20:3e:6a:a4:0f:dd:f4:
ed:2a:3a:a1:00:44:e6:4c:b5:b0:0e:ca:06:16:eb:
62:58:61:f7:84:b8:ec:bf:0c:f4:4a:06:3c:d8:7d:
f4:46:48:c2:d0:48:f4:8b:01:94:63:bb:e2:43:6c:
22:1b:69:9c:41:46:d5:e7:7d:fc:05:d5:90:ad:9f:
f5:8a:b9:4c:cd:6a:09:3e:a8:75:90:cf:9b:6d:69:
67:21:68:f5:a2:b9:55:25:6c:44:a8:05:79:97:79:
9d:6d:9d:ba:44:9d:a0:80:17:82:bd:b0:40:c3:af:
cf:98:72:8b:36:0f:43:fa:bf:94:04:15:04:ec:b7:
b5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:FB:54:D9:A2:43:F9:0D:02:C5:72:80:AF:3A:D5:F6:2B:EF:35:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
28:9b:f2:9a:32:93:18:69:15:f0:13:a8:dd:21:6f:52:91:ad:
e4:0a:42:70:a0:fa:1e:52:ec:c1:85:1f:24:df:28:89:60:85:
cc:30:94:63:b7:67:76:49:c8:db:9d:29:cc:7b:58:70:a7:a1:
4f:06:3e:16:98:1a:43:f3:a8:42:e5:e9:21:a8:16:93:3a:12:
74:74:9f:77:6f:00:7d:b5:a6:bf:b1:9f:f0:d8:df:c6:fe:cc:
8b:96:c5:92:c8:fc:fa:81:9c:fa:2d:8c:c1:1a:32:31:99:6a:
d6:80:44:3d:c9:fd:c5:f3:2b:33:ab:d4:ab:f9:d9:9a:71:b7:
a5:95:2e:96:4a:ff:be:04:40:46:89:3f:73:4e:a1:32:21:89:
ad:c2:a2:06:49:3f:19:c9:33:fb:68:ab:56:19:2a:95:e2:0b:
e9:66:9f:ef:b0:5d:a5:3e:5c:93:d7:a4:ec:7b:dd:23:20:bd:
8e:e8:ea:a1:7e:df:db:a7:dc:ba:78:3c:29:da:d7:8d:87:82:
e9:59:1a:3a:b3:4e:6b:2a:c5:a0:62:8a:e5:ce:e6:c5:82:ca:
b2:84:a8:69:7d:f3:11:f8:0b:20:88:84:85:82:e9:61:bc:61:
3a:72:e8:a2:c8:f1:36:cf:f1:2d:4c:60:43:1f:fb:da:6e:da:
86:02:18:29
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI7dt0wjNKqeXOv7ZHGxxqv3XtycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAwNTdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2OGZkNTE3MDBlNzA4YzkwYjY0OGYzMDUzYTMwNWYyZWVmNmQ0ZTY3YzIy
YjJmMGUyYjk4ZTc4NDI3NjY5ODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOHrIMjjGKRA6uikPR04WVYuO4EIGEDKG7ZnN3nBjds6SIOgerZsE7wlKuuZ
KHbuoPPd0E1CNSBTco4WI/bRxnMEdKDFjysm8Xd7DUmE1ItIfbgk6So42tvSxNJ7
YAQacw56C215vX6ya+GzA6sV08LbW4zLFXO1jXF51Uw4M0wgPmqkD9307So6oQBE
5ky1sA7KBhbrYlhh94S47L8M9EoGPNh99EZIwtBI9IsBlGO74kNsIhtpnEFG1ed9
/AXVkK2f9Yq5TM1qCT6odZDPm21pZyFo9aK5VSVsRKgFeZd5nW2dukSdoIAXgr2w
QMOvz5hyizYPQ/q/lAQVBOy3tXsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQH+1TZ
okP5DQLFcoCvOtX2K+81+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhMjA3NjAtZmIyOC00MzkzLWJlYzgtOWZmYjQ2N2YwM2U0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hpg
MA0GCSqGSIb3DQEBCwUAA4IBAQAom/KaMpMYaRXwE6jdIW9Ska3kCkJwoPoeUuzB
hR8k3yiJYIXMMJRjt2d2ScjbnSnMe1hwp6FPBj4WmBpD86hC5ekhqBaTOhJ0dJ93
bwB9taa/sZ/w2N/G/syLlsWSyPz6gZz6LYzBGjIxmWrWgEQ9yf3F8yszq9Sr+dma
cbellS6WSv++BEBGiT9zTqEyIYmtwqIGST8ZyTP7aKtWGSqV4gvpZp/vsF2lPlyT
16Tse90jIL2O6Oqhft/bp9y6eDwp2teNh4LpWRo6s05rKsWgYorlzubFgsqyhKhp
ffMR+AsgiISFgulhvGE6cuiiyPE2z/EtTGBDH/vabtqGAhgp
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:46:36 2025 by rpki-client