Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
File: 4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa (raw, json)
Hash identifier: xjYnyDj0G4B/r03xyYJybgW1QdZlsTc/Qw+clY38bJE=
Subject key identifier: 88:40:76:DF:3C:03:D1:C9:8C:AF:6F:D5:41:B9:CA:D4:9D:C8:B8:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D6693163D891D9DACEFD5696B4B3E43247748A5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
Signing time: Tue 15 Apr 2025 15:10:01 +0000
ROA not before: Tue 15 Apr 2025 15:10:01 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:66:93:16:3d:89:1d:9d:ac:ef:d5:69:6b:4b:3e:43:24:77:48:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:10:01 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=df6e953d8ba44600b460cb98bd8e96d59d7660d7dfbebe9f373fe9f1c11bd6a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d6:00:ea:f9:81:e3:2a:46:59:81:c4:8f:b0:
ac:80:c8:34:45:c1:32:09:3e:ed:b7:53:9d:4d:e4:
26:dd:e1:9c:3c:9a:78:86:76:e3:5b:e8:3c:a9:44:
b3:bb:2c:66:dc:2f:2b:0a:74:af:e1:8f:5c:ff:7d:
68:4f:db:31:84:07:b5:2f:64:a2:68:2d:0a:82:0a:
d0:05:1d:de:e7:91:9d:f2:82:f2:6e:c6:5e:d1:d6:
a5:ab:be:ba:15:ef:bb:f6:65:f5:62:19:cd:76:50:
16:5c:60:59:cf:d6:32:34:9f:55:17:20:92:e7:6e:
f4:b5:a1:7b:1f:04:73:b9:d7:9e:04:62:1c:41:58:
f3:86:16:35:b0:48:ce:55:51:4e:9f:e5:e1:e9:97:
c4:f8:1a:43:44:4f:6f:af:48:b3:2b:bc:78:93:9b:
96:75:9d:3a:54:37:e1:46:a3:ab:fc:f3:a7:b2:df:
fd:f2:8d:57:93:e7:81:74:97:2b:1a:da:6e:31:b1:
3e:d6:38:5b:ec:37:9a:58:09:bd:95:ac:29:d1:c4:
26:dd:3d:2a:28:7e:71:6a:f1:e5:80:38:c3:f6:43:
07:80:fa:bc:5f:52:cb:25:73:6b:90:0f:5b:c3:bb:
41:37:93:ef:12:a3:81:b4:a7:ed:0d:d0:50:a5:0e:
9e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:40:76:DF:3C:03:D1:C9:8C:AF:6F:D5:41:B9:CA:D4:9D:C8:B8:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a000::/40
Signature Algorithm: sha256WithRSAEncryption
92:f1:b2:04:26:9e:24:32:88:a1:05:0f:30:1f:e2:20:52:c0:
20:e4:04:03:4e:b4:0b:f8:b2:6a:91:f9:06:90:c1:5e:b8:83:
ed:4d:e8:f4:a6:67:49:e2:c4:3d:6e:cb:69:17:98:ed:91:9a:
7e:50:8b:53:4f:bf:42:23:41:4a:81:d4:77:05:84:df:d0:88:
8f:81:6e:b8:bb:66:98:a7:ad:22:3e:a4:25:53:59:66:f9:9f:
94:ac:ac:58:df:45:51:51:66:57:98:aa:d6:91:4e:8b:78:76:
8d:2d:ad:c9:ca:8f:ac:25:32:b9:01:c6:e6:77:be:9e:9a:a0:
cf:c8:22:c5:8c:0f:53:4e:49:77:3f:f4:33:c6:76:47:a3:b4:
c1:cf:f6:af:10:d3:3e:3a:e0:4b:49:8d:15:68:9f:d1:f1:c7:
6b:5b:49:f9:d1:fe:77:16:a7:09:19:53:9a:c1:cd:3f:b8:45:
68:34:f5:18:21:4f:2c:1a:22:5d:6e:29:f2:27:a0:c0:34:4c:
a7:6c:83:fd:c2:96:d2:3f:49:69:93:e3:ba:18:19:00:b3:49:
51:a4:b6:15:e8:8c:44:bc:9a:5c:11:ad:05:58:8b:36:d0:75:
06:6f:67:d3:b9:20:7f:f0:08:8d:d0:07:e2:b7:29:51:ad:80:
1a:a9:4f:a3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfWaTFj2JHZ2s79Vpa0s+QyR3SKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTEwMDFaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmNmU5NTNkOGJhNDQ2MDBiNDYwY2I5OGJkOGU5NmQ1OWQ3NjYwZDdkZmJl
YmU5ZjM3M2ZlOWYxYzExYmQ2YTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI/WAOr5geMqRlmBxI+wrIDINEXBMgk+7bdTnU3kJt3hnDyaeIZ241voPKlE
s7ssZtwvKwp0r+GPXP99aE/bMYQHtS9komgtCoIK0AUd3ueRnfKC8m7GXtHWpau+
uhXvu/Zl9WIZzXZQFlxgWc/WMjSfVRcgkudu9LWhex8Ec7nXngRiHEFY84YWNbBI
zlVRTp/l4emXxPgaQ0RPb69Isyu8eJOblnWdOlQ34Uajq/zzp7Lf/fKNV5PngXSX
KxrabjGxPtY4W+w3mlgJvZWsKdHEJt09Kih+cWrx5YA4w/ZDB4D6vF9SyyVza5AP
W8O7QTeT7xKjgbSn7Q3QUKUOns0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSIQHbf
PAPRyYyvb9VBucrUnci4ATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGJhNTRlNGYtMDI5NC00ZTgzLTgwMzctN2QyNjZjMzdmMGM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCg
MA0GCSqGSIb3DQEBCwUAA4IBAQCS8bIEJp4kMoihBQ8wH+IgUsAg5AQDTrQL+LJq
kfkGkMFeuIPtTej0pmdJ4sQ9bstpF5jtkZp+UItTT79CI0FKgdR3BYTf0IiPgW64
u2aYp60iPqQlU1lm+Z+UrKxY30VRUWZXmKrWkU6LeHaNLa3Jyo+sJTK5Acbmd76e
mqDPyCLFjA9TTkl3P/QzxnZHo7TBz/avENM+OuBLSY0VaJ/R8cdrW0n50f53FqcJ
GVOawc0/uEVoNPUYIU8sGiJdbinyJ6DANEynbIP9wpbSP0lpk+O6GBkAs0lRpLYV
6IxEvJpcEa0FWIs20HUGb2fTuSB/8AiN0AfitylRrYAaqU+j
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:23 2025 by rpki-client