Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e95266c-c25e-4290-89ff-746c48b05733.roa
File: 4e95266c-c25e-4290-89ff-746c48b05733.roa (raw, json)
Hash identifier: 9zQNj6jhn/wlQ/YbN57hJYSjMNl2CmmK7S4E8qUgPfc=
Subject key identifier: F5:09:F5:91:5E:27:BA:4E:D8:D1:2E:FA:82:A4:E3:74:57:71:6C:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 737254A58620FFFD720EE2BA74C7FDED28D34E33
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e95266c-c25e-4290-89ff-746c48b05733.roa
Signing time: Fri 25 Apr 2025 19:40:36 +0000
ROA not before: Fri 25 Apr 2025 19:40:36 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:e0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:72:54:a5:86:20:ff:fd:72:0e:e2:ba:74:c7:fd:ed:28:d3:4e:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:40:36 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=e233e39fc7f562f077a0325978ef2d1050acbda2bba19a31136c7150967877fb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:54:4b:f4:5f:cb:2d:7e:53:63:4a:16:59:88:
69:58:32:9f:3b:fc:f2:74:5a:da:13:1c:34:71:28:
aa:9a:49:9f:40:bb:c4:1f:db:cb:97:9e:a1:76:a2:
0b:f7:0f:0d:d7:b6:69:e2:19:ba:bf:ba:6d:e5:48:
7f:3d:25:de:9d:6a:12:40:74:bf:ab:e3:8e:71:de:
ed:43:ea:8d:87:b4:f2:83:1c:15:52:82:42:08:be:
ae:93:ff:c3:50:9d:75:e3:ff:16:57:77:ef:91:21:
16:75:c9:02:5e:3c:e7:7b:fa:3b:86:fc:65:fc:a1:
c4:c2:71:12:c8:64:21:60:ee:75:82:57:7e:9f:f2:
4c:08:33:fb:01:6c:f1:51:de:1a:1d:80:c8:7f:8f:
26:02:e8:81:ce:83:5d:f9:16:c4:fe:16:44:98:a9:
d7:d3:f1:35:d5:9c:36:e4:e7:e3:ec:d4:da:fd:c9:
ec:d7:52:b0:50:7d:3a:cb:b6:13:05:35:e3:74:21:
a2:6a:1f:6f:94:cb:60:89:ff:81:be:0c:53:fb:f4:
4a:52:54:f4:30:af:92:de:e2:70:6f:95:bc:5e:a0:
46:88:72:70:79:4d:6e:79:8f:b9:70:c0:e4:a8:e0:
df:2f:27:4c:33:3b:af:0c:3f:e3:0c:e2:5a:88:69:
0e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:09:F5:91:5E:27:BA:4E:D8:D1:2E:FA:82:A4:E3:74:57:71:6C:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e95266c-c25e-4290-89ff-746c48b05733.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:e0c0::/46
Signature Algorithm: sha256WithRSAEncryption
33:85:a5:d8:2d:43:20:10:ff:3f:0f:90:c4:82:5e:f3:37:1d:
d0:b0:24:80:42:25:5c:de:78:3a:2b:5a:2f:7b:d1:69:2c:f8:
2c:c0:77:af:40:3d:8d:e0:d2:b4:4b:c0:43:6a:69:53:c3:ab:
25:91:78:fc:7e:04:03:02:5f:b3:b5:68:9c:a3:d0:7b:51:b3:
69:c8:28:ab:31:ec:a2:63:76:bb:68:4d:44:87:94:5c:51:79:
f6:5e:a6:8a:af:1c:41:cd:f5:ae:dc:b2:32:70:52:1a:97:aa:
7f:37:1f:19:9e:a5:a4:7c:14:e1:e0:69:14:b0:78:d7:13:48:
28:96:6d:8e:e5:d4:72:60:c9:1a:b1:68:4a:54:30:79:f1:d1:
52:d6:1f:94:5d:e4:8a:19:fe:10:81:32:c0:77:22:41:77:c8:
2c:17:42:ad:0b:fc:1f:b6:e8:89:31:51:88:5e:49:c7:cc:a8:
66:c2:8a:51:63:42:d2:13:06:2d:bd:f9:c8:99:29:c9:24:f5:
7d:0d:70:08:62:b8:75:7d:24:d5:1e:a2:15:34:46:37:c3:ea:
55:c0:9d:23:d8:f7:16:bb:8c:e6:14:53:3b:67:19:33:df:32:
3d:be:73:f6:2c:7e:d3:71:b1:ae:70:05:4c:d6:36:f6:f8:3d:
9b:6d:08:09
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUc3JUpYYg//1yDuK6dMf97SjTTjMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQwMzZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyMzNlMzlmYzdmNTYyZjA3N2EwMzI1OTc4ZWYyZDEwNTBhY2JkYTJiYmEx
OWEzMTEzNmM3MTUwOTY3ODc3ZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5US/Rfyy1+U2NKFlmIaVgynzv88nRa2hMcNHEoqppJn0C7xB/by5eeoXai
C/cPDde2aeIZur+6beVIfz0l3p1qEkB0v6vjjnHe7UPqjYe08oMcFVKCQgi+rpP/
w1CddeP/Fld375EhFnXJAl4853v6O4b8ZfyhxMJxEshkIWDudYJXfp/yTAgz+wFs
8VHeGh2AyH+PJgLogc6DXfkWxP4WRJip19PxNdWcNuTn4+zU2v3J7NdSsFB9Osu2
EwU143Qhomofb5TLYIn/gb4MU/v0SlJU9DCvkt7icG+VvF6gRohycHlNbnmPuXDA
5Kjg3y8nTDM7rww/4wziWohpDhkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT1CfWR
Xie6TtjRLvqCpON0V3FsizAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGU5NTI2NmMtYzI1ZS00MjkwLTg5ZmYtNzQ2YzQ4YjA1NzMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hfg
wDANBgkqhkiG9w0BAQsFAAOCAQEAM4Wl2C1DIBD/Pw+QxIJe8zcd0LAkgEIlXN54
OitaL3vRaSz4LMB3r0A9jeDStEvAQ2ppU8OrJZF4/H4EAwJfs7VonKPQe1Gzacgo
qzHsomN2u2hNRIeUXFF59l6miq8cQc31rtyyMnBSGpeqfzcfGZ6lpHwU4eBpFLB4
1xNIKJZtjuXUcmDJGrFoSlQwefHRUtYflF3kihn+EIEywHciQXfILBdCrQv8H7bo
iTFRiF5Jx8yoZsKKUWNC0hMGLb35yJkpyST1fQ1wCGK4dX0k1R6iFTRGN8PqVcCd
I9j3FruM5hRTO2cZM98yPb5z9ix+03GxrnAFTNY29vg9m20ICQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:08 2025 by rpki-client