Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
File: 52b24640-f60c-42e4-9476-345e951e2387.roa (raw, json)
Hash identifier: f/c5F5K0UE1izCIB6AmAE5XteQteaVS6kNrAcGzF0Ak=
Subject key identifier: 83:E1:A6:DB:EF:46:8F:59:EF:28:9E:5C:98:30:61:48:87:38:61:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7398ED81CDB35543BEE3C2AB9260EF69CEE26007
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
Signing time: Fri 25 Apr 2025 18:30:49 +0000
ROA not before: Fri 25 Apr 2025 18:30:49 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:98:ed:81:cd:b3:55:43:be:e3:c2:ab:92:60:ef:69:ce:e2:60:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:30:49 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=cf941e68fa29653841c3fca62dc267a8b26a4eabfee867eb2f21ef7331b872f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:61:b5:47:d0:07:49:2d:9c:27:f9:55:5e:75:
75:ed:50:d3:54:b7:62:c5:76:9d:fb:b4:81:ec:4f:
c8:af:22:2c:20:02:c5:d4:ed:3d:8a:9a:eb:47:81:
1a:e7:72:3e:14:1c:9d:c6:22:84:ee:e9:7c:f0:28:
9a:55:7b:1d:b8:94:3d:75:17:d1:4b:0a:4f:8a:9e:
72:d8:6d:49:b9:97:26:6b:e4:4f:da:26:de:22:92:
7a:c8:42:16:9c:8f:fa:08:91:d2:f9:a1:d0:1b:31:
eb:6a:2e:b5:98:4f:93:3b:ff:c8:6e:45:9d:e9:f9:
b0:0f:d3:08:03:77:40:b3:46:92:e9:91:ca:b9:d2:
53:52:08:ab:8b:4e:27:01:e8:60:aa:52:90:81:84:
7a:64:25:09:1b:e4:ae:8b:b8:bd:ea:e1:16:53:60:
2d:05:6b:13:8c:df:cd:3a:1b:db:05:c8:62:a4:60:
ac:86:2b:3f:a6:6c:ae:7f:f3:fd:59:d1:08:1c:2e:
e5:37:43:20:c2:cc:eb:2b:85:80:31:7b:7e:80:3a:
41:a3:57:ed:8a:4c:53:46:8c:68:36:a0:dc:b8:02:
e0:78:2d:b6:f7:f7:c1:35:7e:95:d8:47:ab:56:ea:
46:9e:7b:27:ab:a9:b5:1a:b4:b3:aa:f7:6f:18:08:
d8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E1:A6:DB:EF:46:8F:59:EF:28:9E:5C:98:30:61:48:87:38:61:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:5040::/48
Signature Algorithm: sha256WithRSAEncryption
29:09:a8:66:94:97:80:5e:ea:30:fb:99:a4:8c:70:4c:fa:8d:
d7:1f:2c:18:39:e5:cb:77:f3:6e:2a:b4:b4:c9:86:de:9b:c2:
ec:f2:76:10:4d:b5:fd:76:87:9d:f7:d3:9b:4a:75:e5:12:f4:
46:8e:4e:1f:28:b1:65:df:2c:b6:08:df:5c:44:39:79:31:23:
34:28:34:74:ab:10:2c:ef:cd:5d:1d:e3:07:db:2e:60:b6:53:
39:1c:a2:60:fe:41:e6:d5:b6:fa:1d:75:1a:98:23:3f:52:6b:
5e:22:68:c1:81:47:b4:95:f3:85:b5:c2:94:67:c5:a0:18:d6:
22:1a:5c:f5:82:20:e0:44:82:cc:9f:e2:18:f8:6b:90:60:c6:
95:0a:eb:b8:f1:0f:af:8d:e4:21:02:72:87:b5:07:3a:67:6a:
08:f6:ac:9e:46:9c:43:24:90:79:a7:c3:d9:41:67:bd:b9:41:
d0:ca:76:32:ed:09:62:64:66:14:54:07:4e:d3:44:43:ac:c0:
aa:e1:5e:63:9d:54:b9:f3:7b:ea:2e:db:42:95:5b:69:79:d0:
03:a9:62:f5:8f:2e:e4:0a:d5:b6:9a:68:6c:8a:42:b7:a1:77:
fb:f1:f9:91:6b:52:8f:69:45:cc:f1:76:29:4a:64:ea:dc:b5:
2a:78:05:de
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUc5jtgc2zVUO+48KrkmDvac7iYAcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMwNDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmOTQxZTY4ZmEyOTY1Mzg0MWMzZmNhNjJkYzI2N2E4YjI2YTRlYWJmZWU4
NjdlYjJmMjFlZjczMzFiODcyZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlhtUfQB0ktnCf5VV51de1Q01S3YsV2nfu0gexPyK8iLCACxdTtPYqa60eB
GudyPhQcncYihO7pfPAomlV7HbiUPXUX0UsKT4qecthtSbmXJmvkT9om3iKSeshC
FpyP+giR0vmh0Bsx62outZhPkzv/yG5Fnen5sA/TCAN3QLNGkumRyrnSU1IIq4tO
JwHoYKpSkIGEemQlCRvkrou4verhFlNgLQVrE4zfzTob2wXIYqRgrIYrP6Zsrn/z
/VnRCBwu5TdDIMLM6yuFgDF7foA6QaNX7YpMU0aMaDag3LgC4Hgttvf3wTV+ldhH
q1bqRp57J6uptRq0s6r3bxgI2CcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSD4abb
70aPWe8onlyYMGFIhzhhRDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTJiMjQ2NDAtZjYwYy00MmU0LTk0NzYtMzQ1ZTk1MWUyMzg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAKQmoZpSXgF7qMPuZpIxwTPqN1x8sGDnly3fz
biq0tMmG3pvC7PJ2EE21/XaHnffTm0p15RL0Ro5OHyixZd8stgjfXEQ5eTEjNCg0
dKsQLO/NXR3jB9suYLZTORyiYP5B5tW2+h11GpgjP1JrXiJowYFHtJXzhbXClGfF
oBjWIhpc9YIg4ESCzJ/iGPhrkGDGlQrruPEPr43kIQJyh7UHOmdqCPasnkacQySQ
eafD2UFnvblB0Mp2Mu0JYmRmFFQHTtNEQ6zAquFeY51UufN76i7bQpVbaXnQA6li
9Y8u5ArVtppobIpCt6F3+/H5kWtSj2lFzPF2KUpk6ty1KngF3g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:21 2025 by rpki-client