Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa
File: 5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa (raw, json)
Hash identifier: 8Tj1jxEs3At22QG8qM2xzMFjn79lBLiuWzwkvUd6DGM=
Subject key identifier: D8:23:DF:87:71:46:26:51:AF:FD:0C:63:8C:D6:82:01:8D:6B:64:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3EE80EBA2785FCD31B2318C8E87D72BECD53DBE9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa
Signing time: Tue 10 Jun 2025 17:20:13 +0000
ROA not before: Tue 10 Jun 2025 17:20:13 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:e8:0e:ba:27:85:fc:d3:1b:23:18:c8:e8:7d:72:be:cd:53:db:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:13 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=1ebde7d128234cb367656a09af8c156ef9456429e9b8dd95388aed9d2a34bbb6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d3:47:5a:d9:b8:c0:aa:04:d0:5f:37:84:2c:
86:66:93:55:64:2f:cb:42:78:8f:7f:6b:1d:3f:09:
c3:38:b7:e0:8d:3e:bd:89:e1:0b:84:a2:f7:c7:69:
56:6e:35:d2:19:1d:aa:b3:ac:5c:89:b4:da:4e:2b:
f6:a1:d7:f5:47:66:01:92:4a:c3:59:f9:38:6f:f8:
f8:be:02:f2:e3:2e:18:db:44:9f:94:30:79:32:c4:
af:4d:16:1a:6a:03:ec:1c:cf:c1:cc:44:fc:75:c6:
37:14:7f:dd:97:32:24:96:48:ea:46:c6:31:a9:e7:
22:5f:75:02:db:ea:30:d2:0f:98:64:98:1b:58:a4:
d3:10:97:f4:7b:b4:4b:62:f7:6a:fa:4c:50:ec:3f:
45:fb:ef:f9:33:a7:84:30:97:72:34:cd:70:8a:ef:
bd:95:c9:d3:3c:13:6c:2d:d4:b6:4c:1a:3c:1c:a4:
d2:2a:e6:2a:bc:18:da:36:d5:0c:53:6d:2b:1e:d7:
8e:62:f2:db:03:a4:2a:03:da:cd:91:33:54:25:fa:
d4:7c:02:e1:81:54:3d:36:8f:ba:5f:40:ca:e0:c7:
ad:f7:ea:1e:2e:ac:84:82:1c:3c:72:6f:27:16:0e:
d4:76:56:ad:19:a0:91:2d:3f:34:de:a0:90:45:8d:
ea:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:23:DF:87:71:46:26:51:AF:FD:0C:63:8C:D6:82:01:8D:6B:64:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
60:bc:bb:9a:4b:6b:52:46:ff:57:88:e0:32:4c:7a:e7:86:40:
33:e4:ee:96:4f:25:8e:21:75:09:f2:ac:85:fe:dc:ab:d2:4a:
1a:39:86:41:f3:83:22:36:6f:a3:04:2a:db:16:ff:3a:c6:ba:
5a:4c:2c:58:25:26:3e:e7:e7:0c:ef:72:21:4a:7b:1e:50:4c:
e3:53:87:44:80:da:52:d8:a3:ed:fd:03:bf:fb:a0:f6:b2:29:
f2:4d:bd:e7:b2:29:cf:a5:4c:fe:91:50:67:bc:ab:4f:b7:4c:
9a:72:73:20:7d:be:b9:4c:6d:17:1a:15:60:ea:2a:9f:08:e5:
e2:a7:89:e9:58:53:fd:5a:16:31:b8:ee:ed:7d:89:a1:ef:2e:
ca:64:52:41:c9:f4:e0:93:ae:db:55:2c:ee:43:a9:00:a2:fc:
c1:44:cf:73:58:0e:f9:53:7d:3b:0d:04:c6:9e:17:08:c9:1b:
1c:a8:c4:b4:62:7b:ea:38:ed:59:c0:be:07:29:e4:69:72:97:
4e:69:cb:39:c5:e9:48:3e:7d:50:0e:20:55:39:b7:7a:1e:70:
85:ac:49:a4:c2:4c:d2:7d:0f:bd:1d:8f:99:92:99:07:85:75:
fd:83:d3:04:8f:e1:7e:71:57:31:82:28:aa:31:3f:44:fe:61:
71:dc:cf:7f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPugOuieF/NMbIxjI6H1yvs1T2+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwMTNaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlYmRlN2QxMjgyMzRjYjM2NzY1NmEwOWFmOGMxNTZlZjk0NTY0MjllOWI4
ZGQ5NTM4OGFlZDlkMmEzNGJiYjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7TR1rZuMCqBNBfN4QshmaTVWQvy0J4j39rHT8Jwzi34I0+vYnhC4Si98dp
Vm410hkdqrOsXIm02k4r9qHX9UdmAZJKw1n5OG/4+L4C8uMuGNtEn5QweTLEr00W
GmoD7BzPwcxE/HXGNxR/3ZcyJJZI6kbGMannIl91AtvqMNIPmGSYG1ik0xCX9Hu0
S2L3avpMUOw/Rfvv+TOnhDCXcjTNcIrvvZXJ0zwTbC3UtkwaPByk0irmKrwY2jbV
DFNtKx7XjmLy2wOkKgPazZEzVCX61HwC4YFUPTaPul9AyuDHrffqHi6shIIcPHJv
JxYO1HZWrRmgkS0/NN6gkEWN6rkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTYI9+H
cUYmUa/9DGOM1oIBjWtkzTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWEwMjNiYTctNmRiZS00NmFjLWJjNmYtNjIxZWQ2OTQ2YjZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I
wDANBgkqhkiG9w0BAQsFAAOCAQEAYLy7mktrUkb/V4jgMkx654ZAM+Tulk8ljiF1
CfKshf7cq9JKGjmGQfODIjZvowQq2xb/Osa6WkwsWCUmPufnDO9yIUp7HlBM41OH
RIDaUtij7f0Dv/ug9rIp8k2957Ipz6VM/pFQZ7yrT7dMmnJzIH2+uUxtFxoVYOoq
nwjl4qeJ6VhT/VoWMbju7X2Joe8uymRSQcn04JOu21Us7kOpAKL8wUTPc1gO+VN9
Ow0Exp4XCMkbHKjEtGJ76jjtWcC+BynkaXKXTmnLOcXpSD59UA4gVTm3eh5whaxJ
pMJM0n0PvR2PmZKZB4V1/YPTBI/hfnFXMYIoqjE/RP5hcdzPfw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:13 2025 by rpki-client