Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5acd35f8-42dc-4211-8060-407321cbd4dd.roa
File: 5acd35f8-42dc-4211-8060-407321cbd4dd.roa (raw, json)
Hash identifier: GAy4TbUKFt9bxpMnnEbZWxGxYcazastyprtQXd8IkAk=
Subject key identifier: 6E:0C:99:AF:25:47:0F:75:35:D4:AA:E4:72:6D:1E:9D:A0:60:A9:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 615B544C41729D815DA5D236AA1ACD5315ED846B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5acd35f8-42dc-4211-8060-407321cbd4dd.roa
Signing time: Tue 20 May 2025 19:30:23 +0000
ROA not before: Tue 20 May 2025 19:30:23 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:6040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:5b:54:4c:41:72:9d:81:5d:a5:d2:36:aa:1a:cd:53:15:ed:84:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:30:23 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=8523a8544c7cf2fe84959364e76bd207eaec2a9e7cd9775469ae9f2150bc2aae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:30:96:fd:67:e0:20:df:92:70:2d:4e:c7:4c:
30:a0:75:65:e4:7b:6a:bf:b8:64:a4:bd:a7:99:7b:
fb:80:cb:ca:30:0f:b4:cc:48:63:8f:1f:70:c9:a8:
20:34:36:c4:f6:b6:1f:fd:c5:a3:35:15:f7:fe:a8:
43:3f:14:1a:e5:d6:40:b4:34:fe:6a:fd:c5:cf:d1:
7f:62:6d:bf:57:1e:07:51:44:89:f0:74:68:16:68:
76:19:48:d1:ae:f3:0d:c5:2a:18:c1:ba:18:d3:e9:
84:54:8f:7e:12:ef:c5:e9:b5:c9:23:f4:3a:4e:69:
7d:cf:c3:94:c7:6c:0b:b8:7f:ea:6a:04:1a:c2:3c:
11:14:66:33:28:2e:de:c8:10:49:e0:49:90:ec:fd:
ac:e5:d5:06:59:30:ee:53:fb:5a:73:f4:58:48:69:
9f:1f:75:2d:e6:0a:ef:33:3e:cf:33:dc:7e:a3:17:
a6:f5:53:51:cb:aa:e7:6a:b7:f8:48:89:12:20:6a:
fa:26:cb:14:24:d6:a1:19:ca:5f:08:ba:ea:d8:02:
1b:42:8d:b1:9e:77:56:e1:eb:9d:79:5b:e8:0c:02:
a6:48:2b:1d:c0:69:2a:2b:b5:91:e8:56:a6:37:ba:
9e:2b:51:57:40:f5:5f:d3:3c:f4:79:cb:a9:1e:62:
8d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:0C:99:AF:25:47:0F:75:35:D4:AA:E4:72:6D:1E:9D:A0:60:A9:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5acd35f8-42dc-4211-8060-407321cbd4dd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:6040::/46
Signature Algorithm: sha256WithRSAEncryption
a9:a4:46:22:25:3f:95:6a:d6:45:c8:24:e9:9d:c7:cc:24:ec:
d5:57:2e:69:0b:73:ac:f3:79:5c:95:9a:da:1b:0d:7b:8f:fa:
bc:1b:ee:7f:eb:96:2b:e1:7f:f1:37:11:3f:57:57:ec:62:ac:
db:05:28:4d:3f:f9:7d:b9:dc:e1:0f:08:65:ef:e3:70:9a:eb:
6a:f3:5e:bf:73:37:5e:33:aa:46:fc:0a:2e:3f:4e:a0:ec:9c:
69:34:7c:cb:5c:fc:96:00:6b:88:e2:d4:5b:54:20:43:94:99:
9b:41:b8:d2:71:3a:b7:c7:33:a7:f8:6e:d7:a8:00:d6:dd:d3:
92:b1:9c:c0:7e:81:52:5d:e3:71:87:fc:8c:75:49:7a:84:ec:
83:49:40:27:7c:5f:24:70:25:7f:6d:df:06:eb:8f:d7:69:28:
d0:6e:67:66:b8:0e:72:ce:04:0d:f4:46:e9:96:5f:dc:d2:b1:
6b:e0:12:30:a3:08:e9:cb:3d:e2:4b:ba:41:4b:c1:fb:d1:fa:
e9:e6:58:1c:27:26:96:db:3a:fc:6d:a4:f7:ab:79:c3:8b:dc:
e5:2e:f0:33:6d:78:f0:66:a2:fd:fd:b3:4f:69:a0:0d:f6:87:
c5:d8:93:a8:68:5a:a7:d2:0e:ae:22:7a:f0:1e:4d:72:de:a7:
5d:a9:be:69
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYVtUTEFynYFdpdI2qhrNUxXthGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTMwMjNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1MjNhODU0NGM3Y2YyZmU4NDk1OTM2NGU3NmJkMjA3ZWFlYzJhOWU3Y2Q5
Nzc1NDY5YWU5ZjIxNTBiYzJhYWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMwlv1n4CDfknAtTsdMMKB1ZeR7ar+4ZKS9p5l7+4DLyjAPtMxIY48fcMmo
IDQ2xPa2H/3FozUV9/6oQz8UGuXWQLQ0/mr9xc/Rf2Jtv1ceB1FEifB0aBZodhlI
0a7zDcUqGMG6GNPphFSPfhLvxem1ySP0Ok5pfc/DlMdsC7h/6moEGsI8ERRmMygu
3sgQSeBJkOz9rOXVBlkw7lP7WnP0WEhpnx91LeYK7zM+zzPcfqMXpvVTUcuq52q3
+EiJEiBq+ibLFCTWoRnKXwi66tgCG0KNsZ53VuHrnXlb6AwCpkgrHcBpKiu1kehW
pje6nitRV0D1X9M89HnLqR5ijZcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRuDJmv
JUcPdTXUquRybR6doGCptTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWFjZDM1ZjgtNDJkYy00MjExLTgwNjAtNDA3MzIxY2JkNGRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hdg
QDANBgkqhkiG9w0BAQsFAAOCAQEAqaRGIiU/lWrWRcgk6Z3HzCTs1VcuaQtzrPN5
XJWa2hsNe4/6vBvuf+uWK+F/8TcRP1dX7GKs2wUoTT/5fbnc4Q8IZe/jcJrravNe
v3M3XjOqRvwKLj9OoOycaTR8y1z8lgBriOLUW1QgQ5SZm0G40nE6t8czp/hu16gA
1t3TkrGcwH6BUl3jcYf8jHVJeoTsg0lAJ3xfJHAlf23fBuuP12ko0G5nZrgOcs4E
DfRG6ZZf3NKxa+ASMKMI6cs94ku6QUvB+9H66eZYHCcmlts6/G2k96t5w4vc5S7w
M2148Gai/f2zT2mgDfaHxdiTqGhap9IOriJ68B5Nct6nXam+aQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:37 2025 by rpki-client