Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa
File: 5b65b415-a397-41d3-99dc-207c8689d0ee.roa (raw, json)
Hash identifier: DuVqpjYUq2kZPYZ2VaRcETMHeg1SXTJ+mnVk2tQP1lE=
Subject key identifier: DD:CB:DD:2A:41:60:82:BF:25:7E:CB:55:3C:7B:93:65:C7:09:75:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 369E28F5482990D043A44E7489ACE8FFB9158242
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa
Signing time: Fri 06 Jun 2025 15:10:10 +0000
ROA not before: Fri 06 Jun 2025 15:10:10 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:9e:28:f5:48:29:90:d0:43:a4:4e:74:89:ac:e8:ff:b9:15:82:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:10 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=91cc8e8ab23c0648b1a0d633e273e56454f2009e60217a9006cf4c68c4591d35, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:90:4c:c3:9a:d8:f7:21:65:e1:eb:4d:d3:7c:
dc:42:fd:0a:b0:e6:a0:05:71:f2:0c:25:de:c1:cc:
f4:c9:17:6e:b4:b7:a8:53:c5:9c:19:bd:2d:46:1d:
e4:21:37:6b:5d:f5:d8:6d:64:fa:ad:bf:08:23:65:
9f:6f:68:04:4f:88:f8:b4:11:34:19:8a:fe:04:6e:
ed:38:66:25:b3:6a:10:b5:77:b2:0b:c1:7e:67:78:
c5:eb:99:92:70:cf:f2:38:0d:82:4c:21:b8:f2:3a:
1e:3e:8e:5d:19:54:14:6d:46:f9:aa:2e:fa:f9:53:
89:80:d5:33:cb:df:2c:ca:bb:2c:2d:3f:26:be:6a:
9d:71:6c:fc:44:33:01:84:03:b7:05:79:c7:e5:de:
80:45:68:b1:b2:6a:96:59:62:16:08:1a:c0:ac:11:
e3:f7:2a:9c:44:7f:72:34:c7:4a:26:bf:8d:a6:af:
2b:7b:1b:c7:70:a7:6b:07:fb:aa:73:05:1b:8e:28:
bd:dc:33:14:80:3a:bf:30:81:6b:f6:de:43:5e:65:
cc:5f:08:e0:5f:3a:4a:91:8e:1c:45:65:59:f4:f2:
cf:b0:c5:9e:c8:0d:e1:90:d6:20:27:76:e4:b6:3d:
4d:0e:96:da:aa:59:95:a7:a4:1e:11:dc:65:15:c0:
73:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:CB:DD:2A:41:60:82:BF:25:7E:CB:55:3C:7B:93:65:C7:09:75:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:6000::/40
Signature Algorithm: sha256WithRSAEncryption
b1:a4:9b:1f:70:4b:22:e2:2b:c7:0b:73:03:d7:48:dd:8a:58:
b3:06:ed:5e:b8:a7:d4:23:5c:d3:08:61:5a:de:51:bf:3a:54:
4b:a5:c5:c9:fa:09:b0:65:21:5f:10:72:81:18:60:ed:f1:34:
8c:b4:e8:56:fc:a8:89:7f:0b:34:40:b0:bd:a3:e4:ef:83:37:
6f:fa:51:37:f3:9b:e8:a9:d4:6b:10:9f:a5:fc:d6:7f:e2:14:
cb:c9:75:92:28:e4:f8:8c:96:44:fd:7f:bb:20:f0:f3:ef:c3:
60:86:b3:79:e8:f3:60:2f:d9:e7:1a:81:6d:66:89:02:42:15:
5a:5f:8a:4f:f7:67:d8:d1:e2:b8:7b:d0:37:db:36:fa:4f:78:
df:31:85:f5:2e:b6:96:d6:19:4e:e9:52:ba:e3:c1:0e:1c:83:
85:de:d1:57:f3:80:51:fe:2a:1b:86:af:2f:93:d1:83:54:e4:
fd:e2:75:a1:e9:8d:69:c8:85:51:f9:80:05:76:58:11:a5:78:
f5:ec:0a:4c:29:9b:57:8b:5c:03:43:9f:7d:78:e8:95:84:24:
4a:01:1f:3d:32:71:a4:d5:eb:2c:62:1b:8e:19:04:c0:bf:90:
f1:59:2c:b3:dd:35:f6:84:79:0f:44:9d:86:78:ee:65:3b:7b:
e9:64:01:43
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNp4o9UgpkNBDpE50iazo/7kVgkIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwMTBaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxY2M4ZThhYjIzYzA2NDhiMWEwZDYzM2UyNzNlNTY0NTRmMjAwOWU2MDIx
N2E5MDA2Y2Y0YzY4YzQ1OTFkMzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmQTMOa2PchZeHrTdN83EL9CrDmoAVx8gwl3sHM9MkXbrS3qFPFnBm9LUYd
5CE3a1312G1k+q2/CCNln29oBE+I+LQRNBmK/gRu7ThmJbNqELV3sgvBfmd4xeuZ
knDP8jgNgkwhuPI6Hj6OXRlUFG1G+aou+vlTiYDVM8vfLMq7LC0/Jr5qnXFs/EQz
AYQDtwV5x+XegEVosbJqllliFggawKwR4/cqnER/cjTHSia/jaavK3sbx3Cnawf7
qnMFG44ovdwzFIA6vzCBa/beQ15lzF8I4F86SpGOHEVlWfTyz7DFnsgN4ZDWICd2
5LY9TQ6W2qpZlaekHhHcZRXAcy8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTdy90q
QWCCvyV+y1U8e5Nlxwl1HDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWI2NWI0MTUtYTM5Ny00MWQzLTk5ZGMtMjA3Yzg2ODlkMGVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZg
MA0GCSqGSIb3DQEBCwUAA4IBAQCxpJsfcEsi4ivHC3MD10jdilizBu1euKfUI1zT
CGFa3lG/OlRLpcXJ+gmwZSFfEHKBGGDt8TSMtOhW/KiJfws0QLC9o+Tvgzdv+lE3
85voqdRrEJ+l/NZ/4hTLyXWSKOT4jJZE/X+7IPDz78NghrN56PNgL9nnGoFtZokC
QhVaX4pP92fY0eK4e9A32zb6T3jfMYX1LraW1hlO6VK648EOHIOF3tFX84BR/iob
hq8vk9GDVOT94nWh6Y1pyIVR+YAFdlgRpXj17ApMKZtXi1wDQ599eOiVhCRKAR89
MnGk1essYhuOGQTAv5DxWSyz3TX2hHkPRJ2GeO5lO3vpZAFD
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:50 2025 by rpki-client