Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
File: 5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa (raw, json)
Hash identifier: n2MHi8FWSVmmfwFN9a9IpSRimKg6tY/4n8chJBsZU9k=
Subject key identifier: D3:89:5A:3F:7C:24:C7:F8:54:24:B2:32:09:9A:DD:A6:F6:79:44:61
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C2E39FFB965653B2063D5B337C0097634BEB6BF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
Signing time: Tue 15 Apr 2025 15:00:21 +0000
ROA not before: Tue 15 Apr 2025 15:00:21 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:2e:39:ff:b9:65:65:3b:20:63:d5:b3:37:c0:09:76:34:be:b6:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:00:21 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=d1f41fa958bd27364e30afa41d4854f61e3d286c8089422a939eab1c9caf63bb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ba:6b:63:35:8a:89:c2:ac:de:64:fe:ac:5a:
e0:a1:d9:77:fc:1a:2e:0a:94:66:7b:7f:26:19:66:
7d:95:70:50:2c:a7:87:ca:53:10:81:b4:93:c0:c0:
6e:ea:7f:a2:47:4f:28:b9:86:4f:60:e2:06:86:14:
ef:8e:b9:29:f7:1a:22:94:9e:9f:47:5b:1e:ca:d2:
f9:fb:dd:4c:f1:ea:5c:f1:77:25:df:4f:4d:4e:ca:
0c:08:ca:ae:72:78:8d:cd:79:84:7f:17:69:54:9c:
97:b2:34:5d:0f:03:d3:81:62:a2:f4:11:26:c2:9a:
5e:c6:72:56:44:7a:85:20:c0:01:41:45:94:00:26:
86:0b:68:a4:4b:6e:a5:88:99:5d:b7:5e:c5:68:a3:
bc:7a:25:41:a0:cc:93:10:93:ae:12:e0:c8:4d:82:
8a:35:75:91:8d:f6:77:04:bc:c5:8d:e9:97:a2:1d:
80:bf:cb:ef:89:bb:f0:03:b0:53:00:c4:46:4b:41:
93:f9:16:90:d8:af:ff:e6:4b:cf:86:ac:4c:85:c4:
8f:6d:7b:32:b1:08:72:34:5c:27:62:c2:df:99:a9:
2d:b5:c2:0e:a3:f2:f8:b3:d6:ff:9b:21:9a:9c:3d:
d0:62:d1:1c:8e:74:41:6f:46:0f:94:93:56:47:2e:
6a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:89:5A:3F:7C:24:C7:F8:54:24:B2:32:09:9A:DD:A6:F6:79:44:61
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:8000::/40
Signature Algorithm: sha256WithRSAEncryption
9f:06:5a:08:e9:0c:16:34:de:10:06:30:81:91:0a:07:66:76:
17:18:ac:4a:ce:de:04:b1:90:74:63:d4:24:c2:34:b1:5e:21:
07:96:c5:dd:f1:15:a0:07:61:0c:4f:4e:d6:86:a3:63:1b:0c:
b4:8d:eb:65:4d:6d:29:65:dc:78:6a:a1:e7:6e:02:81:59:d4:
2f:ac:3d:92:d0:17:b2:7d:cb:1e:0c:83:68:9d:67:56:19:dd:
e8:e9:eb:25:85:23:29:25:2b:a5:64:e5:be:d2:15:c8:31:d1:
ba:81:39:b2:04:78:7e:46:d4:18:35:a8:5c:bf:3e:6e:8d:bc:
8c:c3:63:45:17:56:3d:f0:9d:09:2a:97:db:d7:59:a5:a7:be:
45:75:91:12:0e:35:98:49:48:0a:4d:19:5c:54:7a:30:98:58:
f8:54:a4:c1:d3:0d:c4:2e:aa:74:a4:55:51:b3:61:e8:12:19:
5c:34:73:d2:01:9d:e1:d0:a2:fc:37:e0:0b:71:8d:da:a7:29:
4f:a8:a3:73:6c:d3:80:35:b5:87:cc:56:01:1c:68:88:98:3f:
83:f1:e8:0d:41:31:e1:bf:9c:1c:be:8f:fb:2b:ef:9b:69:a7:
a1:4f:09:7f:18:39:9c:56:d3:c9:bb:1e:f3:c4:a4:b7:06:e6:
40:eb:43:58
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULC45/7llZTsgY9WzN8AJdjS+tr8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAwMjFaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxZjQxZmE5NThiZDI3MzY0ZTMwYWZhNDFkNDg1NGY2MWUzZDI4NmM4MDg5
NDIyYTkzOWVhYjFjOWNhZjYzYmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALu6a2M1ionCrN5k/qxa4KHZd/waLgqUZnt/JhlmfZVwUCynh8pTEIG0k8DA
bup/okdPKLmGT2DiBoYU7465KfcaIpSen0dbHsrS+fvdTPHqXPF3Jd9PTU7KDAjK
rnJ4jc15hH8XaVScl7I0XQ8D04FiovQRJsKaXsZyVkR6hSDAAUFFlAAmhgtopEtu
pYiZXbdexWijvHolQaDMkxCTrhLgyE2CijV1kY32dwS8xY3pl6IdgL/L74m78AOw
UwDERktBk/kWkNiv/+ZLz4asTIXEj217MrEIcjRcJ2LC35mpLbXCDqPy+LPW/5sh
mpw90GLRHI50QW9GD5STVkcuaj0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTTiVo/
fCTH+FQksjIJmt2m9nlEYTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWI4Zjk4MzItZGY5Yi00ZmM4LTk0ZGEtNWU4ODNlMGQ2ZTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCA
MA0GCSqGSIb3DQEBCwUAA4IBAQCfBloI6QwWNN4QBjCBkQoHZnYXGKxKzt4EsZB0
Y9QkwjSxXiEHlsXd8RWgB2EMT07WhqNjGwy0jetlTW0pZdx4aqHnbgKBWdQvrD2S
0BeyfcseDINonWdWGd3o6eslhSMpJSulZOW+0hXIMdG6gTmyBHh+RtQYNahcvz5u
jbyMw2NFF1Y98J0JKpfb11mlp75FdZESDjWYSUgKTRlcVHowmFj4VKTB0w3ELqp0
pFVRs2HoEhlcNHPSAZ3h0KL8N+ALcY3apylPqKNzbNOANbWHzFYBHGiImD+D8egN
QTHhv5wcvo/7K++baaehTwl/GDmcVtPJux7zxKS3BuZA60NY
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:21 2025 by rpki-client