Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
File: 5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa (raw, json)
Hash identifier: 8ptFnLJvbcy8cgoC+Di84BlX7kYht50jwpRKOakg9hQ=
Subject key identifier: 88:1A:BC:66:A3:B2:82:C1:41:6E:9D:39:9B:A2:4D:D6:92:14:63:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65129D130784D48E317BD7D72DCEC1D03323C89C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
Signing time: Fri 25 Apr 2025 18:30:22 +0000
ROA not before: Fri 25 Apr 2025 18:30:22 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:12:9d:13:07:84:d4:8e:31:7b:d7:d7:2d:ce:c1:d0:33:23:c8:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:30:22 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=4abc93ad83891e9e5067347e9fe9465f679c09596b1c12a5938fbf00c7475dde, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:00:9a:6e:75:a7:1c:44:44:73:ed:b3:de:93:
66:6a:72:4e:d0:73:3b:50:cc:6a:72:56:e9:aa:98:
4d:bf:ea:ac:48:e0:b8:56:1d:dd:06:58:da:6d:0d:
88:8f:b9:aa:d5:e3:48:ed:aa:f2:7a:e8:95:10:6c:
d8:31:67:fa:78:81:42:b2:8c:a1:1c:02:1f:f7:b4:
a1:86:7f:90:04:6c:d9:90:cd:11:0c:28:1a:57:60:
bf:b3:70:69:f6:30:cc:4c:05:29:1f:00:b1:74:b1:
68:93:ba:ea:96:36:43:02:bb:54:d2:69:c6:fa:d6:
16:ef:0b:10:7d:90:19:52:a4:62:ac:51:f1:be:a1:
78:05:a9:8e:0f:10:08:2a:78:6e:1d:eb:80:dc:07:
2d:ff:82:5a:d6:be:b0:4d:62:55:3d:86:6f:ec:23:
77:9b:4a:96:74:6d:22:01:7a:02:dd:61:81:a4:88:
ed:f2:34:0d:ea:4b:cf:d7:13:c9:50:d6:91:32:d6:
bf:9d:c7:b8:58:27:2a:84:eb:ea:f4:bc:20:8c:30:
87:b3:48:2c:f9:ce:43:e5:7b:d6:8b:19:ec:37:b0:
f9:9a:4c:59:1f:99:bb:c1:f8:e3:b4:86:eb:7d:17:
64:63:4a:fc:08:b7:5c:a4:ce:cd:7d:21:18:30:0c:
33:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:1A:BC:66:A3:B2:82:C1:41:6E:9D:39:9B:A2:4D:D6:92:14:63:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80b0::/48
Signature Algorithm: sha256WithRSAEncryption
7f:1a:51:79:1d:4e:10:b0:12:1c:ec:59:82:09:f3:50:8d:87:
c5:a7:22:84:35:7f:65:0a:29:9e:b3:fe:77:1c:8b:af:97:23:
67:d0:56:2e:6c:a3:66:85:5d:bc:8e:16:51:65:65:90:21:fa:
ae:8c:c8:27:9a:a0:e0:94:d7:a8:47:8a:9b:9b:af:d3:54:72:
4f:2f:54:fd:40:89:14:57:21:fa:06:bd:f7:67:4b:a2:33:45:
e3:c7:16:b1:07:5a:56:75:fd:6e:bf:49:18:bf:69:b2:f7:35:
5b:95:d3:40:1b:4c:ee:d9:38:a9:34:cb:30:67:c4:44:62:72:
6d:d3:3d:14:b8:ef:9b:fc:2f:d7:44:6e:dc:ee:76:c7:2d:6e:
d2:68:75:3c:b0:a8:79:8b:6b:91:07:e3:c2:3a:c3:93:7a:74:
82:53:60:60:cc:8c:f2:1d:73:93:9e:b2:16:39:2d:63:32:18:
51:c8:b6:8d:c7:6f:4c:86:a7:04:b6:9f:d3:4d:dd:a5:10:73:
d6:64:db:76:fd:81:d2:56:dc:d2:b5:87:56:37:32:56:b2:b1:
47:94:54:85:5d:52:1f:88:06:25:d9:78:5f:ed:db:ce:6b:99:
30:e5:3c:3f:d9:f3:33:c8:f5:49:00:1a:9c:82:75:4f:b8:46:
84:35:21:2a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZRKdEweE1I4xe9fXLc7B0DMjyJwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMwMjJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhYmM5M2FkODM4OTFlOWU1MDY3MzQ3ZTlmZTk0NjVmNjc5YzA5NTk2YjFj
MTJhNTkzOGZiZjAwYzc0NzVkZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPAAmm51pxxERHPts96TZmpyTtBzO1DManJW6aqYTb/qrEjguFYd3QZY2m0N
iI+5qtXjSO2q8nrolRBs2DFn+niBQrKMoRwCH/e0oYZ/kARs2ZDNEQwoGldgv7Nw
afYwzEwFKR8AsXSxaJO66pY2QwK7VNJpxvrWFu8LEH2QGVKkYqxR8b6heAWpjg8Q
CCp4bh3rgNwHLf+CWta+sE1iVT2Gb+wjd5tKlnRtIgF6At1hgaSI7fI0DepLz9cT
yVDWkTLWv53HuFgnKoTr6vS8IIwwh7NILPnOQ+V71osZ7Dew+ZpMWR+Zu8H447SG
630XZGNK/Ai3XKTOzX0hGDAMM4kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSIGrxm
o7KCwUFunTmbok3WkhRj1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQxZmZmOTgtNDQxNS00Y2QwLWIyY2MtMjZmNjFhOGNhZTdiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
sDANBgkqhkiG9w0BAQsFAAOCAQEAfxpReR1OELASHOxZggnzUI2HxacihDV/ZQop
nrP+dxyLr5cjZ9BWLmyjZoVdvI4WUWVlkCH6rozIJ5qg4JTXqEeKm5uv01RyTy9U
/UCJFFch+ga992dLojNF48cWsQdaVnX9br9JGL9psvc1W5XTQBtM7tk4qTTLMGfE
RGJybdM9FLjvm/wv10Ru3O52xy1u0mh1PLCoeYtrkQfjwjrDk3p0glNgYMyM8h1z
k56yFjktYzIYUci2jcdvTIanBLaf003dpRBz1mTbdv2B0lbc0rWHVjcyVrKxR5RU
hV1SH4gGJdl4X+3bzmuZMOU8P9nzM8j1SQAanIJ1T7hGhDUhKg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:32 2025 by rpki-client