Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
File: 6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa (raw, json)
Hash identifier: 7RUyvKK8qIAml2NcltRq7/tOWzPV05Sgh3wgaSWhL3c=
Subject key identifier: E2:08:BE:47:35:64:CE:7A:AC:1B:5E:53:33:57:C5:B9:D3:9A:BC:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67F8C30B65F107F9CB606C83B195F5040D63287E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
Signing time: Fri 25 Apr 2025 18:31:01 +0000
ROA not before: Fri 25 Apr 2025 18:31:01 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:f8:c3:0b:65:f1:07:f9:cb:60:6c:83:b1:95:f5:04:0d:63:28:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:31:01 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=5a098c936732f545d8562841515739d724a6465a415dc401030617f9365d1694, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:33:22:d6:8a:96:f6:31:f5:71:8b:84:83:4d:
90:36:96:d8:a8:f2:31:bd:64:ef:a6:b1:87:6a:8f:
00:8a:7e:b2:63:59:30:72:9b:12:81:e3:cb:c6:f7:
63:e5:27:26:9e:a1:75:50:c8:05:cd:29:dc:77:87:
59:ee:bb:de:bc:aa:af:b3:4a:01:b2:36:14:b4:80:
8e:a1:f9:06:ca:08:15:dc:87:ce:18:de:6c:dc:fa:
10:fb:b5:a1:67:8a:69:64:f9:04:4c:3b:36:b0:03:
ed:dd:93:ee:94:53:35:0a:49:c7:8a:2d:d7:e5:13:
37:c3:61:66:1c:81:fe:e1:b5:84:8e:7f:41:b8:8e:
62:24:f5:c2:3a:b8:89:12:49:e6:65:a2:8a:a7:c8:
e2:2c:ad:e9:e6:2d:98:ff:24:33:31:0e:61:b2:e2:
4c:51:4f:59:2e:33:de:43:25:b8:ed:c0:b2:00:40:
89:02:b1:7a:df:4a:af:5e:09:6c:29:f9:4d:c5:a3:
eb:82:06:9a:a1:1d:b6:3e:ce:80:05:cf:5b:8c:61:
bb:3a:e6:71:38:2b:1f:91:94:35:5f:c1:76:34:5e:
a7:bd:c2:db:92:76:91:40:f8:7f:8e:70:d6:04:b5:
76:38:45:00:cb:d3:c6:20:a3:85:94:21:42:e3:d2:
a0:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:08:BE:47:35:64:CE:7A:AC:1B:5E:53:33:57:C5:B9:D3:9A:BC:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4040::/48
Signature Algorithm: sha256WithRSAEncryption
97:64:2a:79:aa:d2:6d:2b:25:70:32:19:0b:cc:f0:16:1a:eb:
c4:f9:6d:33:f9:b8:d2:bb:a1:57:09:6a:c7:9a:22:aa:c7:2e:
af:02:a6:7a:a4:0c:c5:e9:d1:d6:6b:35:53:b2:76:f9:9f:0a:
cd:b5:08:d1:d2:bf:8c:b3:fa:f7:37:55:bb:b9:49:af:ff:dd:
c8:18:fb:bf:fd:80:5f:3b:ff:b1:7a:f4:a7:0d:7f:c7:50:88:
2e:2f:f5:cd:ef:e9:29:e4:17:9e:f7:86:bc:d3:da:5a:32:04:
68:0f:da:a6:5b:db:61:b2:4c:ec:ba:08:63:0e:e7:04:25:e4:
c4:2d:69:e2:04:e9:42:06:7a:b2:ec:bc:d7:cb:2d:0c:f3:48:
f1:f4:66:b3:45:9b:52:01:8f:2a:d8:d7:db:fc:50:18:93:35:
d6:7d:5e:2d:f8:8d:0b:20:3d:5f:bb:dc:d1:d3:12:83:09:41:
52:52:56:8d:fa:e0:fd:5e:e3:6b:a1:87:fc:3a:2e:b2:86:98:
20:3b:57:9a:55:20:92:de:6c:38:fd:d9:38:24:f3:05:79:56:
e6:87:3c:be:f3:4a:75:03:66:ac:55:c6:20:41:c0:97:45:16:
73:87:06:bf:de:fe:69:40:08:8c:54:bc:de:28:b8:b4:ad:43:
40:a4:c1:01
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZ/jDC2XxB/nLYGyDsZX1BA1jKH4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMxMDFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhMDk4YzkzNjczMmY1NDVkODU2Mjg0MTUxNTczOWQ3MjRhNjQ2NWE0MTVk
YzQwMTAzMDYxN2Y5MzY1ZDE2OTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIzItaKlvYx9XGLhINNkDaW2KjyMb1k76axh2qPAIp+smNZMHKbEoHjy8b3
Y+UnJp6hdVDIBc0p3HeHWe673ryqr7NKAbI2FLSAjqH5BsoIFdyHzhjebNz6EPu1
oWeKaWT5BEw7NrAD7d2T7pRTNQpJx4ot1+UTN8NhZhyB/uG1hI5/QbiOYiT1wjq4
iRJJ5mWiiqfI4iyt6eYtmP8kMzEOYbLiTFFPWS4z3kMluO3AsgBAiQKxet9Kr14J
bCn5TcWj64IGmqEdtj7OgAXPW4xhuzrmcTgrH5GUNV/BdjRep73C25J2kUD4f45w
1gS1djhFAMvTxiCjhZQhQuPSoLMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTiCL5H
NWTOeqwbXlMzV8W505q8qDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU0ZDk4OTAtYjRmNC00YjllLWE3MzQtYjYzZjUxNTM2MGUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
QDANBgkqhkiG9w0BAQsFAAOCAQEAl2QqearSbSslcDIZC8zwFhrrxPltM/m40ruh
Vwlqx5oiqscurwKmeqQMxenR1ms1U7J2+Z8KzbUI0dK/jLP69zdVu7lJr//dyBj7
v/2AXzv/sXr0pw1/x1CILi/1ze/pKeQXnveGvNPaWjIEaA/aplvbYbJM7LoIYw7n
BCXkxC1p4gTpQgZ6suy818stDPNI8fRms0WbUgGPKtjX2/xQGJM11n1eLfiNCyA9
X7vc0dMSgwlBUlJWjfrg/V7ja6GH/DousoaYIDtXmlUgkt5sOP3ZOCTzBXlW5oc8
vvNKdQNmrFXGIEHAl0UWc4cGv97+aUAIjFS83ii4tK1DQKTBAQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:21 2025 by rpki-client