Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75d0b5d9-2477-4d38-ab7a-0c60a33d8246.roa
File: 75d0b5d9-2477-4d38-ab7a-0c60a33d8246.roa (raw, json)
Hash identifier: DZzonxkznHEGHt5sktSOInb4PKwNeXYDGtX1KqGyDuE=
Subject key identifier: E9:EE:31:CD:B5:A1:03:FF:AE:CB:7C:57:13:D7:6F:C5:8B:A9:4B:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79EF5FB604A9F3EE74418C268B7E9286C09D4EFF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75d0b5d9-2477-4d38-ab7a-0c60a33d8246.roa
Signing time: Tue 20 May 2025 18:20:48 +0000
ROA not before: Tue 20 May 2025 18:20:48 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:ef:5f:b6:04:a9:f3:ee:74:41:8c:26:8b:7e:92:86:c0:9d:4e:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:20:48 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=9187ec73789d2d2ca529c2f03ef0fc16f6f067d6b61ca8f6ab9211c2ed871a15, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:db:0c:57:e1:c7:5d:d4:c3:39:76:2f:32:5d:
9f:ca:7e:14:2a:91:7e:5b:10:e7:17:c9:70:8c:68:
9c:5e:9d:51:e7:52:26:db:a9:6b:c7:e2:aa:49:84:
c7:1e:61:80:1e:07:0e:86:83:9b:5b:45:da:c8:bc:
c6:7b:e6:d9:f2:02:88:ee:1c:47:02:10:b3:d0:5b:
ca:bd:dc:c5:7e:1c:39:49:ba:9f:e6:a8:fc:79:3c:
62:64:59:ba:25:ac:e7:76:1e:0c:b6:33:40:b9:f1:
59:a1:13:55:ea:4d:e3:06:86:3d:37:c5:69:79:f1:
04:9c:d5:c8:93:e1:ed:21:5d:5e:e0:74:a9:28:ea:
57:b5:fe:70:f8:72:6f:13:eb:29:d1:2a:b1:e1:24:
4a:62:ae:22:a2:e7:f9:e5:95:c8:a6:33:65:d0:3e:
28:72:44:e7:f2:9c:1c:99:65:84:9f:6b:e8:41:8e:
6c:02:10:d7:24:95:7e:57:c1:13:c6:ab:bb:ca:bf:
3e:78:0b:02:79:0d:af:5a:2e:44:4f:94:77:0c:90:
bc:41:ce:54:14:0a:30:59:82:08:4f:82:ce:9a:3a:
81:fd:70:92:37:10:f2:ad:c7:36:96:eb:6c:83:20:
c0:df:7d:71:1d:96:a9:f8:d5:16:99:32:d6:cf:d6:
d6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:EE:31:CD:B5:A1:03:FF:AE:CB:7C:57:13:D7:6F:C5:8B:A9:4B:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75d0b5d9-2477-4d38-ab7a-0c60a33d8246.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6040::/48
Signature Algorithm: sha256WithRSAEncryption
68:7b:f9:31:02:70:1d:88:14:0e:06:a2:2c:4e:24:b1:7d:96:
a9:f3:13:e8:49:e3:93:f6:b0:3c:e2:4f:f0:1c:bd:1f:9a:09:
cc:cd:cf:24:aa:ea:f2:5a:53:0b:35:19:1c:1a:73:e4:0e:61:
7a:e4:74:6b:cd:42:cd:31:ff:15:ca:eb:b4:0c:39:69:a0:60:
a8:e9:6c:a1:b3:c5:f1:97:d7:dc:57:d1:37:f3:ee:c3:7a:26:
ff:5b:84:fd:8f:83:b8:cb:a7:98:fc:f0:3b:21:41:c5:33:dc:
0f:aa:ce:2e:e1:c8:5a:59:6b:15:7f:e1:cd:5e:7d:ab:7b:2a:
96:ba:d3:69:b8:10:69:84:ac:35:f2:87:30:4c:b0:e8:d4:37:
0b:57:e3:ab:68:fc:a6:2c:13:df:81:6f:60:a7:ab:f5:17:25:
87:bd:20:1f:15:25:8c:f9:b8:f9:6f:35:e3:0d:32:89:e9:62:
aa:a5:69:4b:c1:eb:2c:ab:de:71:d3:0a:a1:ce:ff:70:07:9b:
29:fa:24:c3:a7:c6:36:46:f5:e4:da:e9:97:05:7a:f1:38:2f:
2a:89:6d:db:05:0e:77:82:e6:97:3f:90:d4:be:aa:03:fe:61:
0f:40:85:22:fe:98:56:89:96:31:0c:3d:fb:ea:78:3b:b7:4d:
2b:1e:b9:cf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUee9ftgSp8+50QYwmi36ShsCdTv8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIwNDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxODdlYzczNzg5ZDJkMmNhNTI5YzJmMDNlZjBmYzE2ZjZmMDY3ZDZiNjFj
YThmNmFiOTIxMWMyZWQ4NzFhMTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/bDFfhx13Uwzl2LzJdn8p+FCqRflsQ5xfJcIxonF6dUedSJtupa8fiqkmE
xx5hgB4HDoaDm1tF2si8xnvm2fICiO4cRwIQs9Bbyr3cxX4cOUm6n+ao/Hk8YmRZ
uiWs53YeDLYzQLnxWaETVepN4waGPTfFaXnxBJzVyJPh7SFdXuB0qSjqV7X+cPhy
bxPrKdEqseEkSmKuIqLn+eWVyKYzZdA+KHJE5/KcHJllhJ9r6EGObAIQ1ySVflfB
E8aru8q/PngLAnkNr1ouRE+UdwyQvEHOVBQKMFmCCE+Czpo6gf1wkjcQ8q3HNpbr
bIMgwN99cR2WqfjVFpky1s/W1l0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTp7jHN
taED/67LfFcT12/Fi6lLTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzVkMGI1ZDktMjQ3Ny00ZDM4LWFiN2EtMGM2MGEzM2Q4MjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg
QDANBgkqhkiG9w0BAQsFAAOCAQEAaHv5MQJwHYgUDgaiLE4ksX2WqfMT6Enjk/aw
POJP8By9H5oJzM3PJKrq8lpTCzUZHBpz5A5heuR0a81CzTH/FcrrtAw5aaBgqOls
obPF8ZfX3FfRN/Puw3om/1uE/Y+DuMunmPzwOyFBxTPcD6rOLuHIWllrFX/hzV59
q3sqlrrTabgQaYSsNfKHMEyw6NQ3C1fjq2j8piwT34FvYKer9Rclh70gHxUljPm4
+W814w0yieliqqVpS8HrLKvecdMKoc7/cAebKfokw6fGNkb15NrplwV68TgvKolt
2wUOd4Lmlz+Q1L6qA/5hD0CFIv6YVomWMQw9++p4O7dNKx65zw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:22 2025 by rpki-client