Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/791beea0-a041-4e83-a3bb-074f4f65225c.roa
File: 791beea0-a041-4e83-a3bb-074f4f65225c.roa (raw, json)
Hash identifier: u7DjJPiAAYuvk0wT8/zDF/B6cRmeTP+a6OTbqC7EfZg=
Subject key identifier: 6F:D5:92:A8:92:D5:92:C7:E2:22:75:D6:33:62:AC:63:D3:73:3D:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BA3E9B9B03CCD173800F2BCA6DF4EA7B93B80CD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/791beea0-a041-4e83-a3bb-074f4f65225c.roa
Signing time: Fri 25 Apr 2025 19:31:23 +0000
ROA not before: Fri 25 Apr 2025 19:31:23 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:50c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:a3:e9:b9:b0:3c:cd:17:38:00:f2:bc:a6:df:4e:a7:b9:3b:80:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:31:23 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=9e6a9bbf8cdd365e3c24a3e184103815179416f2dc28eee0b76b2320385edbe6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:50:6f:2c:66:20:51:f3:b2:65:ef:e0:37:41:
ca:8a:35:36:b8:9d:01:fe:f9:75:10:93:22:c6:d2:
10:1f:93:86:b9:fa:d8:bf:c8:3c:68:00:7c:93:e1:
d0:65:d2:95:fc:d2:01:76:15:de:0f:2f:ea:ca:1d:
4d:e4:74:9f:b1:dd:7c:3d:c5:d8:5a:c7:de:13:c6:
1d:24:10:e7:4c:27:80:0d:8f:59:59:e2:39:f8:f9:
1c:ea:b9:33:4a:a9:13:17:a6:a1:db:b8:4e:29:2a:
5e:32:b5:4f:14:ea:45:bd:00:30:68:20:84:3f:e9:
9b:cb:be:d7:da:e1:41:72:e6:55:11:90:5b:69:01:
db:0a:49:22:2c:1d:d6:7f:31:27:a8:62:b9:fe:9f:
e0:0d:0f:a4:a2:74:a4:2f:ff:f6:82:16:70:5b:0c:
61:a0:9a:9b:00:0f:d6:70:02:fb:86:1d:60:7f:ee:
31:f5:2f:62:cb:44:c5:1f:21:b5:ce:03:33:13:b9:
9c:78:99:74:a8:ea:cf:41:e2:55:2a:4b:4a:4e:1c:
c7:cb:86:0f:75:af:17:28:fd:6c:5c:14:23:77:d6:
c9:31:83:c6:8e:a7:a2:8d:6c:6b:4f:c8:5f:be:e4:
d4:f3:83:83:1d:a9:7c:ae:b1:13:ce:ee:a5:fc:7e:
74:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D5:92:A8:92:D5:92:C7:E2:22:75:D6:33:62:AC:63:D3:73:3D:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/791beea0-a041-4e83-a3bb-074f4f65225c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:50c0::/46
Signature Algorithm: sha256WithRSAEncryption
69:c6:1b:bf:90:fc:96:62:fe:21:d0:ef:ed:41:22:e1:56:83:
2a:d1:ed:fe:33:62:c1:c9:1b:17:34:61:63:8f:8e:32:ed:07:
df:04:84:42:fc:34:13:33:d0:31:92:32:8a:de:c6:3f:24:c5:
13:97:d5:2a:50:df:0d:f0:dd:49:08:4c:db:71:77:13:52:25:
aa:1f:f3:23:17:93:bc:e7:d5:58:20:81:07:65:13:03:b3:98:
b9:47:81:bc:b9:f8:db:16:0a:0e:24:e9:0e:0c:37:b2:4a:f1:
01:00:5c:d8:6e:73:ce:65:ce:b2:f2:55:9b:ef:26:f1:be:35:
61:87:53:24:b4:e5:b3:52:7e:b0:ae:1b:60:25:75:c2:d2:86:
00:ba:26:eb:cd:ad:5d:ad:fe:9e:b3:46:e5:8f:b5:a5:a5:4d:
0a:28:dc:b8:4c:fe:f0:18:a1:1d:75:89:6b:51:97:d4:f7:78:
50:73:e3:f9:16:23:57:92:55:83:da:b2:da:4d:3c:36:19:31:
f2:c1:2a:05:13:ab:1b:a6:89:4b:d7:72:ff:f8:93:c5:7a:c0:
1f:b3:05:ab:eb:19:68:9e:b8:47:54:4e:8d:8f:eb:0f:37:f5:
f3:b1:ab:7c:9f:e3:7d:b2:62:64:0b:6e:1b:25:ab:e9:d6:1e:
21:b4:7e:e1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUa6PpubA8zRc4APK8pt9Op7k7gM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMxMjNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDllNmE5YmJmOGNkZDM2NWUzYzI0YTNlMTg0MTAzODE1MTc5NDE2ZjJkYzI4
ZWVlMGI3NmIyMzIwMzg1ZWRiZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJQbyxmIFHzsmXv4DdByoo1NridAf75dRCTIsbSEB+Thrn62L/IPGgAfJPh
0GXSlfzSAXYV3g8v6sodTeR0n7HdfD3F2FrH3hPGHSQQ50wngA2PWVniOfj5HOq5
M0qpExemodu4TikqXjK1TxTqRb0AMGgghD/pm8u+19rhQXLmVRGQW2kB2wpJIiwd
1n8xJ6hiuf6f4A0PpKJ0pC//9oIWcFsMYaCamwAP1nAC+4YdYH/uMfUvYstExR8h
tc4DMxO5nHiZdKjqz0HiVSpLSk4cx8uGD3WvFyj9bFwUI3fWyTGDxo6noo1sa0/I
X77k1PODgx2pfK6xE87upfx+dG0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRv1ZKo
ktWSx+IiddYzYqxj03M9qzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzkxYmVlYTAtYTA0MS00ZTgzLWEzYmItMDc0ZjRmNjUyMjVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HdQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAacYbv5D8lmL+IdDv7UEi4VaDKtHt/jNiwckb
FzRhY4+OMu0H3wSEQvw0EzPQMZIyit7GPyTFE5fVKlDfDfDdSQhM23F3E1Ilqh/z
IxeTvOfVWCCBB2UTA7OYuUeBvLn42xYKDiTpDgw3skrxAQBc2G5zzmXOsvJVm+8m
8b41YYdTJLTls1J+sK4bYCV1wtKGALom682tXa3+nrNG5Y+1paVNCijcuEz+8Bih
HXWJa1GX1Pd4UHPj+RYjV5JVg9qy2k08Nhkx8sEqBROrG6aJS9dy//iTxXrAH7MF
q+sZaJ64R1ROjY/rDzf187GrfJ/jfbJiZAtuGyWr6dYeIbR+4Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:12 2025 by rpki-client