Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa
File: 7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa (raw, json)
Hash identifier: efdOTGC2qhGUC1YwGptlADX5Gtq6Vc46kNf1jT1hnLk=
Subject key identifier: 94:DB:17:8C:88:41:1D:09:99:64:61:DD:91:21:12:38:9D:0A:CA:B1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C479EEC9AB9B0D9C5AD6FC65C04391948A5C7C6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa
Signing time: Fri 25 Apr 2025 19:11:22 +0000
ROA not before: Fri 25 Apr 2025 19:11:22 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:6040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:47:9e:ec:9a:b9:b0:d9:c5:ad:6f:c6:5c:04:39:19:48:a5:c7:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:11:22 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=530e46c3f0af634e413cb206695fbf5e46d9a387ea1f55df93192e2b0b9c705f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c2:a2:89:58:67:78:8a:50:9c:ca:77:00:13:
c4:32:43:fd:19:18:0d:b0:d3:4f:41:f5:ca:54:8a:
41:5f:eb:7e:4b:15:ba:9f:2a:7a:3d:47:dc:a5:51:
79:27:f1:0e:5e:90:26:56:51:da:ab:53:0f:7f:2f:
44:a0:31:b8:8f:1e:c0:e8:8c:d7:08:58:dc:ca:71:
a7:04:d5:d9:e7:93:16:ff:46:06:30:44:d5:93:14:
f0:49:00:08:4f:73:27:c0:70:db:f1:54:6c:ac:37:
dd:37:34:27:77:16:0a:e6:5c:24:a7:58:21:ff:a5:
af:7b:eb:6d:f7:9c:42:29:8e:50:2f:b1:9b:90:f7:
5a:9a:8e:64:f7:18:30:15:0a:4d:4f:b3:d9:47:38:
1d:f3:ed:49:b9:2a:75:54:66:fd:9b:73:26:e1:70:
d1:73:08:e6:7c:ad:63:75:f7:16:96:eb:17:b8:f2:
fd:70:bb:7e:97:2a:98:2c:a7:33:22:cc:f4:ba:18:
9f:28:dc:23:18:ab:91:6f:48:4d:e9:53:8a:54:48:
02:da:1a:ff:a5:f3:4f:26:19:59:cf:cb:83:ca:a9:
e0:fb:ef:81:18:0a:4f:d1:2a:5d:d3:f8:65:2b:3e:
c1:f0:07:ba:83:ff:8c:e2:02:e4:d5:2f:d2:82:dd:
d8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:DB:17:8C:88:41:1D:09:99:64:61:DD:91:21:12:38:9D:0A:CA:B1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:6040::/46
Signature Algorithm: sha256WithRSAEncryption
15:75:35:7e:b1:cf:fc:6b:1a:6c:8c:a1:77:c0:3d:23:09:82:
06:46:36:fd:c5:69:62:a5:40:4d:42:7b:93:e3:94:05:3b:17:
4f:5b:bb:3a:d3:47:f6:4e:33:e9:65:f0:f8:1d:03:d3:b1:ad:
8d:b8:c4:62:30:93:c3:25:8f:0c:c5:22:ee:51:de:0c:0d:dd:
7a:bb:7f:99:54:13:ad:8b:ff:dc:64:a0:80:39:3c:a0:d3:7a:
66:23:9e:ef:4c:6a:0e:d4:d6:d9:c1:2b:c2:39:04:44:a1:ca:
19:2e:12:c3:19:65:21:cb:d0:e0:d6:60:4c:14:01:63:9d:21:
87:e0:fc:18:64:ca:0e:65:f0:9e:17:6d:6c:18:0d:f4:29:8f:
a4:61:84:8a:40:48:a0:ad:56:b9:1a:85:ad:bd:ee:1c:1b:3a:
aa:0b:06:35:f4:79:5d:74:32:af:d8:ba:3c:00:7c:2b:26:46:
7f:dd:50:0c:07:85:cd:01:21:12:36:cb:8d:3c:93:37:b3:a7:
b9:c3:20:f5:8f:8b:f5:b6:ee:83:c4:9e:c4:50:82:87:5a:20:
d8:76:de:e0:2b:f4:44:72:0d:c0:dd:65:a7:3f:2f:ec:22:08:
70:2f:26:3f:65:a8:e8:19:78:63:fc:f0:9e:f8:f0:ec:a2:6f:
59:c6:bc:5d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHEee7Jq5sNnFrW/GXAQ5GUilx8YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTExMjJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzMGU0NmMzZjBhZjYzNGU0MTNjYjIwNjY5NWZiZjVlNDZkOWEzODdlYTFm
NTVkZjkzMTkyZTJiMGI5YzcwNWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbCoolYZ3iKUJzKdwATxDJD/RkYDbDTT0H1ylSKQV/rfksVup8qej1H3KVR
eSfxDl6QJlZR2qtTD38vRKAxuI8ewOiM1whY3MpxpwTV2eeTFv9GBjBE1ZMU8EkA
CE9zJ8Bw2/FUbKw33Tc0J3cWCuZcJKdYIf+lr3vrbfecQimOUC+xm5D3WpqOZPcY
MBUKTU+z2Uc4HfPtSbkqdVRm/ZtzJuFw0XMI5nytY3X3FpbrF7jy/XC7fpcqmCyn
MyLM9LoYnyjcIxirkW9ITelTilRIAtoa/6XzTyYZWc/Lg8qp4PvvgRgKT9EqXdP4
ZSs+wfAHuoP/jOIC5NUv0oLd2CUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSU2xeM
iEEdCZlkYd2RIRI4nQrKsTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RmNzQwYzMtY2I2Ny00YTFmLWIzOTEtZmMwYmQ3NTRhNDlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Htg
QDANBgkqhkiG9w0BAQsFAAOCAQEAFXU1frHP/GsabIyhd8A9IwmCBkY2/cVpYqVA
TUJ7k+OUBTsXT1u7OtNH9k4z6WXw+B0D07GtjbjEYjCTwyWPDMUi7lHeDA3dert/
mVQTrYv/3GSggDk8oNN6ZiOe70xqDtTW2cErwjkERKHKGS4SwxllIcvQ4NZgTBQB
Y50hh+D8GGTKDmXwnhdtbBgN9CmPpGGEikBIoK1WuRqFrb3uHBs6qgsGNfR5XXQy
r9i6PAB8KyZGf91QDAeFzQEhEjbLjTyTN7OnucMg9Y+L9bbug8SexFCCh1og2Hbe
4Cv0RHINwN1lpz8v7CIIcC8mP2Wo6Bl4Y/zwnvjw7KJvWca8XQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:03 2025 by rpki-client