Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
File: 8a06e909-5227-47d9-a58c-be623a2a4cad.roa (raw, json)
Hash identifier: AskitV2UstczNJRswQvHtZDvHgLzZjvOc/ztQkC2U1Y=
Subject key identifier: 6B:42:B5:2D:AB:9D:E6:EB:53:37:03:0D:BB:CA:07:5D:77:29:AB:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C15F399943EC1820A58FDE66694B8CD50A10274
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
Signing time: Fri 25 Apr 2025 20:00:01 +0000
ROA not before: Fri 25 Apr 2025 20:00:01 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:15:f3:99:94:3e:c1:82:0a:58:fd:e6:66:94:b8:cd:50:a1:02:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:00:01 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=5b63d5ca592bb12ed8ab2a23a4012eaddf7aacb126c368d7e18760dcb3b88cdc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ec:02:87:50:7f:36:3b:46:8a:32:37:91:7e:
2e:52:a0:53:11:01:b9:c6:a9:fe:a6:a1:0e:0f:ff:
24:ce:67:9e:17:7c:d3:74:0a:5b:62:0d:43:0f:34:
43:e1:15:47:46:3b:e1:ca:87:6c:e8:cc:56:f8:6b:
ac:50:77:8e:b7:3b:ba:9f:87:f7:8d:de:da:6d:5a:
90:24:4a:1d:98:63:4f:9e:26:6b:9a:e5:87:6b:e5:
3d:0e:6e:3f:be:64:15:88:fd:c0:09:03:06:33:f6:
ee:9b:0f:8e:b9:6f:7b:25:13:a8:4d:7c:d2:b8:9f:
c7:a4:6f:dd:0b:6c:8b:ef:18:56:75:88:d5:bc:68:
71:7d:54:ec:6c:6e:81:cd:f1:fd:59:d7:ab:ff:3f:
37:74:1d:4e:60:e6:04:9a:01:38:c1:23:01:ff:03:
dc:58:01:84:3f:8c:b8:87:3e:b1:20:9f:af:38:c7:
ba:f1:41:37:af:34:ee:02:c4:47:30:46:36:8b:4e:
11:aa:8f:15:91:08:8c:fe:5d:fc:89:e7:ac:2e:bc:
48:a2:4f:1f:73:5a:a9:da:20:e5:0b:fc:21:48:ec:
f7:1c:08:f4:19:54:42:7b:5c:45:e6:cd:2d:59:cb:
d6:bd:84:80:b5:4c:ad:57:bb:c1:b3:97:6e:28:45:
f4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:42:B5:2D:AB:9D:E6:EB:53:37:03:0D:BB:CA:07:5D:77:29:AB:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:4000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:5e:8e:75:5c:d8:46:a7:d5:79:7f:82:ef:82:f8:53:c5:43:
bb:ad:d2:23:fa:30:fb:d9:83:28:bb:7c:87:24:29:80:98:47:
53:e1:21:f1:29:c7:18:7f:4f:db:07:e4:ae:8a:ba:1b:fd:67:
7c:27:7e:08:67:23:da:01:25:f1:0b:32:29:2f:46:a0:6a:6b:
4d:d7:cc:b6:25:8c:2e:ee:7f:5d:f0:fa:3d:5c:8f:c6:c5:b9:
46:ef:15:47:dd:2f:57:82:d2:75:bc:cf:d5:75:3a:1f:15:9a:
f8:be:f9:06:7e:23:38:a7:19:51:2a:30:ad:b3:b0:f7:be:da:
75:03:20:23:58:4a:fe:93:84:08:8c:85:83:32:43:52:78:fa:
b3:c7:0d:7a:df:1d:4d:4d:e5:52:36:0d:5c:f6:29:89:0a:ca:
80:8e:ab:16:84:a7:f2:e9:e0:b7:ea:22:5f:55:c3:86:c1:70:
9c:02:cb:ff:e5:32:90:3a:f9:2f:b2:1f:1d:50:45:ce:db:cb:
e4:e1:8c:c3:81:1b:ac:d9:af:16:2f:6b:9f:05:68:d0:80:9e:
65:5d:6e:f8:e4:bf:bd:3a:0b:6d:da:af:06:85:15:b9:13:77:
fe:c7:ea:ce:e1:a4:61:52:80:b0:a8:07:b6:d6:84:68:92:47:
ea:ee:32:42
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDBXzmZQ+wYIKWP3mZpS4zVChAnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAwMDFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDViNjNkNWNhNTkyYmIxMmVkOGFiMmEyM2E0MDEyZWFkZGY3YWFjYjEyNmMz
NjhkN2UxODc2MGRjYjNiODhjZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjsAodQfzY7RooyN5F+LlKgUxEBucap/qahDg//JM5nnhd803QKW2INQw80
Q+EVR0Y74cqHbOjMVvhrrFB3jrc7up+H943e2m1akCRKHZhjT54ma5rlh2vlPQ5u
P75kFYj9wAkDBjP27psPjrlveyUTqE180rifx6Rv3Qtsi+8YVnWI1bxocX1U7Gxu
gc3x/VnXq/8/N3QdTmDmBJoBOMEjAf8D3FgBhD+MuIc+sSCfrzjHuvFBN6807gLE
RzBGNotOEaqPFZEIjP5d/InnrC68SKJPH3Naqdog5Qv8IUjs9xwI9BlUQntcRebN
LVnL1r2EgLVMrVe7wbOXbihF9IcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRrQrUt
q53m61M3Aw27ygdddymr/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGEwNmU5MDktNTIyNy00N2Q5LWE1OGMtYmU2MjNhMmE0Y2FkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhA
MA0GCSqGSIb3DQEBCwUAA4IBAQDBXo51XNhGp9V5f4LvgvhTxUO7rdIj+jD72YMo
u3yHJCmAmEdT4SHxKccYf0/bB+Suirob/Wd8J34IZyPaASXxCzIpL0agamtN18y2
JYwu7n9d8Po9XI/GxblG7xVH3S9XgtJ1vM/VdTofFZr4vvkGfiM4pxlRKjCts7D3
vtp1AyAjWEr+k4QIjIWDMkNSePqzxw163x1NTeVSNg1c9imJCsqAjqsWhKfy6eC3
6iJfVcOGwXCcAsv/5TKQOvkvsh8dUEXO28vk4YzDgRus2a8WL2ufBWjQgJ5lXW74
5L+9Ogtt2q8GhRW5E3f+x+rO4aRhUoCwqAe21oRokkfq7jJC
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:26 2025 by rpki-client