Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b0ccbc1-3638-4f7f-8a24-3f5e181c8b8c.roa
File: 8b0ccbc1-3638-4f7f-8a24-3f5e181c8b8c.roa (raw, json)
Hash identifier: qgm1Gr38KYaBDLlELifcRVboTFbkd/B2Cf8S5U7+TjE=
Subject key identifier: 50:F2:96:97:CA:B6:06:20:F4:65:8E:AD:D4:E7:6C:6A:BC:42:7D:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 687E60875D3A6B43DBA48F822B0782A599F7BB3C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b0ccbc1-3638-4f7f-8a24-3f5e181c8b8c.roa
Signing time: Fri 25 Apr 2025 18:50:19 +0000
ROA not before: Fri 25 Apr 2025 18:50:19 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:7e:60:87:5d:3a:6b:43:db:a4:8f:82:2b:07:82:a5:99:f7:bb:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:50:19 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ebacb63a315ada4e54ecaac8e22157835d5f51dbdd636a402965a3d30827c35d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:f8:9a:95:5c:d6:3b:a9:44:eb:03:26:c2:e1:
22:71:26:b4:7c:24:32:e9:d9:be:ca:6e:3e:04:4b:
d9:c1:01:4e:94:e6:52:95:4a:67:87:f8:5b:17:81:
8f:3b:60:10:96:a7:34:2c:2c:a0:11:51:ce:97:ba:
53:b9:83:31:d7:d3:11:40:24:29:d5:33:e6:54:8d:
21:a3:f7:5d:09:2f:19:b5:34:57:38:a3:99:47:c0:
83:05:bd:91:f8:40:6f:02:c1:e8:12:f2:6e:ba:4b:
8a:96:b4:90:d8:1b:08:76:c3:df:5c:e3:13:f1:c5:
65:7e:8b:02:e8:ff:2c:0c:05:ad:78:3f:87:87:ee:
24:37:3d:b1:e4:77:69:e7:c9:0b:96:96:b8:ac:2d:
6d:94:aa:bb:d2:33:c5:47:5b:b8:8d:93:d1:5a:84:
f3:db:fe:5c:4d:4b:4e:ca:20:7a:43:cf:5c:c5:2a:
89:5f:3c:b7:30:b4:f6:80:b8:c0:63:f2:0a:71:e3:
24:c8:32:f3:e3:5d:b2:15:45:bd:9e:3e:2d:f2:9d:
19:44:43:49:bd:69:c7:23:33:8a:a2:69:ed:fa:39:
91:05:64:99:84:87:b1:05:95:76:6a:f2:8e:d7:66:
09:21:a9:8e:1e:6c:90:e6:a0:e6:81:e6:94:3a:64:
b5:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:F2:96:97:CA:B6:06:20:F4:65:8E:AD:D4:E7:6C:6A:BC:42:7D:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b0ccbc1-3638-4f7f-8a24-3f5e181c8b8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
49:e3:1b:11:0c:43:6f:6f:ec:f9:e0:da:3d:5c:98:bb:25:aa:
3e:68:e8:f0:33:f3:99:d3:4d:dc:60:c7:d9:ad:9a:bf:ee:7c:
de:cb:6a:1e:41:e3:79:56:3b:c8:06:af:01:56:90:0b:96:e8:
02:b9:4c:dd:8d:0e:bc:bc:5c:cd:e0:ba:36:e8:a7:28:5b:18:
67:63:44:76:fe:1c:17:84:34:0a:0e:22:0c:ad:b2:6b:dc:80:
e1:81:44:28:1a:f9:a1:11:d5:a0:28:80:22:da:00:f8:f2:c7:
73:30:44:4f:a5:71:4c:60:08:f4:38:b3:43:e0:64:9f:6a:7b:
8e:ac:fe:91:dc:b9:68:68:6b:e5:52:a8:51:d3:92:b2:b6:84:
59:0d:3e:79:6d:3c:1f:79:88:9c:b8:c1:23:ae:3c:c0:c2:0d:
bb:fd:84:e7:12:17:5e:b9:93:d5:6e:09:1b:d5:a1:c4:a1:20:
3e:32:0f:3f:61:0a:89:e1:57:51:e4:3a:7f:db:e1:42:f5:81:
cd:5f:ba:63:6c:3e:a5:e5:e8:c4:61:42:bc:c0:83:78:2b:eb:
ee:52:91:99:48:70:e5:5b:0d:31:51:13:31:ca:89:b0:06:64:
a1:e2:62:8c:aa:c1:1f:b8:91:4d:a4:51:a4:a5:19:58:c4:0d:
a7:d7:5b:bb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaH5gh106a0PbpI+CKweCpZn3uzwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUwMTlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGViYWNiNjNhMzE1YWRhNGU1NGVjYWFjOGUyMjE1NzgzNWQ1ZjUxZGJkZDYz
NmE0MDI5NjVhM2QzMDgyN2MzNWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOz4mpVc1jupROsDJsLhInEmtHwkMunZvspuPgRL2cEBTpTmUpVKZ4f4WxeB
jztgEJanNCwsoBFRzpe6U7mDMdfTEUAkKdUz5lSNIaP3XQkvGbU0VzijmUfAgwW9
kfhAbwLB6BLybrpLipa0kNgbCHbD31zjE/HFZX6LAuj/LAwFrXg/h4fuJDc9seR3
aefJC5aWuKwtbZSqu9IzxUdbuI2T0VqE89v+XE1LTsogekPPXMUqiV88tzC09oC4
wGPyCnHjJMgy8+NdshVFvZ4+LfKdGURDSb1pxyMziqJp7fo5kQVkmYSHsQWVdmry
jtdmCSGpjh5skOag5oHmlDpktR0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRQ8paX
yrYGIPRljq3U52xqvEJ90DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGIwY2NiYzEtMzYzOC00ZjdmLThhMjQtM2Y1ZTE4MWM4YjhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
wDANBgkqhkiG9w0BAQsFAAOCAQEASeMbEQxDb2/s+eDaPVyYuyWqPmjo8DPzmdNN
3GDH2a2av+583stqHkHjeVY7yAavAVaQC5boArlM3Y0OvLxczeC6NuinKFsYZ2NE
dv4cF4Q0Cg4iDK2ya9yA4YFEKBr5oRHVoCiAItoA+PLHczBET6VxTGAI9DizQ+Bk
n2p7jqz+kdy5aGhr5VKoUdOSsraEWQ0+eW08H3mInLjBI648wMINu/2E5xIXXrmT
1W4JG9WhxKEgPjIPP2EKieFXUeQ6f9vhQvWBzV+6Y2w+peXoxGFCvMCDeCvr7lKR
mUhw5VsNMVETMcqJsAZkoeJijKrBH7iRTaRRpKUZWMQNp9dbuw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:09 2025 by rpki-client