Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
File: 93932fd5-a431-4690-94d6-ed2f97f585c1.roa (raw, json)
Hash identifier: e7C8fHv16ak26XqyJsdTvxo5zoaceI/coiY9/LgZeyE=
Subject key identifier: 73:D5:68:C0:43:EC:3E:C8:5F:4E:D1:1B:E3:51:9E:58:32:B7:7F:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49CA1F895CCD0EAB9977FB8BE0A135B4283C0918
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
Signing time: Fri 25 Apr 2025 20:10:48 +0000
ROA not before: Fri 25 Apr 2025 20:10:48 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:ca:1f:89:5c:cd:0e:ab:99:77:fb:8b:e0:a1:35:b4:28:3c:09:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:10:48 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=217a37f7a306f20b3401d072dcea1b46881f3a999f868d711a184aa6cc483602, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:dd:32:59:a8:d0:ee:22:4d:bc:c3:4d:75:29:
07:97:4a:c8:af:9e:c7:d4:11:6e:a3:3a:c3:85:0a:
b6:1f:d4:2a:4e:13:1e:e6:78:a2:f7:5d:aa:e0:04:
5d:bc:ec:72:51:0a:6f:7f:42:36:f3:27:9c:71:21:
d6:e6:52:42:31:83:59:90:ad:29:9f:38:3c:c2:d4:
47:b2:ab:1f:f1:ca:7e:90:c3:b5:74:41:14:d0:64:
00:fe:2f:2e:15:93:29:41:a7:96:b1:ea:bc:ad:0b:
a1:88:95:45:e2:03:a7:9f:ac:b6:05:99:c3:6f:89:
63:d4:cd:1b:f9:e4:14:d1:ee:70:b7:51:ed:d7:98:
c9:ca:e1:82:f8:2e:f8:bb:64:79:66:3a:d6:12:56:
ce:af:a8:bd:85:3e:52:af:55:31:c7:f6:2d:b0:30:
dc:69:8b:56:9f:94:c2:3a:ab:42:e2:03:18:84:09:
9c:23:4a:95:bd:67:6d:3d:a8:b8:29:29:e9:d9:ac:
52:9b:38:56:8a:74:ef:df:e6:10:a0:42:8e:2f:e5:
b9:98:2b:a7:f9:8e:92:9a:f1:d2:15:f7:aa:7e:10:
99:79:6a:28:95:7c:ca:71:50:b0:a8:3f:76:75:43:
b1:45:53:c2:5f:a1:ef:a8:6b:58:31:90:00:2f:9b:
02:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D5:68:C0:43:EC:3E:C8:5F:4E:D1:1B:E3:51:9E:58:32:B7:7F:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:800::/38
Signature Algorithm: sha256WithRSAEncryption
5a:e5:02:f9:16:69:54:ae:e1:d8:88:a5:7f:44:94:9e:87:7d:
f9:be:36:ae:a2:73:e1:de:c5:76:4f:85:2f:37:37:68:7b:54:
f5:e9:4e:3f:16:96:3a:fe:64:ac:f3:fb:ef:ef:da:7f:a0:12:
f2:75:7b:9c:d1:dc:dc:1d:82:62:4c:3a:69:6f:c4:89:d2:b1:
8b:7c:cf:98:b9:00:07:60:af:1a:7c:52:0a:ef:6f:42:8a:97:
00:ff:3f:21:a9:37:82:da:3e:35:02:c2:f7:53:6c:6b:7b:82:
be:14:47:2f:3c:87:1b:60:42:71:4c:08:23:4c:2b:0d:90:38:
bf:56:be:8e:c2:96:dd:80:38:fd:3d:b2:7e:c5:a8:37:1c:54:
f2:08:5c:2e:83:63:c3:e5:07:e6:63:eb:a8:95:03:37:22:5d:
f5:43:d6:68:cb:a5:50:8a:e4:a3:34:14:a9:1c:8d:0a:d3:af:
92:ee:0a:41:d2:2f:64:fe:85:6a:52:7f:74:0c:1b:1f:61:32:
c6:0c:b7:e7:32:d2:47:20:e8:74:ca:09:8f:3f:8c:24:62:66:
12:50:26:00:ec:04:93:40:b8:01:73:e0:71:a5:e9:05:c7:e4:
9e:33:99:6c:83:ee:19:b2:ca:1a:4a:e9:51:94:84:e9:93:99:
89:e9:5e:8c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUScofiVzNDquZd/uL4KE1tCg8CRgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDEwNDhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxN2EzN2Y3YTMwNmYyMGIzNDAxZDA3MmRjZWExYjQ2ODgxZjNhOTk5Zjg2
OGQ3MTFhMTg0YWE2Y2M0ODM2MDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLdMlmo0O4iTbzDTXUpB5dKyK+ex9QRbqM6w4UKth/UKk4THuZ4ovddquAE
XbzsclEKb39CNvMnnHEh1uZSQjGDWZCtKZ84PMLUR7KrH/HKfpDDtXRBFNBkAP4v
LhWTKUGnlrHqvK0LoYiVReIDp5+stgWZw2+JY9TNG/nkFNHucLdR7deYycrhgvgu
+LtkeWY61hJWzq+ovYU+Uq9VMcf2LbAw3GmLVp+UwjqrQuIDGIQJnCNKlb1nbT2o
uCkp6dmsUps4Vop079/mEKBCji/luZgrp/mOkprx0hX3qn4QmXlqKJV8ynFQsKg/
dnVDsUVTwl+h76hrWDGQAC+bAiMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRz1WjA
Q+w+yF9O0RvjUZ5YMrd/HDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM5MzJmZDUtYTQzMS00NjkwLTk0ZDYtZWQyZjk3ZjU4NWMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BII
MA0GCSqGSIb3DQEBCwUAA4IBAQBa5QL5FmlUruHYiKV/RJSeh335vjauonPh3sV2
T4UvNzdoe1T16U4/FpY6/mSs8/vv79p/oBLydXuc0dzcHYJiTDppb8SJ0rGLfM+Y
uQAHYK8afFIK729CipcA/z8hqTeC2j41AsL3U2xre4K+FEcvPIcbYEJxTAgjTCsN
kDi/Vr6OwpbdgDj9PbJ+xag3HFTyCFwug2PD5QfmY+uolQM3Il31Q9Zoy6VQiuSj
NBSpHI0K06+S7gpB0i9k/oVqUn90DBsfYTLGDLfnMtJHIOh0ygmPP4wkYmYSUCYA
7ASTQLgBc+BxpekFx+SeM5lsg+4ZssoaSulRlITpk5mJ6V6M
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:26 2025 by rpki-client