Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
File: 94d1ece6-a642-4297-8fb7-d7003b36fe75.roa (raw, json)
Hash identifier: n+a/jKpVcnTXi2cTVWeJkKBy//CCXCzcFqpwv+iNV0Y=
Subject key identifier: 7C:44:D5:1F:D3:C4:DA:7E:33:66:A9:10:30:0A:B8:B4:29:C5:21:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A885548A9058EE0A1F8F15E4D416C2947215915
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
Signing time: Fri 25 Apr 2025 20:20:39 +0000
ROA not before: Fri 25 Apr 2025 20:20:39 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:88:55:48:a9:05:8e:e0:a1:f8:f1:5e:4d:41:6c:29:47:21:59:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:20:39 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=08d80c060c923d7ffd54e81757f0821831af2372c20225ab9d525051596f6922, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0b:ba:42:7b:c4:40:50:e1:79:4f:59:5c:02:
25:6a:81:2e:b2:1f:d4:c3:09:4c:b1:41:f5:8d:70:
e4:73:cf:60:1e:31:94:8e:b6:99:16:c9:2d:a2:86:
e5:24:93:eb:8d:74:3a:de:c5:1f:80:f6:e9:5b:86:
9d:af:c9:ad:05:28:ea:65:33:e2:6d:e7:a2:b5:a0:
4e:80:7b:b6:e5:54:2e:45:6f:db:71:07:72:af:33:
a7:0e:1e:90:b4:ab:1c:6b:92:7a:16:4d:6f:5f:0b:
00:9d:3f:71:0d:dc:f5:3c:0e:4c:ad:05:38:38:cd:
42:f8:16:2d:18:5b:b1:87:cd:96:68:82:db:b5:bd:
54:d6:46:ea:a2:27:c2:6d:66:a0:16:3d:f7:e6:51:
1b:0e:b7:08:93:a1:ae:f8:9a:f7:d2:31:9b:6b:04:
a4:55:39:a8:7a:9f:d3:0d:72:94:e3:ad:f8:21:67:
ca:e4:55:96:88:76:5b:d9:bf:3a:5f:ca:b8:80:7a:
f6:38:44:32:38:a9:ef:b0:9c:e6:e9:51:96:d9:57:
eb:00:38:bd:cd:f9:1f:cf:f4:62:8c:7f:a2:1d:53:
32:16:8a:9e:c4:94:4f:00:d8:6b:f0:12:01:e8:cc:
79:a2:06:77:e0:53:c9:7d:18:c8:58:61:ce:17:13:
37:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:44:D5:1F:D3:C4:DA:7E:33:66:A9:10:30:0A:B8:B4:29:C5:21:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:800::/38
Signature Algorithm: sha256WithRSAEncryption
1e:43:6e:f2:f1:cf:fe:1b:11:3e:1a:21:8f:fd:89:18:ae:4b:
c0:44:62:c8:71:de:01:a2:b5:bb:82:86:9f:53:1f:d2:7b:cd:
95:f3:9d:79:5c:78:84:72:ca:4e:c0:50:c3:32:25:d2:11:31:
20:51:3d:0e:bb:3e:0c:da:f3:10:fe:bf:29:19:5b:50:f2:cf:
8e:ad:18:9f:6d:33:ef:b4:db:92:12:72:3d:ca:ac:48:31:b1:
bc:e7:ca:a9:f6:7f:72:c5:b6:ea:f6:b6:68:11:ad:c0:a8:29:
2d:20:a3:8b:06:ef:88:ac:ff:53:61:24:cc:7a:90:98:48:56:
b6:16:06:59:b2:d7:52:5a:5a:5e:cf:9e:64:c7:4e:2e:ad:0e:
16:8d:c0:de:61:51:30:5c:b9:28:1a:f5:16:10:a9:fa:91:91:
a9:a4:40:4d:48:1b:bf:d7:cf:ea:3c:4a:33:6f:e0:b2:61:f6:
79:7d:5a:d2:eb:3d:bc:7b:61:19:72:01:d2:a5:67:87:8f:b8:
20:24:ce:6e:23:42:d6:d1:4d:aa:59:43:1e:4e:23:9d:56:99:
55:e4:7c:5b:f2:5b:8e:cd:b4:94:c1:d1:8e:6d:42:24:e4:c1:
bd:ce:c2:7d:4d:1a:d3:a4:bc:d4:77:93:2e:ba:53:9e:fa:8a:
84:d5:ba:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKohVSKkFjuCh+PFeTUFsKUchWRUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIwMzlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4ZDgwYzA2MGM5MjNkN2ZmZDU0ZTgxNzU3ZjA4MjE4MzFhZjIzNzJjMjAy
MjVhYjlkNTI1MDUxNTk2ZjY5MjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4LukJ7xEBQ4XlPWVwCJWqBLrIf1MMJTLFB9Y1w5HPPYB4xlI62mRbJLaKG
5SST6410Ot7FH4D26VuGna/JrQUo6mUz4m3norWgToB7tuVULkVv23EHcq8zpw4e
kLSrHGuSehZNb18LAJ0/cQ3c9TwOTK0FODjNQvgWLRhbsYfNlmiC27W9VNZG6qIn
wm1moBY99+ZRGw63CJOhrvia99Ixm2sEpFU5qHqf0w1ylOOt+CFnyuRVloh2W9m/
Ol/KuIB69jhEMjip77Cc5ulRltlX6wA4vc35H8/0Yox/oh1TMhaKnsSUTwDYa/AS
AejMeaIGd+BTyX0YyFhhzhcTN4sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR8RNUf
08TafjNmqRAwCri0KcUhhzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRkMWVjZTYtYTY0Mi00Mjk3LThmYjctZDcwMDNiMzZmZTc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgI
MA0GCSqGSIb3DQEBCwUAA4IBAQAeQ27y8c/+GxE+GiGP/YkYrkvARGLIcd4BorW7
goafUx/Se82V8515XHiEcspOwFDDMiXSETEgUT0Ouz4M2vMQ/r8pGVtQ8s+OrRif
bTPvtNuSEnI9yqxIMbG858qp9n9yxbbq9rZoEa3AqCktIKOLBu+IrP9TYSTMepCY
SFa2FgZZstdSWlpez55kx04urQ4WjcDeYVEwXLkoGvUWEKn6kZGppEBNSBu/18/q
PEozb+CyYfZ5fVrS6z28e2EZcgHSpWeHj7ggJM5uI0LW0U2qWUMeTiOdVplV5Hxb
8luOzbSUwdGObUIk5MG9zsJ9TRrTpLzUd5MuulOe+oqE1bps
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:08 2025 by rpki-client