Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98d31ec0-4f9a-44c5-a7bb-227b31886812.roa
File: 98d31ec0-4f9a-44c5-a7bb-227b31886812.roa (raw, json)
Hash identifier: m+IQ3glmO2mtk2YPWvdIw/+Rosl+6/1Bsl7x+0vkVv0=
Subject key identifier: D5:3E:75:CC:74:12:B2:76:5D:E9:9F:A9:DB:04:A8:77:2F:DE:79:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 671EF68BC6224C07CFF281FEBE66C08EE6B0F111
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98d31ec0-4f9a-44c5-a7bb-227b31886812.roa
Signing time: Tue 20 May 2025 19:31:31 +0000
ROA not before: Tue 20 May 2025 19:31:31 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:90c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:1e:f6:8b:c6:22:4c:07:cf:f2:81:fe:be:66:c0:8e:e6:b0:f1:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:31:31 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=5f09380098f83581aaa535e33b8c896f158ab5bc55ab1aaf3b4f87f819142a84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:be:5e:3a:2c:e9:77:1c:f1:9f:73:97:20:47:
b9:9b:c9:c0:1c:7c:cc:35:f7:2a:40:f9:0e:90:fe:
7f:43:cd:ba:73:cf:be:24:f0:5d:f1:01:b3:a7:fa:
2e:17:d5:32:4c:6e:59:b7:fe:96:7c:2f:19:1a:16:
8c:a7:be:3a:ff:4b:cb:7c:40:51:06:d3:dc:a6:7b:
38:42:9a:4c:32:23:87:78:f0:c8:34:4d:24:19:9b:
10:b7:2a:3c:aa:0b:53:a1:54:52:7f:e7:71:51:c0:
fd:df:a5:0c:b4:d0:17:9c:85:57:a8:7b:e7:a2:f9:
2b:bf:e0:9d:70:42:fb:fc:8b:aa:7c:9e:64:25:c1:
05:39:22:b5:a1:01:3c:10:3f:39:24:33:19:8a:35:
71:8d:e4:95:78:32:13:7d:17:75:55:5b:11:c9:d3:
fa:51:3e:fc:65:65:b3:e3:c2:c6:06:42:05:94:57:
69:a5:ef:27:90:29:cb:4b:06:bb:e8:40:4a:c7:be:
10:df:41:1a:7e:0b:cd:6b:ce:27:57:12:a6:99:04:
55:e2:20:26:13:d4:de:04:7d:fd:ec:1c:ae:3a:fe:
fc:3a:08:f1:fa:d1:28:4e:f7:7d:56:a7:c9:21:f9:
df:88:c8:0d:69:87:79:1a:a9:97:7f:b7:7c:9e:29:
5f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:3E:75:CC:74:12:B2:76:5D:E9:9F:A9:DB:04:A8:77:2F:DE:79:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98d31ec0-4f9a-44c5-a7bb-227b31886812.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:90c0::/46
Signature Algorithm: sha256WithRSAEncryption
20:7c:65:de:d3:59:86:a3:68:45:98:d9:d5:59:1d:94:0b:a1:
7b:0f:60:22:fc:d6:ac:71:5d:2c:ff:80:79:24:df:35:bb:64:
30:49:43:52:0f:ef:3b:fe:b2:7b:83:03:31:a2:2e:4a:3a:f3:
cc:99:ca:f0:2d:80:f5:2f:56:fb:c2:d2:65:33:47:fc:41:2a:
18:c6:53:40:3e:fa:25:76:55:fd:68:86:cb:b8:91:08:51:c3:
87:84:92:cf:6b:46:51:f5:97:ba:68:e1:ac:31:59:e2:0e:4a:
4c:a4:85:8f:a6:4f:33:05:92:7e:70:42:be:d7:99:16:f5:9d:
3a:aa:9d:42:6e:fb:92:25:7a:9e:9a:03:98:d4:91:f2:4b:67:
e4:fc:db:70:51:88:c7:06:09:c2:cc:88:a6:25:41:cd:f3:8c:
fb:70:42:97:83:fe:1f:79:43:65:34:f8:90:37:7a:3a:09:dd:
55:a8:e1:c5:b8:26:2a:ff:45:7f:f4:36:89:c3:2c:f3:08:92:
58:ad:a7:a0:5f:43:f6:53:9a:08:27:1c:d4:fd:56:8c:fd:f2:
63:94:9e:e3:35:47:d6:2b:70:80:18:33:a7:35:66:22:fd:5c:
a1:82:20:74:35:14:41:1f:73:76:6c:9c:0a:4b:14:81:48:5e:
2f:a8:cc:1d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZx72i8YiTAfP8oH+vmbAjuaw8REwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTMxMzFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmMDkzODAwOThmODM1ODFhYWE1MzVlMzNiOGM4OTZmMTU4YWI1YmM1NWFi
MWFhZjNiNGY4N2Y4MTkxNDJhODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN++Xjos6Xcc8Z9zlyBHuZvJwBx8zDX3KkD5DpD+f0PNunPPviTwXfEBs6f6
LhfVMkxuWbf+lnwvGRoWjKe+Ov9Ly3xAUQbT3KZ7OEKaTDIjh3jwyDRNJBmbELcq
PKoLU6FUUn/ncVHA/d+lDLTQF5yFV6h756L5K7/gnXBC+/yLqnyeZCXBBTkitaEB
PBA/OSQzGYo1cY3klXgyE30XdVVbEcnT+lE+/GVls+PCxgZCBZRXaaXvJ5Apy0sG
u+hASse+EN9BGn4LzWvOJ1cSppkEVeIgJhPU3gR9/ewcrjr+/DoI8frRKE73fVan
ySH534jIDWmHeRqpl3+3fJ4pXxcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTVPnXM
dBKydl3pn6nbBKh3L955CjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OThkMzFlYzAtNGY5YS00NGM1LWE3YmItMjI3YjMxODg2ODEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HuQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAIHxl3tNZhqNoRZjZ1VkdlAuhew9gIvzWrHFd
LP+AeSTfNbtkMElDUg/vO/6ye4MDMaIuSjrzzJnK8C2A9S9W+8LSZTNH/EEqGMZT
QD76JXZV/WiGy7iRCFHDh4SSz2tGUfWXumjhrDFZ4g5KTKSFj6ZPMwWSfnBCvteZ
FvWdOqqdQm77kiV6npoDmNSR8ktn5PzbcFGIxwYJwsyIpiVBzfOM+3BCl4P+H3lD
ZTT4kDd6OgndVajhxbgmKv9Ff/Q2icMs8wiSWK2noF9D9lOaCCcc1P1WjP3yY5Se
4zVH1itwgBgzpzVmIv1coYIgdDUUQR9zdmycCksUgUheL6jMHQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:48:30 2025 by rpki-client