Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
File: 9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa (raw, json)
Hash identifier: PDB81/S2TxCKQ6AVm9op9Po+7+gqhBCaIbyIUWfJ9fc=
Subject key identifier: 9E:FD:51:03:61:15:DC:46:7D:61:98:06:3D:38:04:E4:53:96:8C:77
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48BB02E24D8F3DD698BD628FEE99CE36A8FE58DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
Signing time: Tue 20 May 2025 20:00:24 +0000
ROA not before: Tue 20 May 2025 20:00:24 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:bb:02:e2:4d:8f:3d:d6:98:bd:62:8f:ee:99:ce:36:a8:fe:58:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:00:24 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b7cd6fbcd1ff1a14484dc61728e424528bdf99fe851ee7791c9180beaa7bf1f8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3f:04:24:ac:be:ca:9a:59:67:87:11:1f:e3:
e9:35:21:50:b4:60:6b:a9:03:28:b4:d0:18:e5:cc:
4b:7b:a1:4a:ec:82:09:ea:83:db:8d:e2:7f:51:43:
2d:25:82:5e:66:5a:f1:1b:30:21:ca:6d:fe:7f:61:
e5:72:e1:06:cd:4f:b0:fa:ce:a2:d0:3d:e6:c8:7e:
74:ff:5c:8d:47:b5:4e:e6:b4:2b:e5:95:ef:0a:7f:
a9:42:cd:dc:9c:0f:70:0a:5c:5f:57:fb:04:c1:c9:
97:31:02:99:2a:8f:a6:02:3a:a1:7d:0a:03:f9:61:
42:ec:50:71:5a:59:37:a6:e0:6a:08:f1:6f:59:bb:
5e:1c:ed:a3:4d:d2:7f:31:ab:3d:30:68:3e:ca:ae:
0d:1f:2b:59:eb:7a:24:b4:74:dd:4f:b2:60:22:6c:
33:24:0e:5a:20:85:da:ea:3a:04:14:2e:2d:a2:21:
0b:98:7e:05:ef:fe:62:27:7e:d7:3f:df:98:d6:d5:
f6:41:45:5d:c2:2a:4d:56:97:b7:b8:2f:0d:63:1e:
66:7a:28:52:51:a4:2d:e4:eb:7c:65:8d:0b:fa:93:
4f:ba:c2:4d:84:9c:9e:fa:fe:1c:14:85:20:9a:95:
a9:18:9c:75:ac:4c:fc:45:32:e6:c8:9f:ce:ef:dc:
14:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:FD:51:03:61:15:DC:46:7D:61:98:06:3D:38:04:E4:53:96:8C:77
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:a000::/40
Signature Algorithm: sha256WithRSAEncryption
c8:67:76:bf:d5:36:d2:6c:43:9c:8a:02:ad:d4:94:00:39:0d:
c6:b2:eb:29:ae:8c:6e:bc:ed:e8:d2:10:9a:8f:67:5a:f9:5d:
c1:64:6f:44:a0:45:87:8c:59:4f:7d:47:38:f7:6e:b7:21:5c:
e9:5f:72:a7:00:1c:08:93:09:c9:92:2e:3c:f7:dc:80:07:e3:
03:05:9a:f8:05:12:36:96:8d:74:09:6d:65:66:0c:e5:b8:b3:
2e:bd:48:67:bf:cd:18:37:bb:d9:76:9a:6b:66:35:4c:e8:f5:
5d:cf:ce:d2:3f:5d:f6:30:8f:48:04:02:b1:2c:bb:57:80:03:
d4:ae:02:f5:0c:87:2f:8c:ec:93:6e:b5:7b:54:23:c8:ac:79:
ea:b5:fe:b1:c9:8b:bc:d2:37:81:c1:87:fe:6c:1f:bf:61:b4:
04:79:35:c3:5c:29:f3:18:8d:ca:90:e0:7d:73:1c:2a:5f:d8:
e4:a0:64:a4:75:e2:c5:ae:c5:dc:c1:80:93:c1:8b:31:fb:03:
49:f1:31:3b:ac:8f:a1:7f:fc:6b:8e:48:ea:b6:8b:f4:f9:3c:
f0:7c:34:89:17:d5:29:bc:c1:85:2d:46:d5:a9:83:cd:11:ff:
9a:f9:09:8d:4d:3f:d5:db:32:c6:58:4a:e3:06:5f:d8:99:93:
51:bb:de:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSLsC4k2PPdaYvWKP7pnONqj+WNowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAwMjRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3Y2Q2ZmJjZDFmZjFhMTQ0ODRkYzYxNzI4ZTQyNDUyOGJkZjk5ZmU4NTFl
ZTc3OTFjOTE4MGJlYWE3YmYxZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0/BCSsvsqaWWeHER/j6TUhULRga6kDKLTQGOXMS3uhSuyCCeqD243if1FD
LSWCXmZa8RswIcpt/n9h5XLhBs1PsPrOotA95sh+dP9cjUe1Tua0K+WV7wp/qULN
3JwPcApcX1f7BMHJlzECmSqPpgI6oX0KA/lhQuxQcVpZN6bgagjxb1m7Xhzto03S
fzGrPTBoPsquDR8rWet6JLR03U+yYCJsMyQOWiCF2uo6BBQuLaIhC5h+Be/+Yid+
1z/fmNbV9kFFXcIqTVaXt7gvDWMeZnooUlGkLeTrfGWNC/qTT7rCTYScnvr+HBSF
IJqVqRicdaxM/EUy5sifzu/cFNcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSe/VED
YRXcRn1hmAY9OATkU5aMdzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQyZWEyYWEtZDQwYS00OWE3LWFiMDAtNDRmZjVkYmY3MjliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGg
MA0GCSqGSIb3DQEBCwUAA4IBAQDIZ3a/1TbSbEOcigKt1JQAOQ3GsusproxuvO3o
0hCaj2da+V3BZG9EoEWHjFlPfUc49263IVzpX3KnABwIkwnJki4899yAB+MDBZr4
BRI2lo10CW1lZgzluLMuvUhnv80YN7vZdpprZjVM6PVdz87SP132MI9IBAKxLLtX
gAPUrgL1DIcvjOyTbrV7VCPIrHnqtf6xyYu80jeBwYf+bB+/YbQEeTXDXCnzGI3K
kOB9cxwqX9jkoGSkdeLFrsXcwYCTwYsx+wNJ8TE7rI+hf/xrjkjqtov0+TzwfDSJ
F9UpvMGFLUbVqYPNEf+a+QmNTT/V2zLGWErjBl/YmZNRu95p
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:21 2025 by rpki-client