Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab51a88f-7495-4754-985a-700885d2554a.roa
File: ab51a88f-7495-4754-985a-700885d2554a.roa (raw, json)
Hash identifier: OK2zwpWzWW60BVZlPUrOCTzi/WgS8XSDhDF6KxpacN4=
Subject key identifier: D6:CB:DB:23:A6:88:99:AC:01:BF:6D:02:CD:F4:45:A1:25:3D:B6:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FA8A15DE26A6DE3BAD8163871A0460E26DD382E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab51a88f-7495-4754-985a-700885d2554a.roa
Signing time: Tue 20 May 2025 19:20:16 +0000
ROA not before: Tue 20 May 2025 19:20:16 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:e040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:a8:a1:5d:e2:6a:6d:e3:ba:d8:16:38:71:a0:46:0e:26:dd:38:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:20:16 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=18975f806835d20a52efab791f5ee2092bdae8b79f06d7b94f9b27ec85ef4cf6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ce:49:33:91:97:b1:25:0c:9b:eb:7b:e1:59:
f2:47:53:6f:d2:19:35:21:ec:03:d6:62:19:70:c6:
d5:d9:32:8d:a1:f9:e9:88:d0:ba:dc:6b:e1:16:1d:
8d:4c:c3:9f:77:53:81:f8:76:b6:b8:9c:85:df:ad:
9a:e7:66:70:68:6a:c4:fd:1a:7e:97:ab:6a:bf:b9:
44:e5:32:be:99:7d:f5:7a:cc:dd:09:26:9b:6e:53:
24:73:fb:52:7e:0f:07:0e:3d:ae:af:a0:74:10:d2:
16:57:05:75:35:fa:a5:6f:43:b4:b5:d8:59:cb:ee:
ab:5b:01:91:f3:d4:9b:41:3a:35:1d:c8:26:31:78:
d2:df:23:d9:83:77:b9:b6:a0:2b:34:3d:61:46:ac:
04:77:9a:38:69:3e:7d:c4:17:b9:c4:df:5c:b1:44:
e5:ff:b2:0a:42:13:95:ff:cc:a1:68:ff:e6:0b:fb:
b2:6e:40:03:81:79:0e:ad:78:90:33:91:b4:b9:89:
2b:b9:05:a7:fa:d8:12:ab:1a:59:bb:55:f6:85:7a:
6a:1e:06:ed:24:64:7a:fa:ee:bf:7f:15:5a:5c:4e:
29:d0:2a:51:d6:67:39:30:56:89:80:42:9e:08:2e:
a7:70:9f:15:37:74:ac:fe:21:39:4a:8a:e2:13:6d:
d1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:CB:DB:23:A6:88:99:AC:01:BF:6D:02:CD:F4:45:A1:25:3D:B6:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab51a88f-7495-4754-985a-700885d2554a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:e040::/46
Signature Algorithm: sha256WithRSAEncryption
24:33:62:fd:76:4d:c1:30:1b:9d:8c:c7:7c:a3:48:be:b1:e0:
cf:13:23:06:b1:c1:4e:bf:70:bb:e2:97:a8:08:02:55:6e:4d:
a3:79:d5:9f:70:db:ba:60:8b:89:35:0f:b4:e0:fa:53:84:1a:
8c:d5:c0:06:fe:9c:b4:c8:1d:36:80:88:d3:17:13:55:dd:f7:
2d:d7:7b:e2:7d:22:14:1a:ac:7b:0e:fc:91:2d:c9:b4:bd:76:
5c:fe:2e:f6:ce:03:2c:95:19:95:7b:a0:33:08:a0:17:af:0d:
99:9d:57:9f:61:a8:20:4a:30:1c:bd:7e:72:aa:b6:fd:1c:2d:
b2:3c:e0:69:10:c1:e3:a9:83:97:4e:71:73:e8:35:62:31:38:
a4:33:35:4b:be:c8:39:da:53:d0:b2:18:83:d0:dc:dc:71:4d:
d9:bd:0d:ba:02:2d:7e:8f:77:50:48:fd:0b:de:91:a5:30:58:
fd:c0:33:17:36:d3:12:b6:33:86:25:2c:2b:a9:2f:fa:95:ec:
be:4a:61:9a:d1:c9:db:e1:04:56:67:0f:1d:d7:04:1e:00:4a:
f2:9b:ee:10:33:8a:0a:fb:4e:4e:34:58:25:5b:cd:ec:0a:2b:
05:2b:84:23:3c:36:f6:7a:7b:0b:b5:77:3e:43:82:d3:c5:37:
ea:08:e7:89
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUP6ihXeJqbeO62BY4caBGDibdOC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIwMTZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4OTc1ZjgwNjgzNWQyMGE1MmVmYWI3OTFmNWVlMjA5MmJkYWU4Yjc5ZjA2
ZDdiOTRmOWIyN2VjODVlZjRjZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3OSTORl7ElDJvre+FZ8kdTb9IZNSHsA9ZiGXDG1dkyjaH56YjQutxr4RYd
jUzDn3dTgfh2trichd+tmudmcGhqxP0afperar+5ROUyvpl99XrM3Qkmm25TJHP7
Un4PBw49rq+gdBDSFlcFdTX6pW9DtLXYWcvuq1sBkfPUm0E6NR3IJjF40t8j2YN3
ubagKzQ9YUasBHeaOGk+fcQXucTfXLFE5f+yCkITlf/MoWj/5gv7sm5AA4F5Dq14
kDORtLmJK7kFp/rYEqsaWbtV9oV6ah4G7SRkevruv38VWlxOKdAqUdZnOTBWiYBC
nggup3CfFTd0rP4hOUqK4hNt0TkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTWy9sj
poiZrAG/bQLN9EWhJT22/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWI1MWE4OGYtNzQ5NS00NzU0LTk4NWEtNzAwODg1ZDI1NTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hfg
QDANBgkqhkiG9w0BAQsFAAOCAQEAJDNi/XZNwTAbnYzHfKNIvrHgzxMjBrHBTr9w
u+KXqAgCVW5No3nVn3DbumCLiTUPtOD6U4QajNXABv6ctMgdNoCI0xcTVd33Ldd7
4n0iFBqsew78kS3JtL12XP4u9s4DLJUZlXugMwigF68NmZ1Xn2GoIEowHL1+cqq2
/RwtsjzgaRDB46mDl05xc+g1YjE4pDM1S77IOdpT0LIYg9Dc3HFN2b0NugItfo93
UEj9C96RpTBY/cAzFzbTErYzhiUsK6kv+pXsvkphmtHJ2+EEVmcPHdcEHgBK8pvu
EDOKCvtOTjRYJVvN7AorBSuEIzw29np7C7V3PkOC08U36gjniQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:23 2025 by rpki-client