Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
File: b7d242ad-482b-4700-888a-b677a178a4bf.roa (raw, json)
Hash identifier: 1reZXL3RIkdjCI4xGliSfWtrDgB9oJwEKPepGXCEG7A=
Subject key identifier: 16:01:1E:B8:FE:BF:B4:BD:2F:81:54:B7:B7:1C:DB:2C:0A:AF:92:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 584D4F20C84E059AE435A023175A402E8367238A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
Signing time: Fri 25 Apr 2025 18:51:22 +0000
ROA not before: Fri 25 Apr 2025 18:51:22 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:4d:4f:20:c8:4e:05:9a:e4:35:a0:23:17:5a:40:2e:83:67:23:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:51:22 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=c86742705e3988e988ae6571e35de51ec5d91d5ede508f77bdd9ba1baa2d9740, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c6:c8:b8:56:6e:28:a3:38:02:66:6b:e5:d5:
b6:2b:4f:a9:50:18:f4:82:30:f7:8c:b5:6f:c8:ce:
eb:77:b5:6b:ec:71:46:db:95:a3:64:5f:9c:e6:fc:
21:15:fa:fb:11:dd:ed:25:e8:49:c9:c5:a8:d2:67:
f0:bc:be:e1:b8:d6:e8:b2:27:88:73:4d:d1:96:bb:
56:0b:0a:b6:a8:94:94:04:53:df:86:df:ed:ff:cf:
0b:9c:27:6b:d6:c6:32:fd:cd:10:be:73:9f:25:6f:
25:5f:5e:a1:9b:11:8b:5c:8b:f3:bb:af:00:6f:12:
ea:e9:9c:cf:cf:01:be:c6:21:42:30:b5:89:b9:c5:
e9:ad:76:ef:af:fb:af:ad:ce:c9:df:5c:32:90:7e:
97:3d:20:ae:cb:2a:1f:7a:83:6f:97:96:85:ad:44:
3a:a5:8f:1a:ef:ad:02:72:e8:5d:c7:78:d8:23:10:
47:20:ef:1e:ff:10:8e:3a:20:01:b7:ea:bd:8a:27:
a6:72:c3:e1:86:df:ee:ea:b6:23:8f:51:7d:91:97:
43:94:8c:85:07:1b:ed:68:0e:08:cd:31:28:a2:dd:
ce:06:fa:69:f1:ae:31:35:6c:7a:a5:f4:cf:ce:53:
17:d2:56:c3:8d:ea:11:16:a3:02:3a:d0:b4:b5:64:
0b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:01:1E:B8:FE:BF:B4:BD:2F:81:54:B7:B7:1C:DB:2C:0A:AF:92:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6080::/48
Signature Algorithm: sha256WithRSAEncryption
2a:54:8f:18:0c:47:69:60:ff:e5:b4:1f:17:ed:c2:65:13:98:
86:43:a8:92:f4:72:46:f6:45:7e:6a:44:4a:5c:e3:7d:e4:39:
bb:9a:ee:00:1b:6f:c0:6a:51:0e:d7:59:68:c8:a8:e7:bb:b3:
09:ec:bb:a0:66:86:e5:39:27:36:fc:dc:39:c1:55:6d:c5:f7:
45:26:3d:f1:7f:ae:7f:b1:b8:fd:be:8d:cc:e8:88:fb:88:9a:
a8:52:c0:e1:be:05:c0:a6:e7:61:cb:e0:3b:21:68:c0:31:1f:
e1:dc:d0:54:f7:24:5d:d6:cc:8d:6e:9c:fd:1f:a8:f3:35:f8:
f2:6d:39:e3:41:f5:d2:d4:62:75:08:83:18:a9:8f:51:68:f9:
fd:e7:f1:82:c5:41:10:ad:ff:1c:8a:a7:3a:a4:25:5f:c0:74:
1f:ba:8b:8e:ac:07:74:c0:01:fb:c1:46:89:7b:3d:84:26:2c:
1b:1d:87:8e:94:fc:85:cd:a3:95:d7:ca:69:fb:8e:f7:de:c3:
91:5a:c2:03:0d:a3:1e:56:d9:b3:3b:8b:80:2d:39:fe:b4:58:
32:99:c0:1c:31:81:71:d3:7c:cb:a1:3c:59:2a:48:44:45:18:
0d:29:24:8b:da:86:22:1d:02:ce:3c:20:a0:37:a4:f6:28:c0:
63:8d:79:64
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWE1PIMhOBZrkNaAjF1pALoNnI4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUxMjJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4Njc0MjcwNWUzOTg4ZTk4OGFlNjU3MWUzNWRlNTFlYzVkOTFkNWVkZTUw
OGY3N2JkZDliYTFiYWEyZDk3NDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOzGyLhWbiijOAJma+XVtitPqVAY9IIw94y1b8jO63e1a+xxRtuVo2RfnOb8
IRX6+xHd7SXoScnFqNJn8Ly+4bjW6LIniHNN0Za7VgsKtqiUlART34bf7f/PC5wn
a9bGMv3NEL5znyVvJV9eoZsRi1yL87uvAG8S6umcz88BvsYhQjC1ibnF6a1276/7
r63Oyd9cMpB+lz0grssqH3qDb5eWha1EOqWPGu+tAnLoXcd42CMQRyDvHv8Qjjog
AbfqvYonpnLD4Ybf7uq2I49RfZGXQ5SMhQcb7WgOCM0xKKLdzgb6afGuMTVseqX0
z85TF9JWw43qERajAjrQtLVkC/sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQWAR64
/r+0vS+BVLe3HNssCq+SvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjdkMjQyYWQtNDgyYi00NzAwLTg4OGEtYjY3N2ExNzhhNGJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg
gDANBgkqhkiG9w0BAQsFAAOCAQEAKlSPGAxHaWD/5bQfF+3CZROYhkOokvRyRvZF
fmpESlzjfeQ5u5ruABtvwGpRDtdZaMio57uzCey7oGaG5TknNvzcOcFVbcX3RSY9
8X+uf7G4/b6NzOiI+4iaqFLA4b4FwKbnYcvgOyFowDEf4dzQVPckXdbMjW6c/R+o
8zX48m0540H10tRidQiDGKmPUWj5/efxgsVBEK3/HIqnOqQlX8B0H7qLjqwHdMAB
+8FGiXs9hCYsGx2HjpT8hc2jldfKafuO997DkVrCAw2jHlbZszuLgC05/rRYMpnA
HDGBcdN8y6E8WSpIREUYDSkki9qGIh0CzjwgoDek9ijAY415ZA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:50:33 2025 by rpki-client