Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
File: bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa (raw, json)
Hash identifier: +W/PMyTiEpD3AKliDp/aIyk0A6b0YrlBuKKNNR7Qjl8=
Subject key identifier: 0D:91:50:6F:98:C7:FE:CA:48:45:EC:30:43:F4:3F:41:B2:75:FE:35
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51D5DC0A7129AADF22A7A94DEAB17E29920351B2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
Signing time: Fri 06 Jun 2025 15:10:25 +0000
ROA not before: Fri 06 Jun 2025 15:10:25 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:d5:dc:0a:71:29:aa:df:22:a7:a9:4d:ea:b1:7e:29:92:03:51:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:25 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=45a2c94cc13472fa8f4c6a95cca22dc8a20f9828f27f492a12e4a10127323802, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:05:ae:79:8c:3e:31:2c:42:a2:c6:01:9f:62:
ec:05:e0:c7:f7:8b:39:99:0f:a3:a7:31:1f:cf:83:
9d:e2:4a:25:5b:3f:b1:12:df:04:ba:b0:ad:87:cd:
14:c4:b6:b9:ce:a9:ac:71:65:8e:84:68:27:9a:8e:
29:15:6a:e4:47:2f:7c:17:66:8e:03:e1:2a:0b:d7:
f0:52:9c:cf:28:94:4b:4e:24:8f:41:5d:43:dd:9b:
15:3c:bf:ea:8b:66:40:72:a1:4b:17:a9:e2:8d:72:
c4:17:03:bc:ea:f1:6d:0a:4e:08:bd:2f:44:69:af:
78:57:21:17:f2:f1:f7:ef:02:1f:b3:e4:4f:b5:ff:
e1:88:62:35:d8:c2:da:6f:05:94:4a:ad:a4:33:2e:
0b:12:6c:20:47:13:3e:fb:ac:18:1d:d5:19:b4:39:
99:33:06:b9:99:23:df:08:d3:a7:46:88:ed:39:be:
48:62:bb:1d:0f:fe:7a:53:bc:2a:9c:64:17:3d:fa:
59:1c:1b:1b:25:19:a4:8e:9c:5f:dd:a4:06:c1:cc:
1a:c3:cf:22:2b:c8:d0:9e:6d:43:09:7d:9e:55:ad:
bc:3f:70:ef:f1:ce:b5:2e:66:d4:7a:63:6f:0b:06:
62:67:7c:d2:61:92:b9:63:8d:a7:4b:43:d6:d6:96:
ec:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:91:50:6F:98:C7:FE:CA:48:45:EC:30:43:F4:3F:41:B2:75:FE:35
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:2000::/40
Signature Algorithm: sha256WithRSAEncryption
7c:55:0e:89:26:d2:6a:f0:2e:3d:47:34:11:8a:a7:87:d6:5b:
37:40:f4:88:40:c4:ff:ec:50:a4:20:41:e9:77:3e:71:03:8e:
37:50:23:d4:d2:7c:96:57:b8:ee:c7:e2:94:b9:48:2c:6b:48:
35:ab:9b:96:60:14:2f:fe:b5:8d:c7:65:8f:45:26:31:10:0c:
aa:85:a3:fd:3c:b2:38:4a:1a:c1:86:b4:82:02:7c:b1:f4:07:
5e:45:71:24:ba:ab:fb:9e:d9:1a:66:c9:da:da:3f:36:05:be:
eb:3b:1b:0e:9b:18:5c:78:c4:bc:64:02:46:f9:da:cb:1d:14:
8a:fb:4c:6a:32:16:e6:9a:1d:8d:18:9e:3c:65:7d:de:a6:51:
fd:81:cc:9c:18:3b:2a:bf:8f:c2:6a:fe:ea:c1:84:76:ea:9e:
16:98:05:32:71:3a:95:0f:61:71:24:08:f1:ef:44:15:49:3e:
fb:9a:be:bd:23:97:73:0e:5a:e4:37:85:4f:72:93:73:10:68:
44:d5:3c:4f:d8:98:f1:a6:65:98:e4:93:1a:ad:20:a3:72:8b:
6b:a7:09:68:e1:7d:59:9d:98:27:84:e7:14:c6:8c:37:3d:8a:
97:95:04:0d:b1:2a:b1:58:dd:2c:4d:20:9a:94:45:7d:8e:b7:
15:da:09:70
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUdXcCnEpqt8ip6lN6rF+KZIDUbIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwMjVaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1YTJjOTRjYzEzNDcyZmE4ZjRjNmE5NWNjYTIyZGM4YTIwZjk4MjhmMjdm
NDkyYTEyZTRhMTAxMjczMjM4MDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPkFrnmMPjEsQqLGAZ9i7AXgx/eLOZkPo6cxH8+DneJKJVs/sRLfBLqwrYfN
FMS2uc6prHFljoRoJ5qOKRVq5EcvfBdmjgPhKgvX8FKczyiUS04kj0FdQ92bFTy/
6otmQHKhSxep4o1yxBcDvOrxbQpOCL0vRGmveFchF/Lx9+8CH7PkT7X/4YhiNdjC
2m8FlEqtpDMuCxJsIEcTPvusGB3VGbQ5mTMGuZkj3wjTp0aI7Tm+SGK7HQ/+elO8
KpxkFz36WRwbGyUZpI6cX92kBsHMGsPPIivI0J5tQwl9nlWtvD9w7/HOtS5m1Hpj
bwsGYmd80mGSuWONp0tD1taW7D8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQNkVBv
mMf+ykhF7DBD9D9BsnX+NTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmM1OWU0MjEtYmExZC00ZjZhLWFlYmEtOWQ1YzY3M2E3MDI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAg
MA0GCSqGSIb3DQEBCwUAA4IBAQB8VQ6JJtJq8C49RzQRiqeH1ls3QPSIQMT/7FCk
IEHpdz5xA443UCPU0nyWV7jux+KUuUgsa0g1q5uWYBQv/rWNx2WPRSYxEAyqhaP9
PLI4ShrBhrSCAnyx9AdeRXEkuqv7ntkaZsna2j82Bb7rOxsOmxhceMS8ZAJG+drL
HRSK+0xqMhbmmh2NGJ48ZX3eplH9gcycGDsqv4/Cav7qwYR26p4WmAUycTqVD2Fx
JAjx70QVST77mr69I5dzDlrkN4VPcpNzEGhE1TxP2JjxpmWY5JMarSCjcotrpwlo
4X1ZnZgnhOcUxow3PYqXlQQNsSqxWN0sTSCalEV9jrcV2glw
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:31 2025 by rpki-client