Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
File: bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa (raw, json)
Hash identifier: jppgMKvZROYPAaqN6ZcDZffQmPtTHaLrzo+NH/FV9nQ=
Subject key identifier: 6A:10:79:96:92:2E:FD:3B:7F:3B:02:41:F4:6E:9B:7C:32:8F:84:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72D21001B00842D6F43C4B80A992896F84B0ABDA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
Signing time: Tue 15 Apr 2025 15:10:10 +0000
ROA not before: Tue 15 Apr 2025 15:10:10 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:d2:10:01:b0:08:42:d6:f4:3c:4b:80:a9:92:89:6f:84:b0:ab:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:10:10 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=1ab9bdf501a1e8f0d30f63ee4716d605778938cf551fe82093f1a54178bc6394, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:99:47:7a:18:0b:0c:2b:45:b1:c6:53:05:2f:
f1:49:d9:9c:42:e4:2e:02:85:28:af:d1:07:64:61:
f7:06:de:5f:81:77:f6:30:e7:d5:5c:63:7f:1a:74:
f0:d8:46:fc:f4:3d:59:ef:1b:a9:4e:b6:37:f8:c2:
67:3a:56:aa:ab:45:da:6d:bb:06:12:26:b1:b2:95:
fe:48:92:28:76:b9:f3:e3:e5:2d:32:f4:cd:2f:89:
21:9a:29:aa:6a:09:08:b7:86:ed:b6:bd:d5:2a:51:
f0:b5:6a:3b:d8:14:78:e9:a3:7e:93:da:e7:f7:07:
5b:03:61:3f:ff:6d:05:3a:dc:29:4a:af:96:52:af:
59:8c:a5:94:41:c3:91:21:a9:fd:13:f6:8c:20:9a:
83:02:7e:fc:61:e5:4c:c5:13:76:06:49:68:e7:14:
96:f1:12:0a:1c:4e:01:aa:99:70:5f:42:48:a1:71:
78:83:08:49:df:2b:e2:ba:a5:23:e3:b2:9d:53:12:
71:46:9a:fd:dc:35:48:73:dc:8c:cc:98:98:21:70:
d3:f7:17:90:a7:a9:d0:b9:f6:0a:0d:39:9a:da:63:
f5:a0:74:d0:c0:ae:89:dd:2d:b8:3f:40:35:ef:e2:
a7:f2:56:89:3f:98:c7:00:7c:f8:18:e2:84:7d:0b:
c1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:10:79:96:92:2E:FD:3B:7F:3B:02:41:F4:6E:9B:7C:32:8F:84:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:b000::/40
Signature Algorithm: sha256WithRSAEncryption
5c:f6:65:b2:d5:dd:8b:b7:4e:04:59:1e:81:c7:a0:c7:fa:3f:
ac:5a:0e:bb:17:3e:41:5c:69:4c:91:64:c6:e4:fd:59:fc:dd:
62:f0:e7:c9:17:c4:fd:0b:ec:ba:7a:d4:f3:7a:12:b7:1d:1a:
1f:79:20:58:32:a2:a2:ab:d9:8f:20:cf:50:86:2b:3a:a7:71:
45:71:c6:41:2b:de:75:81:51:2b:a4:79:e1:a9:f2:02:20:a9:
91:0d:2b:4d:04:20:83:37:85:6f:42:b7:96:73:8e:e9:9a:09:
5e:fb:f0:3a:e4:18:c1:a3:c9:2f:2e:19:13:04:e6:a8:a1:68:
ea:92:7f:8b:8b:0c:d9:18:27:fd:20:f2:4b:9e:06:1e:ea:14:
bd:5e:be:c6:9f:37:5e:ad:94:08:99:0a:8c:f9:79:46:fd:d6:
d6:a3:ad:e0:83:9a:31:ca:79:96:45:9d:34:b3:b6:a7:02:dd:
c2:cf:2e:65:84:59:95:48:f9:65:c0:35:cc:04:8a:4c:aa:64:
f3:3d:65:f1:69:68:45:06:06:f8:58:3e:56:f8:ea:89:6c:55:
98:c3:cf:0f:70:5c:bc:4d:24:4e:59:39:b5:38:f0:61:3f:c8:
33:b0:b3:61:fd:6a:c1:cb:72:62:05:d0:0d:ab:3e:76:36:e3:
fe:c8:ac:7e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUctIQAbAIQtb0PEuAqZKJb4Swq9owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTEwMTBaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhYjliZGY1MDFhMWU4ZjBkMzBmNjNlZTQ3MTZkNjA1Nzc4OTM4Y2Y1NTFm
ZTgyMDkzZjFhNTQxNzhiYzYzOTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+ZR3oYCwwrRbHGUwUv8UnZnELkLgKFKK/RB2Rh9wbeX4F39jDn1Vxjfxp0
8NhG/PQ9We8bqU62N/jCZzpWqqtF2m27BhImsbKV/kiSKHa58+PlLTL0zS+JIZop
qmoJCLeG7ba91SpR8LVqO9gUeOmjfpPa5/cHWwNhP/9tBTrcKUqvllKvWYyllEHD
kSGp/RP2jCCagwJ+/GHlTMUTdgZJaOcUlvESChxOAaqZcF9CSKFxeIMISd8r4rql
I+OynVMScUaa/dw1SHPcjMyYmCFw0/cXkKep0Ln2Cg05mtpj9aB00MCuid0tuD9A
Ne/ip/JWiT+YxwB8+BjihH0Lwc0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRqEHmW
ki79O387AkH0bpt8Mo+EPzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRhYTZkZTYtMDBkMy00ZDE4LThhYTAtMGJmODI4ODhkMzZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCw
MA0GCSqGSIb3DQEBCwUAA4IBAQBc9mWy1d2Lt04EWR6Bx6DH+j+sWg67Fz5BXGlM
kWTG5P1Z/N1i8OfJF8T9C+y6etTzehK3HRofeSBYMqKiq9mPIM9Qhis6p3FFccZB
K951gVErpHnhqfICIKmRDStNBCCDN4VvQreWc47pmgle+/A65BjBo8kvLhkTBOao
oWjqkn+LiwzZGCf9IPJLngYe6hS9Xr7GnzderZQImQqM+XlG/dbWo63gg5oxynmW
RZ00s7anAt3Czy5lhFmVSPllwDXMBIpMqmTzPWXxaWhFBgb4WD5W+OqJbFWYw88P
cFy8TSROWTm1OPBhP8gzsLNh/WrBy3JiBdANqz52NuP+yKx+
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:25 2025 by rpki-client