Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c575b6fa-c023-458f-85c8-9694aa053e43.roa
File: c575b6fa-c023-458f-85c8-9694aa053e43.roa (raw, json)
Hash identifier: 3t3YfTQgWm4ljvBxbTZwH/3s3or7Qx9FGEZDDNDI1ak=
Subject key identifier: BD:1A:FE:B2:14:20:EF:51:39:48:3D:C0:EC:04:A4:8F:1A:6D:88:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E07C5D1EBE30E57900BB839914DEF2AC9598B4A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c575b6fa-c023-458f-85c8-9694aa053e43.roa
Signing time: Tue 20 May 2025 18:40:54 +0000
ROA not before: Tue 20 May 2025 18:40:54 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:07:c5:d1:eb:e3:0e:57:90:0b:b8:39:91:4d:ef:2a:c9:59:8b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:40:54 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=245ddb144f27ffafabe912f3a52f87787b1b8a1c6795b006469a386747980854, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e4:c6:bd:ae:60:1c:93:fc:59:f5:03:9e:d3:
8d:9f:2f:a2:21:f7:24:bd:e3:b1:28:12:cf:e4:9a:
f3:00:7e:0d:a9:a8:17:0a:74:c2:34:29:7d:52:e2:
5f:91:f5:fc:33:a2:00:53:62:98:da:e3:9b:53:8e:
a6:78:5f:47:e0:05:cf:ff:89:24:a5:92:24:0d:0c:
21:c8:10:98:b0:3c:01:0e:7c:13:79:69:16:39:4e:
44:fb:8b:a7:b7:33:c0:0f:ef:a0:4e:b7:4e:85:1e:
ac:e2:a9:ab:16:56:18:62:17:17:09:8c:a9:de:cd:
26:e4:81:5e:d4:16:64:d7:20:fe:ea:e0:56:a7:73:
2c:c8:53:64:a9:89:b1:12:9d:2d:dd:b6:c0:24:e9:
cf:1e:96:4f:47:b4:c6:0d:6d:9d:14:9d:4e:56:27:
5b:f8:20:7d:21:36:4d:ae:25:4f:6d:2e:fb:68:b7:
cf:08:b6:4c:61:9a:4e:8e:e5:d0:90:b6:2b:f5:e5:
af:e9:d7:9a:3c:fd:84:6c:e2:cb:67:db:9f:f4:8a:
8e:3f:3e:20:5a:8e:b9:5b:25:ec:77:12:dc:fc:a8:
e5:77:f8:ec:f3:54:81:ef:b7:bb:31:e8:b5:99:a8:
0d:79:f6:ce:21:4d:5a:c8:b1:a6:c7:11:ce:ba:25:
8f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:1A:FE:B2:14:20:EF:51:39:48:3D:C0:EC:04:A4:8F:1A:6D:88:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c575b6fa-c023-458f-85c8-9694aa053e43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4080::/48
Signature Algorithm: sha256WithRSAEncryption
b7:e4:12:65:18:b1:e4:ea:e1:73:99:c2:89:27:94:cc:bc:bc:
13:1f:5c:3d:28:67:7b:fb:27:5a:81:7f:36:0f:bf:2f:98:7b:
ce:6d:35:7c:9a:72:7a:4c:db:4c:4f:ba:07:82:70:0f:e6:bd:
96:48:09:ef:9b:de:84:2b:52:b2:1f:f5:0d:87:9b:4d:a9:87:
3a:56:e7:85:05:3b:d4:25:ed:50:6c:cf:a0:53:8b:03:35:a8:
57:fe:37:69:a4:77:f6:02:17:e4:f4:03:b0:b6:0c:49:77:82:
da:8c:6e:34:58:bc:8f:87:b7:52:75:2c:22:57:77:bf:7e:d9:
5b:b4:b9:d2:05:07:8d:e6:7f:62:2f:0f:4a:e9:9f:bc:2a:34:
aa:60:e6:8b:4d:c7:2b:b9:a7:2e:a7:db:2b:92:2d:8b:9d:68:
5c:d8:05:8d:b9:e2:cb:4a:a6:bd:23:85:28:1d:c0:d6:fe:8c:
a8:3d:bf:dd:97:b4:29:32:9d:ec:8f:38:fb:ae:70:e7:6c:f7:
03:19:88:b9:11:37:45:63:03:a5:b7:17:11:db:75:d4:57:3c:
5c:9e:ea:e7:66:1f:ce:38:e4:47:ec:58:d8:96:fa:0b:13:80:
d6:45:90:91:1e:ba:10:07:12:b7:d5:17:21:6f:ac:e0:7e:fc:
a3:ae:97:f5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDgfF0evjDleQC7g5kU3vKslZi0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQwNTRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0NWRkYjE0NGYyN2ZmYWZhYmU5MTJmM2E1MmY4Nzc4N2IxYjhhMWM2Nzk1
YjAwNjQ2OWEzODY3NDc5ODA4NTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7kxr2uYByT/Fn1A57TjZ8voiH3JL3jsSgSz+Sa8wB+DamoFwp0wjQpfVLi
X5H1/DOiAFNimNrjm1OOpnhfR+AFz/+JJKWSJA0MIcgQmLA8AQ58E3lpFjlORPuL
p7czwA/voE63ToUerOKpqxZWGGIXFwmMqd7NJuSBXtQWZNcg/urgVqdzLMhTZKmJ
sRKdLd22wCTpzx6WT0e0xg1tnRSdTlYnW/ggfSE2Ta4lT20u+2i3zwi2TGGaTo7l
0JC2K/Xlr+nXmjz9hGziy2fbn/SKjj8+IFqOuVsl7HcS3Pyo5Xf47PNUge+3uzHo
tZmoDXn2ziFNWsixpscRzroljzMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS9Gv6y
FCDvUTlIPcDsBKSPGm2ICDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzU3NWI2ZmEtYzAyMy00NThmLTg1YzgtOTY5NGFhMDUzZTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
gDANBgkqhkiG9w0BAQsFAAOCAQEAt+QSZRix5Orhc5nCiSeUzLy8Ex9cPShne/sn
WoF/Ng+/L5h7zm01fJpyekzbTE+6B4JwD+a9lkgJ75vehCtSsh/1DYebTamHOlbn
hQU71CXtUGzPoFOLAzWoV/43aaR39gIX5PQDsLYMSXeC2oxuNFi8j4e3UnUsIld3
v37ZW7S50gUHjeZ/Yi8PSumfvCo0qmDmi03HK7mnLqfbK5Iti51oXNgFjbniy0qm
vSOFKB3A1v6MqD2/3Ze0KTKd7I84+65w52z3AxmIuRE3RWMDpbcXEdt11Fc8XJ7q
52YfzjjkR+xY2Jb6CxOA1kWQkR66EAcSt9UXIW+s4H78o66X9Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:51 2025 by rpki-client