Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8af18fc-ae06-42ae-9533-a5516ea722d4.roa
File: c8af18fc-ae06-42ae-9533-a5516ea722d4.roa (raw, json)
Hash identifier: FHdjI4zW4mwfQzZMqpHKZuagUZihu78i+6/4A2YzgZU=
Subject key identifier: 90:B8:7F:A5:C5:FF:B2:A0:EA:59:BF:39:55:A0:90:98:13:F0:0A:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72BF1E0B48E228E09354E5B7FAE271DD7C4AEB7E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8af18fc-ae06-42ae-9533-a5516ea722d4.roa
Signing time: Tue 20 May 2025 19:01:21 +0000
ROA not before: Tue 20 May 2025 19:01:21 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:bf:1e:0b:48:e2:28:e0:93:54:e5:b7:fa:e2:71:dd:7c:4a:eb:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:01:21 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c8ad4a50ae0ecfbd9393a143f0e7854219ad11238f838933ac6d21a3fd0d1fbc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:de:63:e7:53:34:5f:d8:3a:b2:a8:8b:29:da:
a3:d3:1d:c5:ba:39:16:5e:33:44:33:c7:96:a9:6b:
60:ef:06:c8:1e:7a:68:d1:5a:fd:85:15:ba:0a:2d:
95:3a:03:1b:cf:9b:36:4f:64:9d:c8:93:5e:0b:c7:
d1:d2:f7:ae:5a:a8:9a:7f:4a:c3:fc:0b:c6:05:12:
25:aa:62:cc:d5:1e:eb:5a:38:0b:9f:c1:96:47:56:
ba:e3:bd:4d:69:8c:32:05:7d:ad:39:28:e2:e2:86:
5c:4c:47:c2:64:7c:d0:d5:71:bd:c3:b4:d1:0d:6f:
a3:3f:c7:a9:81:ba:a6:8b:3e:da:29:e3:44:66:f5:
b1:1a:0f:92:2f:67:55:d4:29:a3:07:7e:b4:46:76:
71:16:89:6a:02:b2:8f:f7:b5:55:24:a5:56:c5:06:
fd:4f:7d:4b:60:d1:7a:90:12:b3:80:e2:e3:fd:f1:
2d:5f:76:40:cf:6c:d7:cd:ed:2f:ed:fd:28:62:25:
d1:86:08:3d:a6:ca:01:12:44:1f:8e:a3:56:b2:13:
65:ee:5c:a9:2e:67:77:c8:2c:7d:c1:58:3e:62:63:
17:ac:43:e1:d0:1f:9a:0e:09:35:29:a7:a0:cb:8f:
ba:27:dc:72:99:6f:42:82:bc:3b:87:0d:89:c2:33:
f3:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B8:7F:A5:C5:FF:B2:A0:EA:59:BF:39:55:A0:90:98:13:F0:0A:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8af18fc-ae06-42ae-9533-a5516ea722d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9080::/48
Signature Algorithm: sha256WithRSAEncryption
08:98:69:8d:a6:04:cb:88:70:e3:6b:bf:66:ff:b3:bd:d5:43:
43:09:23:92:b5:fc:8c:4f:df:c0:fa:88:ad:26:7f:6b:52:34:
90:15:4f:75:64:27:8a:8e:be:ab:31:9c:bc:76:3f:4e:a3:5e:
3e:d5:f1:8c:29:95:72:61:e3:65:40:45:47:d3:1c:59:8c:d4:
25:1d:53:51:87:57:13:7f:58:05:c2:d4:fe:7b:fa:12:6c:8c:
c3:64:f8:1e:28:e8:63:21:5f:40:4a:3c:ea:6b:00:37:95:e5:
06:eb:49:3c:bb:9b:41:7d:d3:45:88:91:27:52:67:66:da:b6:
bc:1b:89:20:94:e6:ea:ca:6b:04:3d:f2:aa:66:47:5f:20:13:
88:8e:3c:50:cf:cb:1c:44:51:38:d1:d2:e3:10:04:ad:7f:63:
11:63:26:59:fb:15:88:a9:26:36:03:82:d1:3d:ad:23:8b:0e:
6b:07:3b:0a:eb:dc:d9:46:74:6d:31:dd:df:84:66:43:4c:9c:
01:59:49:17:67:b3:0d:bd:22:57:60:f3:73:55:e9:1b:60:89:
9b:09:2d:d8:f3:72:d3:5d:15:90:c0:88:c5:9c:88:e1:0f:9b:
9c:4b:da:b4:b1:bc:c0:33:f0:e9:99:a5:a6:78:15:9a:eb:10:
d7:27:0e:68
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcr8eC0jiKOCTVOW3+uJx3XxK634wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAxMjFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4YWQ0YTUwYWUwZWNmYmQ5MzkzYTE0M2YwZTc4NTQyMTlhZDExMjM4Zjgz
ODkzM2FjNmQyMWEzZmQwZDFmYmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIfeY+dTNF/YOrKoiynao9Mdxbo5Fl4zRDPHlqlrYO8GyB56aNFa/YUVugot
lToDG8+bNk9knciTXgvH0dL3rlqomn9Kw/wLxgUSJapizNUe61o4C5/BlkdWuuO9
TWmMMgV9rTko4uKGXExHwmR80NVxvcO00Q1voz/HqYG6pos+2injRGb1sRoPki9n
VdQpowd+tEZ2cRaJagKyj/e1VSSlVsUG/U99S2DRepASs4Di4/3xLV92QM9s183t
L+39KGIl0YYIPabKARJEH46jVrITZe5cqS5nd8gsfcFYPmJjF6xD4dAfmg4JNSmn
oMuPuifccplvQoK8O4cNicIz80cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSQuH+l
xf+yoOpZvzlVoJCYE/AKnTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzhhZjE4ZmMtYWUwNi00MmFlLTk1MzMtYTU1MTZlYTcyMmQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
gDANBgkqhkiG9w0BAQsFAAOCAQEACJhpjaYEy4hw42u/Zv+zvdVDQwkjkrX8jE/f
wPqIrSZ/a1I0kBVPdWQnio6+qzGcvHY/TqNePtXxjCmVcmHjZUBFR9McWYzUJR1T
UYdXE39YBcLU/nv6EmyMw2T4HijoYyFfQEo86msAN5XlButJPLubQX3TRYiRJ1Jn
Ztq2vBuJIJTm6sprBD3yqmZHXyATiI48UM/LHERRONHS4xAErX9jEWMmWfsViKkm
NgOC0T2tI4sOawc7Cuvc2UZ0bTHd34RmQ0ycAVlJF2ezDb0iV2Dzc1XpG2CJmwkt
2PNy010VkMCIxZyI4Q+bnEvatLG8wDPw6ZmlpngVmusQ1ycOaA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:24 2025 by rpki-client