Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
File: cb352ba2-1c61-4993-802d-895dc73880c2.roa (raw, json)
Hash identifier: VXimYtBM/Jb2Oz5h4/0BwCjW/ETGmwspUVD18ZVS7Cg=
Subject key identifier: 48:AC:45:04:69:EF:23:D9:D8:AD:D3:5F:9B:6E:CB:C9:A0:50:41:38
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11960E7F0B8C538700B7F09B792F26A44ACC6FF1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
Signing time: Tue 10 Jun 2025 17:21:11 +0000
ROA not before: Tue 10 Jun 2025 17:21:11 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:96:0e:7f:0b:8c:53:87:00:b7:f0:9b:79:2f:26:a4:4a:cc:6f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:21:11 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=8213bb0442b4889bd983d126d3363cb6b88cee0bbcf64a5037e0d984ab08e64a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8a:e4:9f:9c:2b:ea:b1:f9:0b:28:d0:6e:e9:
58:78:95:da:2a:b4:34:f7:6a:51:cd:5a:b1:3b:66:
fa:aa:2b:e5:b2:eb:6c:74:c2:dc:d2:8b:cc:56:b9:
ae:8d:86:f0:8e:bb:ab:b6:c0:d8:f7:9d:c5:f0:5e:
75:ca:51:89:0e:a5:7e:84:75:fd:3a:3f:ae:a5:a6:
49:16:28:67:3d:f8:ed:d2:92:7a:5b:74:19:ac:9a:
52:d7:c7:2b:01:8e:e9:31:e6:bb:45:ac:5d:c4:6e:
55:fa:27:55:d5:19:96:f3:8c:95:eb:be:82:0a:7b:
66:d4:bc:46:c0:6b:86:dc:5a:72:ed:d7:17:87:2d:
9c:61:f1:4f:1f:98:d1:ee:12:72:7d:f6:a0:d2:c4:
00:f1:3e:c5:10:d1:08:a8:8a:43:63:34:0f:f1:2c:
56:ff:c5:8c:9b:fa:5f:05:3a:9b:d4:37:39:31:46:
de:7b:52:47:93:35:90:45:f4:d7:30:5e:23:aa:b6:
f2:59:d5:b1:82:69:d0:47:c3:97:99:1f:09:8d:3b:
52:6b:4c:af:2c:40:16:1c:e2:e9:8b:b8:b5:4b:88:
b4:41:ac:0f:e9:2b:1a:26:f0:b7:30:62:86:60:e8:
f6:12:f4:b8:b6:59:d6:6a:e8:46:ed:05:ec:19:08:
b5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:AC:45:04:69:EF:23:D9:D8:AD:D3:5F:9B:6E:CB:C9:A0:50:41:38
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:800::/40
Signature Algorithm: sha256WithRSAEncryption
84:c7:e8:d9:9d:03:c9:c8:16:b9:df:b0:7f:0f:29:23:15:af:
bb:78:4f:91:53:71:e7:45:b8:4a:b3:37:81:3a:31:08:28:bd:
95:35:28:81:39:5d:50:59:8a:a6:4b:34:54:97:24:1a:2a:2b:
f7:a8:11:b8:5c:d6:e2:73:56:29:2e:22:60:a9:fe:e0:a0:23:
a2:ea:8a:eb:68:db:96:2a:c8:34:e5:8f:b7:40:bb:66:f8:47:
9f:7d:e6:6b:c3:4d:15:cd:a5:63:76:5f:8e:83:bf:71:bc:a0:
78:c5:f0:d0:c7:ed:2a:84:f1:74:b6:85:41:05:66:ea:6a:ef:
d4:cd:ab:59:fe:33:d8:70:6e:b3:68:62:f1:e9:0f:d7:28:c4:
21:4b:55:0a:09:d6:8f:c1:df:2b:54:80:c0:f8:58:b9:de:01:
39:8c:2a:29:47:31:26:31:1f:23:fd:13:e4:34:c4:0c:33:bf:
e8:b8:09:9c:a7:e3:b0:6c:44:32:d5:61:61:2c:70:39:63:bb:
49:d8:78:83:cf:7a:d3:f6:05:ba:e9:64:83:09:6c:13:34:a2:
35:12:93:61:09:52:fc:db:9a:16:96:52:87:53:df:b8:45:6d:
35:ce:e8:07:bf:3f:13:24:88:2e:1f:57:35:17:a0:59:aa:48:
6e:0d:c1:47
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEZYOfwuMU4cAt/CbeS8mpErMb/EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIxMTFaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyMTNiYjA0NDJiNDg4OWJkOTgzZDEyNmQzMzYzY2I2Yjg4Y2VlMGJiY2Y2
NGE1MDM3ZTBkOTg0YWIwOGU2NGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALiK5J+cK+qx+Qso0G7pWHiV2iq0NPdqUc1asTtm+qor5bLrbHTC3NKLzFa5
ro2G8I67q7bA2PedxfBedcpRiQ6lfoR1/To/rqWmSRYoZz347dKSelt0GayaUtfH
KwGO6THmu0WsXcRuVfonVdUZlvOMleu+ggp7ZtS8RsBrhtxacu3XF4ctnGHxTx+Y
0e4Scn32oNLEAPE+xRDRCKiKQ2M0D/EsVv/FjJv6XwU6m9Q3OTFG3ntSR5M1kEX0
1zBeI6q28lnVsYJp0EfDl5kfCY07UmtMryxAFhzi6Yu4tUuItEGsD+krGibwtzBi
hmDo9hL0uLZZ1mroRu0F7BkItSUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRIrEUE
ae8j2dit01+bbsvJoFBBODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2IzNTJiYTItMWM2MS00OTkzLTgwMmQtODk1ZGM3Mzg4MGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYI
MA0GCSqGSIb3DQEBCwUAA4IBAQCEx+jZnQPJyBa537B/DykjFa+7eE+RU3HnRbhK
szeBOjEIKL2VNSiBOV1QWYqmSzRUlyQaKiv3qBG4XNbic1YpLiJgqf7goCOi6orr
aNuWKsg05Y+3QLtm+EeffeZrw00VzaVjdl+Og79xvKB4xfDQx+0qhPF0toVBBWbq
au/UzatZ/jPYcG6zaGLx6Q/XKMQhS1UKCdaPwd8rVIDA+Fi53gE5jCopRzEmMR8j
/RPkNMQMM7/ouAmcp+OwbEQy1WFhLHA5Y7tJ2HiDz3rT9gW66WSDCWwTNKI1EpNh
CVL825oWllKHU9+4RW01zugHvz8TJIguH1c1F6BZqkhuDcFH
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:20 2025 by rpki-client