Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1e068ff-4b68-41da-853b-c228a382c6bd.roa
File: d1e068ff-4b68-41da-853b-c228a382c6bd.roa (raw, json)
Hash identifier: 4gpLqA5s6Z+5YoJEce2E+jonQj5XwBKF62ahYYNu5v0=
Subject key identifier: 4A:48:DA:18:49:9E:06:14:44:2D:F0:02:27:90:08:DC:EB:1B:91:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 18B6F9C93F7A3FD19A925B70649BDB34D810C0B2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1e068ff-4b68-41da-853b-c228a382c6bd.roa
Signing time: Thu 17 Apr 2025 20:36:51 +0000
ROA not before: Thu 17 Apr 2025 20:36:51 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:b6:f9:c9:3f:7a:3f:d1:9a:92:5b:70:64:9b:db:34:d8:10:c0:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 20:36:51 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=6eb3816b2053f88cd81685100205b0f75037b341455fb97a37b0f5d7de172edd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:94:07:37:1c:1c:3d:bc:36:79:fd:45:7d:ff:
33:35:3f:00:f6:2c:32:a9:19:64:4d:d6:bf:40:49:
84:25:a8:23:b9:61:11:62:9d:1d:fb:c1:d4:3c:f5:
72:73:0c:a0:51:76:f5:e8:e0:1e:5b:0b:90:70:83:
1f:ee:09:9d:74:f1:da:9d:86:e6:de:28:5d:33:31:
96:4f:75:99:5c:9e:ee:f1:36:e8:d6:46:1b:13:d7:
0c:fc:38:be:2d:02:44:6c:d4:6e:84:b5:6b:50:85:
60:76:59:6c:af:b6:7a:83:80:31:b7:96:37:f4:de:
6b:47:9e:3e:55:b4:e5:49:87:02:ef:b3:05:f0:6c:
72:28:ad:99:47:53:47:80:dd:d5:d9:a4:b7:f0:ae:
02:ce:04:cc:be:01:39:82:fb:8b:f8:76:d4:ad:b6:
5e:da:46:08:0b:0e:b4:e2:53:89:53:68:19:d1:5c:
ad:fb:73:f9:ad:00:9e:b9:f9:e7:86:36:e0:c0:31:
9e:83:4f:80:a8:b0:a0:9c:62:ab:73:e4:96:1b:40:
9c:9c:4a:e7:b3:e1:cd:3f:fb:f9:96:05:b6:aa:f2:
3c:d1:ec:0f:97:bc:0e:df:8e:c5:c9:cb:02:5f:78:
f5:f4:77:26:16:dd:cd:e1:44:45:59:ca:f1:49:e4:
4a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:48:DA:18:49:9E:06:14:44:2D:F0:02:27:90:08:DC:EB:1B:91:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1e068ff-4b68-41da-853b-c228a382c6bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:9000::/40
Signature Algorithm: sha256WithRSAEncryption
08:f5:1f:d7:a2:5f:19:51:d4:a8:49:0e:3d:1c:86:d3:12:0e:
5a:1f:8a:24:c8:06:b6:76:21:25:9e:db:f2:02:5f:9a:78:ec:
ac:78:57:06:bc:5f:09:35:79:75:ec:2e:04:14:ab:02:73:51:
9b:d5:26:96:63:10:b0:21:91:58:33:c1:22:1c:60:b5:34:53:
b9:13:19:77:b7:fe:22:6c:a6:d5:7f:3c:ac:58:7e:47:92:49:
be:60:11:44:b7:4c:63:e2:a5:d4:60:c4:52:02:59:ec:d0:88:
b5:b0:a3:b8:79:18:28:6e:5b:8d:a0:90:d8:03:9e:d0:ca:c6:
9f:19:52:8d:6d:8b:3d:8e:35:f5:bc:90:c7:db:f8:bd:b1:b0:
b9:eb:82:9f:a0:17:cf:bb:a7:e5:87:69:9c:b1:2e:35:47:5d:
91:07:50:80:de:1b:8a:dc:3b:8b:3f:0b:66:48:33:45:db:11:
16:84:84:5c:d5:28:ae:da:f0:37:dc:ec:c2:59:d3:b8:0f:60:
ea:8e:06:0f:85:77:54:d8:25:cf:d0:e6:f8:c8:8e:c4:da:b2:
f8:27:ce:d1:73:02:11:b5:65:9f:ea:07:fe:ab:80:43:54:e3:
c9:27:c6:cf:61:8d:23:08:cf:ce:5a:38:79:53:d6:d6:c7:b6:
ca:7b:18:46
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGLb5yT96P9GakltwZJvbNNgQwLIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcyMDM2NTFaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlYjM4MTZiMjA1M2Y4OGNkODE2ODUxMDAyMDViMGY3NTAzN2IzNDE0NTVm
Yjk3YTM3YjBmNWQ3ZGUxNzJlZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCUBzccHD28Nnn9RX3/MzU/APYsMqkZZE3Wv0BJhCWoI7lhEWKdHfvB1Dz1
cnMMoFF29ejgHlsLkHCDH+4JnXTx2p2G5t4oXTMxlk91mVye7vE26NZGGxPXDPw4
vi0CRGzUboS1a1CFYHZZbK+2eoOAMbeWN/Tea0eePlW05UmHAu+zBfBsciitmUdT
R4Dd1dmkt/CuAs4EzL4BOYL7i/h21K22XtpGCAsOtOJTiVNoGdFcrftz+a0Anrn5
54Y24MAxnoNPgKiwoJxiq3PklhtAnJxK57PhzT/7+ZYFtqryPNHsD5e8Dt+OxcnL
Al949fR3JhbdzeFERVnK8UnkSp0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRKSNoY
SZ4GFEQt8AInkAjc6xuRzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDFlMDY4ZmYtNGI2OC00MWRhLTg1M2ItYzIyOGEzODJjNmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FuQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAI9R/Xol8ZUdSoSQ49HIbTEg5aH4okyAa2diEl
ntvyAl+aeOyseFcGvF8JNXl17C4EFKsCc1Gb1SaWYxCwIZFYM8EiHGC1NFO5Exl3
t/4ibKbVfzysWH5Hkkm+YBFEt0xj4qXUYMRSAlns0Ii1sKO4eRgobluNoJDYA57Q
ysafGVKNbYs9jjX1vJDH2/i9sbC564KfoBfPu6flh2mcsS41R12RB1CA3huK3DuL
PwtmSDNF2xEWhIRc1Siu2vA33OzCWdO4D2DqjgYPhXdU2CXP0Ob4yI7E2rL4J87R
cwIRtWWf6gf+q4BDVOPJJ8bPYY0jCM/OWjh5U9bWx7bKexhG
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:18 2025 by rpki-client