Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
File: d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa (raw, json)
Hash identifier: fyFUzoVeKroAJg0D1bUJcRozORvMiDg2zfsg5CTu9to=
Subject key identifier: E5:E1:39:8E:9D:B5:D7:55:C4:33:7B:45:62:BD:CD:3B:06:37:9C:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A28BBBE1A0A4D1F8893B7905F09C4A14C1E7D09
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
Signing time: Fri 25 Apr 2025 20:00:11 +0000
ROA not before: Fri 25 Apr 2025 20:00:11 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:28:bb:be:1a:0a:4d:1f:88:93:b7:90:5f:09:c4:a1:4c:1e:7d:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:00:11 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=dc7082d529ae4f46c6fbb670b3463468d4b59fe3052436ce4d21572812f56a80, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fd:a4:ca:95:7f:cc:62:ca:08:88:7a:d5:2d:
9e:03:f4:ac:5b:28:03:2c:1e:e4:7c:cc:8b:0b:a7:
d6:6a:97:3f:b8:c1:97:57:84:53:15:a8:59:a7:73:
01:d2:aa:d6:09:87:2f:2c:0f:9b:e6:fe:06:76:10:
48:e3:6a:cf:69:0f:33:e8:7e:1d:92:8d:ed:89:72:
3f:39:8c:42:97:87:57:31:4a:85:83:3d:49:84:55:
7c:91:4f:5e:1b:c9:3d:1d:08:b8:02:66:7a:e6:3e:
05:7a:54:1e:93:13:82:ac:7a:e6:08:46:f7:f2:d6:
a8:b6:c7:68:e1:fd:74:89:86:17:0a:97:16:e6:dc:
e9:cc:da:a5:37:98:c4:75:58:87:04:51:2e:bb:a1:
b8:07:df:42:cc:72:f6:3d:f7:2a:64:4e:71:53:87:
23:60:e2:61:fc:e2:e9:4b:2f:c4:7d:d4:d6:d6:8c:
0f:c7:26:05:b0:28:7c:b6:6a:e1:69:19:9f:68:e1:
ae:52:24:fa:97:e1:80:64:89:a9:35:62:5c:7b:b6:
66:d2:67:df:fb:87:bb:7f:28:4f:8f:5e:5c:85:3c:
66:5b:3b:57:52:cc:21:4a:f3:9c:84:40:6f:55:40:
de:86:88:b0:ce:4b:d9:c3:2c:de:66:2f:ca:31:db:
b2:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:E1:39:8E:9D:B5:D7:55:C4:33:7B:45:62:BD:CD:3B:06:37:9C:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:1000::/40
Signature Algorithm: sha256WithRSAEncryption
64:f4:34:9d:5f:57:65:5b:37:50:58:50:30:cd:c7:60:ff:c5:
c4:f5:9c:c1:6c:23:1c:b0:f2:ac:4e:60:18:27:5a:c9:52:c5:
87:34:90:d0:d3:cc:74:91:65:33:e1:f7:60:30:52:03:57:9b:
b3:c1:39:66:11:1d:b6:6b:2c:17:e3:5c:5d:90:2b:00:94:30:
4b:ee:e8:06:11:05:19:bd:08:df:cb:f1:00:81:9b:bb:3a:b8:
dc:23:ff:da:55:b4:ab:3a:62:8c:b3:99:fe:9e:da:82:6c:d5:
77:f8:6c:72:de:82:68:77:51:89:5d:2d:cb:93:fc:02:1d:17:
fb:d1:a6:94:50:5b:4f:51:bb:89:85:9b:a6:c0:a7:56:05:08:
b3:7b:cb:35:db:c6:b2:83:5c:7c:5c:45:30:2c:96:61:e5:e5:
23:3d:d4:65:62:1e:7d:88:04:4a:c7:b7:53:dc:96:e3:02:4d:
51:00:89:aa:13:cc:d5:96:09:66:17:ed:5f:4c:58:84:27:f8:
75:b1:24:c3:84:69:e9:99:c2:04:cd:bc:fc:9d:cb:66:f6:b9:
8d:e6:a9:e0:f4:c3:e7:20:39:1c:68:96:e4:f8:ff:9b:cf:c8:
50:8a:55:2a:4d:ca:bd:87:24:dc:3a:1c:7b:72:72:0f:9b:4e:
72:e7:6f:ec
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGii7vhoKTR+Ik7eQXwnEoUwefQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAwMTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjNzA4MmQ1MjlhZTRmNDZjNmZiYjY3MGIzNDYzNDY4ZDRiNTlmZTMwNTI0
MzZjZTRkMjE1NzI4MTJmNTZhODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMn9pMqVf8xiygiIetUtngP0rFsoAywe5HzMiwun1mqXP7jBl1eEUxWoWadz
AdKq1gmHLywPm+b+BnYQSONqz2kPM+h+HZKN7YlyPzmMQpeHVzFKhYM9SYRVfJFP
XhvJPR0IuAJmeuY+BXpUHpMTgqx65ghG9/LWqLbHaOH9dImGFwqXFubc6czapTeY
xHVYhwRRLruhuAffQsxy9j33KmROcVOHI2DiYfzi6UsvxH3U1taMD8cmBbAofLZq
4WkZn2jhrlIk+pfhgGSJqTViXHu2ZtJn3/uHu38oT49eXIU8Zls7V1LMIUrznIRA
b1VA3oaIsM5L2cMs3mYvyjHbshcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTl4TmO
nbXXVcQze0Vivc07BjecrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDM4NWZmNGItN2Y4ZS00NWQyLThmOGItZmNkZTE0MjZhMDUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBk9DSdX1dlWzdQWFAwzcdg/8XE9ZzBbCMcsPKs
TmAYJ1rJUsWHNJDQ08x0kWUz4fdgMFIDV5uzwTlmER22aywX41xdkCsAlDBL7ugG
EQUZvQjfy/EAgZu7OrjcI//aVbSrOmKMs5n+ntqCbNV3+Gxy3oJod1GJXS3Lk/wC
HRf70aaUUFtPUbuJhZumwKdWBQize8s128ayg1x8XEUwLJZh5eUjPdRlYh59iARK
x7dT3JbjAk1RAImqE8zVlglmF+1fTFiEJ/h1sSTDhGnpmcIEzbz8nctm9rmN5qng
9MPnIDkcaJbk+P+bz8hQilUqTcq9hyTcOhx7cnIPm05y52/s
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:06 2025 by rpki-client