Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
File: d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa (raw, json)
Hash identifier: lr7lBmv8s8KzbEzIlvvUXPMROwS+HMq09+ZieicDvfE=
Subject key identifier: 2B:95:2D:ED:BB:E3:CE:A3:0E:4E:8D:85:AC:9F:4E:64:24:11:A6:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 199B821A5727F8F200F61B6664596BD0198A8FFB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
Signing time: Fri 25 Apr 2025 20:10:19 +0000
ROA not before: Fri 25 Apr 2025 20:10:19 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:9b:82:1a:57:27:f8:f2:00:f6:1b:66:64:59:6b:d0:19:8a:8f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:10:19 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=471206b48a90432eb33ed80ca26897f54dd10e3c51f4bdfad5c900b287734773, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d0:0e:a3:3a:2f:67:cb:8f:6d:db:fd:26:20:
66:04:25:a9:9f:87:16:87:52:2c:91:5e:19:47:a5:
a7:c5:8e:7e:be:ab:8f:e3:9f:b6:8d:b1:71:c3:2b:
b9:23:f6:e4:15:5d:af:6d:ad:f6:86:bf:f5:1d:cc:
18:80:55:16:d7:93:06:e4:3e:0e:52:c8:c3:cb:a3:
f5:72:5c:2e:c6:8b:e3:00:9e:1f:fe:07:01:1a:bc:
5f:53:55:7a:1c:1b:12:eb:94:8e:a3:a6:c0:40:54:
d8:b4:d5:d2:a2:07:5f:36:69:db:2a:7a:65:6d:6e:
4b:e1:5d:b7:94:41:c7:07:2c:2b:48:a8:9e:57:10:
ef:8c:a1:b7:ce:99:c3:c7:6a:5d:cb:bb:fb:6c:7f:
17:5d:e0:0f:8c:9e:85:f4:41:01:bc:b8:e6:d0:84:
5a:a4:9f:b6:5f:96:a3:26:1c:37:13:07:8d:e4:1f:
83:33:3f:1d:99:02:36:fd:57:f3:83:0e:75:09:be:
99:6a:23:ec:90:3d:1a:1a:fd:b9:3f:19:b4:93:57:
bc:c5:c4:0f:21:ca:a6:6d:22:ef:8f:8f:0f:c2:b8:
12:ad:9e:60:c6:ea:07:10:6e:1a:b7:42:d2:0a:08:
0e:e8:05:bd:a9:51:1c:2e:12:9a:d1:95:cf:86:a4:
16:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:95:2D:ED:BB:E3:CE:A3:0E:4E:8D:85:AC:9F:4E:64:24:11:A6:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016:400::/38
Signature Algorithm: sha256WithRSAEncryption
2c:6f:df:81:38:89:ac:9d:32:31:2e:d6:dc:3d:06:08:2c:55:
84:75:5a:83:4e:2f:28:e0:a2:d3:c9:33:c9:01:a2:e3:04:2a:
47:7c:86:c6:1b:a8:4f:00:d9:b6:98:16:38:5e:d8:ad:f9:c7:
a5:51:8a:be:e9:63:2e:fe:63:47:ec:78:8e:5f:71:a5:f0:9a:
27:f0:96:46:a9:1c:9a:53:64:de:73:31:26:c5:81:fa:b1:c4:
81:4e:af:1e:38:50:fe:c8:c7:84:ed:b0:4b:21:ce:cd:69:9e:
6c:b2:75:e1:f1:7e:cd:59:0f:32:02:18:ab:a9:8a:3e:ad:68:
07:d0:05:a8:39:e0:1a:18:42:45:ee:09:75:c8:c6:84:f7:5a:
fc:4d:ef:e3:04:f3:12:d5:e7:03:70:7f:e0:2c:e3:0e:ac:b4:
26:b5:c6:16:c1:8f:95:75:3d:81:e6:62:62:6b:4a:99:6a:64:
2e:f9:70:cb:23:a2:7c:1f:7f:b9:78:5a:28:05:02:90:3d:3c:
59:29:45:59:7b:23:ec:ee:f0:3a:e8:05:d2:b9:18:4e:c4:ad:
73:9c:4a:42:91:0f:f2:32:a8:8c:89:14:e4:80:00:0a:ca:99:
56:45:58:f7:43:53:f6:70:3f:6c:af:d8:02:7a:26:bc:bc:7f:
cc:90:2f:35
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGZuCGlcn+PIA9htmZFlr0BmKj/swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDEwMTlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3MTIwNmI0OGE5MDQzMmViMzNlZDgwY2EyNjg5N2Y1NGRkMTBlM2M1MWY0
YmRmYWQ1YzkwMGIyODc3MzQ3NzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7QDqM6L2fLj23b/SYgZgQlqZ+HFodSLJFeGUelp8WOfr6rj+Ofto2xccMr
uSP25BVdr22t9oa/9R3MGIBVFteTBuQ+DlLIw8uj9XJcLsaL4wCeH/4HARq8X1NV
ehwbEuuUjqOmwEBU2LTV0qIHXzZp2yp6ZW1uS+Fdt5RBxwcsK0ionlcQ74yht86Z
w8dqXcu7+2x/F13gD4yehfRBAby45tCEWqSftl+WoyYcNxMHjeQfgzM/HZkCNv1X
84MOdQm+mWoj7JA9Ghr9uT8ZtJNXvMXEDyHKpm0i74+PD8K4Eq2eYMbqBxBuGrdC
0goIDugFvalRHC4SmtGVz4akFmECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQrlS3t
u+POow5OjYWsn05kJBGmYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDNhYzhhMGEtOGQwNi00MGRlLWEyOTItY2I4MjRiN2M0OGI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYE
MA0GCSqGSIb3DQEBCwUAA4IBAQAsb9+BOImsnTIxLtbcPQYILFWEdVqDTi8o4KLT
yTPJAaLjBCpHfIbGG6hPANm2mBY4Xtit+celUYq+6WMu/mNH7HiOX3Gl8Jon8JZG
qRyaU2TeczEmxYH6scSBTq8eOFD+yMeE7bBLIc7NaZ5ssnXh8X7NWQ8yAhirqYo+
rWgH0AWoOeAaGEJF7gl1yMaE91r8Te/jBPMS1ecDcH/gLOMOrLQmtcYWwY+VdT2B
5mJia0qZamQu+XDLI6J8H3+5eFooBQKQPTxZKUVZeyPs7vA66AXSuRhOxK1znEpC
kQ/yMqiMiRTkgAAKyplWRVj3Q1P2cD9sr9gCeia8vH/MkC81
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:11 2025 by rpki-client