Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6d93bd5-1d52-4263-8712-a4d5b929470f.roa
File: d6d93bd5-1d52-4263-8712-a4d5b929470f.roa (raw, json)
Hash identifier: ZL29fIWtX9E7/AB4VbMXehPHRlh4cozAUISc1fX4C+0=
Subject key identifier: 9B:2B:7E:46:8E:AA:00:EF:D3:D2:34:B4:15:49:84:99:FF:F7:82:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3E6C3892B2759771EE921D18BDF822A4C15229
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6d93bd5-1d52-4263-8712-a4d5b929470f.roa
Signing time: Wed 16 Apr 2025 19:22:25 +0000
ROA not before: Wed 16 Apr 2025 19:22:25 +0000
ROA not after: Wed 21 May 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:6c:38:92:b2:75:97:71:ee:92:1d:18:bd:f8:22:a4:c1:52:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 16 19:22:25 2025 GMT
Not After : May 21 23:59:59 2025 GMT
Subject: serialNumber=3983bf13af4c05b5487ca6abdf5ebcb3306cbbca9501fe1d0863a8d92ee898fb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a8:2c:75:ba:cf:8e:fd:a0:39:74:6e:f1:e9:
5e:53:cf:19:7f:44:92:c2:5d:c2:dc:5e:ea:5e:16:
5e:eb:d0:c0:56:67:c6:e4:68:ef:2f:e4:a4:29:6a:
70:57:f3:cb:cb:d9:30:ce:30:d5:e3:92:8f:7c:79:
e3:95:c0:8f:ca:b6:59:c8:0e:85:6d:1c:23:bf:80:
31:48:d7:94:39:53:4c:1a:9c:e7:d3:28:1c:e0:e3:
db:29:af:76:75:8a:ba:ed:1b:c2:49:5b:72:38:0a:
dd:1b:bc:0a:4b:2f:67:62:19:11:d6:80:7f:4a:cc:
16:b4:69:6f:a9:42:8f:2c:eb:ca:d7:3d:f0:5a:09:
d9:96:61:bf:01:79:55:ef:2c:a4:72:a0:46:bb:ed:
0d:3e:87:24:10:45:3d:cd:16:7a:00:9d:49:18:c1:
17:e7:c3:2d:8a:5f:ab:8b:b3:ca:f4:fb:97:9b:3d:
50:b9:62:e1:05:e2:d6:cf:a2:da:29:11:66:5e:78:
8b:b3:42:d7:6e:52:73:08:36:11:2d:9e:5b:eb:bf:
09:dc:2b:0b:06:63:f4:56:72:23:01:38:5b:12:02:
75:87:19:a3:a6:fd:fd:c6:a3:73:76:40:dc:66:92:
a8:ed:3a:6a:88:92:2c:da:b5:78:69:f5:d6:a2:48:
39:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:2B:7E:46:8E:AA:00:EF:D3:D2:34:B4:15:49:84:99:FF:F7:82:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6d93bd5-1d52-4263-8712-a4d5b929470f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:4000::/40
Signature Algorithm: sha256WithRSAEncryption
28:5c:11:07:2d:9d:83:dc:25:86:4a:a4:9a:1b:d8:ed:c8:69:
8e:1e:44:22:ca:bd:a3:d2:f8:d6:c1:c1:03:b7:21:02:94:2a:
82:03:ac:17:c8:12:30:84:8e:a6:21:33:1e:a4:01:07:21:b7:
e6:38:8b:2b:8b:8b:3d:2c:0d:30:2b:3c:8b:3f:5d:b0:68:f5:
b2:8e:51:25:57:27:9c:f9:3a:d1:6a:e9:30:4b:4a:d4:07:f0:
19:0d:1a:5d:04:1f:49:c1:8b:69:64:80:35:01:17:8e:2b:a4:
95:d6:68:56:65:74:ea:a5:b8:14:e9:96:d4:74:bb:0c:ba:5d:
2a:25:09:01:c0:7f:2b:ca:36:e5:e7:75:26:60:9d:e7:92:bf:
3a:a3:03:42:ac:23:50:40:be:96:fc:7c:4c:44:47:13:29:ed:
4d:b2:89:5f:45:f3:f0:dd:0a:37:74:0d:e3:81:6c:ab:d7:9a:
73:6b:0c:3f:a7:db:18:a2:a9:d6:82:2f:ad:0d:ef:56:e3:03:
a0:ea:a0:34:9d:0a:c3:50:49:11:54:4a:94:5f:c7:8a:18:3e:
91:07:cb:84:a9:8e:a9:0b:10:2f:05:3b:60:d7:69:54:b5:56:
14:c6:0f:05:13:1c:7e:13:91:4f:fd:fc:32:63:58:d8:77:56:
21:52:82:6a
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgITPmw4krJ1l3Hukh0YvfgipMFSKTANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDQxNjE5MjIyNVoXDTI1MDUyMTIzNTk1OVowejFJMEcGA1UE
BRNAMzk4M2JmMTNhZjRjMDViNTQ4N2NhNmFiZGY1ZWJjYjMzMDZjYmJjYTk1MDFm
ZTFkMDg2M2E4ZDkyZWU4OThmYjEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArqgsdbrPjv2gOXRu8eleU88Zf0SSwl3C3F7qXhZe69DAVmfG5GjvL+SkKWpw
V/PLy9kwzjDV45KPfHnjlcCPyrZZyA6FbRwjv4AxSNeUOVNMGpzn0ygc4OPbKa92
dYq67RvCSVtyOArdG7wKSy9nYhkR1oB/SswWtGlvqUKPLOvK1z3wWgnZlmG/AXlV
7yykcqBGu+0NPockEEU9zRZ6AJ1JGMEX58Mtil+ri7PK9PuXmz1QuWLhBeLWz6La
KRFmXniLs0LXblJzCDYRLZ5b678J3CsLBmP0VnIjAThbEgJ1hxmjpv39xqNzdkDc
ZpKo7TpqiJIs2rV4afXWokg5vQIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFJsrfkaO
qgDv09I0tBVJhJn/94LnMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC9k
NmQ5M2JkNS0xZDUyLTQyNjMtODcxMi1hNGQ1YjkyOTQ3MGYucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQdEAw
DQYJKoZIhvcNAQELBQADggEBAChcEQctnYPcJYZKpJob2O3IaY4eRCLKvaPS+NbB
wQO3IQKUKoIDrBfIEjCEjqYhMx6kAQcht+Y4iyuLiz0sDTArPIs/XbBo9bKOUSVX
J5z5OtFq6TBLStQH8BkNGl0EH0nBi2lkgDUBF44rpJXWaFZldOqluBTpltR0uwy6
XSolCQHAfyvKNuXndSZgneeSvzqjA0KsI1BAvpb8fExERxMp7U2yiV9F8/DdCjd0
DeOBbKvXmnNrDD+n2xiiqdaCL60N71bjA6DqoDSdCsNQSRFUSpRfx4oYPpEHy4Sp
jqkLEC8FO2DXaVS1VhTGDwUTHH4TkU/9/DJjWNh3ViFSgmo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:30 2025 by rpki-client