Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa
File: df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa (raw, json)
Hash identifier: m9pWULsQFIFzSRv0v64CplqmLvfDkN0cFgpCGVpgj4s=
Subject key identifier: C8:35:CE:F9:DB:16:44:02:61:46:39:F1:77:70:EC:1F:5D:81:62:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 08ECE935E8749978C39FD54E6FD04B211CF18AB9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa
Signing time: Thu 22 May 2025 01:22:19 +0000
ROA not before: Thu 22 May 2025 01:22:19 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:ec:e9:35:e8:74:99:78:c3:9f:d5:4e:6f:d0:4b:21:1c:f1:8a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:22:19 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=e4b024b71dfdbe584ae5091cc36047024d0655a232df0b7753d59cb039e15fe1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bc:98:f3:fb:7b:f2:12:7a:f7:44:80:f3:bd:
ed:3c:86:a0:89:6d:a1:ed:83:1c:9c:aa:ee:7c:e2:
b9:00:6c:5c:20:70:77:94:30:87:98:b7:6e:f8:87:
13:88:74:dc:ff:1e:5b:40:7f:33:38:a4:6a:46:d7:
07:c2:5c:b4:90:ea:8a:5d:6b:26:08:0f:01:60:32:
41:ea:00:e7:1e:1a:c7:aa:c7:da:ad:6b:4f:52:e5:
88:9f:b6:5f:0a:78:b9:6d:77:8e:75:ca:7d:c8:d8:
45:e6:5e:16:c5:ea:9a:07:52:d8:a7:66:fb:44:fe:
bb:a8:ee:f6:ba:e1:80:83:4e:85:e4:e5:9f:ae:65:
dc:b1:a2:8a:03:4e:12:ec:1d:00:42:15:15:e5:48:
9e:13:1a:d2:08:e6:0a:e8:f9:7a:0b:7a:b3:d2:32:
3b:27:39:27:d1:a9:39:9a:d2:91:32:1e:1c:5b:f8:
27:28:28:2a:fb:9f:b5:eb:38:b1:fc:e0:a6:3b:c5:
96:49:11:21:97:de:04:ab:e2:e4:26:a8:d5:08:71:
d2:7f:13:be:9a:9e:6d:a3:6b:1f:ba:fb:fd:67:cd:
4d:7f:95:65:27:e8:05:00:fd:f2:ff:ff:07:2a:25:
2d:2a:77:76:b5:21:59:5e:e4:dc:3b:8b:db:2d:4b:
05:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:35:CE:F9:DB:16:44:02:61:46:39:F1:77:70:EC:1F:5D:81:62:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:c000::/40
Signature Algorithm: sha256WithRSAEncryption
60:4a:27:a9:1e:ac:bd:33:82:ee:c5:07:06:f3:09:93:e8:b3:
7a:1a:bd:62:b1:c6:44:93:f8:f1:ee:5a:d2:5b:42:c3:27:d0:
65:bb:fd:a9:e3:34:a3:c5:ff:f7:8a:c1:c0:d2:95:0d:ca:85:
67:74:68:54:4d:c9:54:31:c9:4e:57:68:93:d5:46:a4:64:64:
34:5c:02:b6:c9:2a:d9:78:e8:63:0d:c0:23:67:15:20:79:16:
d8:1f:c9:36:af:93:51:9c:c9:ee:16:31:30:0e:ef:0c:a7:46:
77:17:64:df:58:60:36:4b:e9:39:d0:4c:58:b5:ed:57:29:18:
39:be:3b:2b:a1:35:5a:d3:a2:d8:35:70:be:56:6b:36:3b:d4:
d1:18:68:73:1e:16:95:93:f6:a0:cd:6a:bd:06:7f:a8:e3:fe:
ff:4f:68:c7:99:f3:b9:af:4e:bb:87:8c:a7:c5:e5:a5:62:92:
16:7d:6b:68:e2:bc:39:e5:56:6f:bf:8e:4a:35:dd:8d:9f:a6:
45:40:e5:a5:f4:fa:e5:f0:79:8a:96:0b:15:2d:3c:7d:73:b4:
8d:b6:4d:36:05:09:25:34:51:05:41:2d:b5:aa:98:f7:b9:4e:
9e:52:85:31:1d:01:67:6b:9c:a7:d6:46:90:e5:c6:58:74:52:
87:7c:56:e1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCOzpNeh0mXjDn9VOb9BLIRzxirkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTIyMTlaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0YjAyNGI3MWRmZGJlNTg0YWU1MDkxY2MzNjA0NzAyNGQwNjU1YTIzMmRm
MGI3NzUzZDU5Y2IwMzllMTVmZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKS8mPP7e/ISevdEgPO97TyGoIltoe2DHJyq7nziuQBsXCBwd5Qwh5i3bviH
E4h03P8eW0B/MzikakbXB8JctJDqil1rJggPAWAyQeoA5x4ax6rH2q1rT1LliJ+2
Xwp4uW13jnXKfcjYReZeFsXqmgdS2Kdm+0T+u6ju9rrhgINOheTln65l3LGiigNO
EuwdAEIVFeVInhMa0gjmCuj5egt6s9IyOyc5J9GpOZrSkTIeHFv4JygoKvuftes4
sfzgpjvFlkkRIZfeBKvi5Cao1Qhx0n8TvpqebaNrH7r7/WfNTX+VZSfoBQD98v//
ByolLSp3drUhWV7k3DuL2y1LBacCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTINc75
2xZEAmFGOfF3cOwfXYFiWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGYzOGMwMGItYTZiMy00ZTYzLTlmNjktYjhjMzg1NmViZGY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G3A
MA0GCSqGSIb3DQEBCwUAA4IBAQBgSiepHqy9M4LuxQcG8wmT6LN6Gr1iscZEk/jx
7lrSW0LDJ9Blu/2p4zSjxf/3isHA0pUNyoVndGhUTclUMclOV2iT1UakZGQ0XAK2
ySrZeOhjDcAjZxUgeRbYH8k2r5NRnMnuFjEwDu8Mp0Z3F2TfWGA2S+k50ExYte1X
KRg5vjsroTVa06LYNXC+Vms2O9TRGGhzHhaVk/agzWq9Bn+o4/7/T2jHmfO5r067
h4ynxeWlYpIWfWto4rw55VZvv45KNd2Nn6ZFQOWl9Prl8HmKlgsVLTx9c7SNtk02
BQklNFEFQS21qpj3uU6eUoUxHQFna5yn1kaQ5cZYdFKHfFbh
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:36 2025 by rpki-client