Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa
File: e2212154-4339-4293-b1a8-15f06519a708.roa (raw, json)
Hash identifier: Q7jtboL7TH54EBWANUl+nNXlpAb0wywyO0B+cjgy68k=
Subject key identifier: FB:16:94:E4:D7:E3:D8:79:A1:5F:B1:52:A0:43:33:7B:86:26:62:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69E5A3039C56BE2043EBD02551DFF92E49DF0E48
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa
Signing time: Wed 02 Apr 2025 00:30:26 +0000
ROA not before: Wed 02 Apr 2025 00:30:26 +0000
ROA not after: Wed 07 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:e5:a3:03:9c:56:be:20:43:eb:d0:25:51:df:f9:2e:49:df:0e:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:30:26 2025 GMT
Not After : May 7 23:59:59 2025 GMT
Subject: serialNumber=2db5c96a5bad66ddc9cf55f1307f24f7af8a23f2bc0a1dd8b669fcda10a5a38b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:37:7b:15:43:ee:43:93:b5:bf:6d:e4:4b:d8:
b3:2f:cc:3e:0d:aa:18:a3:79:db:0d:05:2c:19:75:
96:68:56:44:4a:5d:b5:30:fc:66:84:b9:90:ae:9d:
93:0f:9b:32:40:6f:c4:d4:ce:2f:4e:57:80:ec:87:
ff:66:78:fd:3a:22:bc:f7:cc:f7:ed:b5:76:8c:d9:
4f:50:4c:2e:7b:d5:73:d2:b3:0b:77:88:81:92:b7:
78:95:67:3f:8c:71:42:fa:a8:81:41:fd:6a:a9:f8:
98:b4:24:25:54:e7:70:ae:43:38:92:41:f9:fd:96:
a6:5f:ac:ad:cf:5f:fd:a8:b3:6b:de:85:b2:94:31:
74:17:16:45:91:6a:f8:0c:4b:51:b2:5a:96:07:9e:
36:4e:44:e3:57:13:84:1e:79:aa:d6:e3:9a:83:b4:
20:8f:be:32:f9:4d:cf:96:d4:04:fd:c8:3d:36:ca:
68:42:f3:1d:90:38:4c:76:67:ae:b0:6e:3f:49:cd:
d5:39:38:12:5e:16:19:77:69:47:bb:03:4e:1d:35:
0d:61:e6:fa:b4:5c:6a:0b:f9:4a:c9:e9:ec:62:3b:
38:56:33:cc:20:46:24:1c:08:61:49:cd:cf:f8:ac:
a7:6c:f7:88:45:28:5d:35:df:dd:0a:51:63:bf:4b:
f9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:16:94:E4:D7:E3:D8:79:A1:5F:B1:52:A0:43:33:7B:86:26:62:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:a000::/40
Signature Algorithm: sha256WithRSAEncryption
a3:a0:0f:2d:a4:a6:b1:0a:a6:38:f7:19:4a:56:56:80:aa:d0:
43:1b:dc:c0:87:b5:b1:50:80:e0:ca:35:ec:4d:c7:7d:71:d7:
04:5b:84:c9:60:f7:77:2a:b7:8e:73:08:3f:f7:05:09:2d:e2:
93:e1:9a:e8:fc:55:b8:6e:c2:51:7b:95:3c:a5:29:32:d3:fa:
1b:7d:f4:0e:30:3c:dc:cb:4a:00:a6:eb:7f:b1:b8:b4:e3:8a:
42:f8:d7:3d:04:7e:72:8b:ca:27:75:1f:a7:8c:53:d8:f6:c9:
e6:bc:9a:78:df:87:2c:94:58:f2:f4:4f:74:8c:75:33:7f:d6:
9f:85:32:a6:68:16:a9:5a:07:e9:98:1a:5c:90:ae:d2:cf:1b:
2d:48:01:9c:3f:dc:b0:f3:f2:85:c6:41:f2:67:f5:c0:cf:88:
ec:80:7e:2e:59:bf:58:0b:91:a8:4a:4e:92:0d:55:90:46:4d:
1a:91:ad:33:77:ee:8b:44:f6:1f:93:39:43:c2:39:d4:22:17:
e5:55:53:87:3b:bb:be:ef:c2:00:e8:e1:49:04:0b:25:c7:c4:
e0:2c:75:b3:1b:29:ae:4d:c6:66:f9:5a:24:14:6d:23:21:ca:
99:67:59:2a:79:8e:67:5a:f2:10:64:47:95:62:e5:49:cd:be:
36:fd:dd:76
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaeWjA5xWviBD69AlUd/5LknfDkgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDIwMDMwMjZaFw0yNTA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkYjVjOTZhNWJhZDY2ZGRjOWNmNTVmMTMwN2YyNGY3YWY4YTIzZjJiYzBh
MWRkOGI2NjlmY2RhMTBhNWEzOGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALM3exVD7kOTtb9t5EvYsy/MPg2qGKN52w0FLBl1lmhWREpdtTD8ZoS5kK6d
kw+bMkBvxNTOL05XgOyH/2Z4/ToivPfM9+21dozZT1BMLnvVc9KzC3eIgZK3eJVn
P4xxQvqogUH9aqn4mLQkJVTncK5DOJJB+f2Wpl+src9f/aiza96FspQxdBcWRZFq
+AxLUbJalgeeNk5E41cThB55qtbjmoO0II++MvlNz5bUBP3IPTbKaELzHZA4THZn
rrBuP0nN1Tk4El4WGXdpR7sDTh01DWHm+rRcagv5Ssnp7GI7OFYzzCBGJBwIYUnN
z/isp2z3iEUoXTXf3QpRY79L+eMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT7FpTk
1+PYeaFfsVKgQzN7hiZirTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTIyMTIxNTQtNDMzOS00MjkzLWIxYTgtMTVmMDY1MTlhNzA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+g
MA0GCSqGSIb3DQEBCwUAA4IBAQCjoA8tpKaxCqY49xlKVlaAqtBDG9zAh7WxUIDg
yjXsTcd9cdcEW4TJYPd3KreOcwg/9wUJLeKT4Zro/FW4bsJRe5U8pSky0/obffQO
MDzcy0oAput/sbi044pC+Nc9BH5yi8ondR+njFPY9snmvJp434cslFjy9E90jHUz
f9afhTKmaBapWgfpmBpckK7SzxstSAGcP9yw8/KFxkHyZ/XAz4jsgH4uWb9YC5Go
Sk6SDVWQRk0aka0zd+6LRPYfkzlDwjnUIhflVVOHO7u+78IA6OFJBAslx8TgLHWz
GymuTcZm+VokFG0jIcqZZ1kqeY5nWvIQZEeVYuVJzb42/d12
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:36:18 2025 by rpki-client