Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e584cad3-b485-48b5-a920-636e55268d8b.roa
File: e584cad3-b485-48b5-a920-636e55268d8b.roa (raw, json)
Hash identifier: +TOEtZR5e9YEJaNbn7/chvLlqCO6Co+uNvoOnxlwDwE=
Subject key identifier: E6:EA:52:1A:25:7B:68:BF:9D:9D:CE:89:9D:C7:A6:F6:44:03:87:98
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52EA6917A4B17BB4918094CE58401562145CB17F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e584cad3-b485-48b5-a920-636e55268d8b.roa
Signing time: Tue 20 May 2025 19:00:05 +0000
ROA not before: Tue 20 May 2025 19:00:05 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:ea:69:17:a4:b1:7b:b4:91:80:94:ce:58:40:15:62:14:5c:b1:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:00:05 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=cb9ec065816f02aed60af4424672332b34360708bb465d7d833fb9a740fd61ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:db:13:9f:c8:9c:08:93:5e:e2:7d:d3:e3:ae:
96:18:20:e5:64:1e:21:08:c1:12:2c:ab:55:5b:3c:
3f:c9:73:f8:57:bc:f2:30:d8:b3:8c:31:48:ed:65:
19:b1:eb:ae:c6:a2:9b:92:7b:2c:af:2a:ba:e1:ac:
8b:97:58:b9:23:3c:72:d5:d4:46:a5:d6:a2:2d:ef:
e1:ff:8f:91:9b:c1:08:fd:b1:04:05:b0:d8:88:91:
05:57:b6:b8:fe:f7:f0:b3:89:c4:0f:00:d3:99:19:
2f:45:63:fd:2f:37:75:99:90:de:b7:00:a2:df:48:
18:9c:75:c7:8e:a3:9a:94:e6:d0:94:1e:c2:35:7d:
70:c0:fc:a8:31:e4:2b:50:da:9f:54:cb:a5:b8:ae:
7b:2c:62:af:36:ff:f6:c9:ac:49:00:75:3a:6f:a6:
b8:b7:a3:24:46:99:79:3e:57:fc:8f:78:34:04:d6:
57:fb:d5:4d:74:56:f7:26:3a:84:90:57:50:7c:47:
62:27:48:1c:ae:a9:e3:cf:d1:bc:6f:50:90:2b:d8:
20:4a:c5:62:d2:18:d4:da:a7:36:20:1e:f9:6e:c2:
c3:3f:de:c1:c7:1e:be:ba:29:c8:d9:94:39:eb:d3:
3d:95:ab:59:19:bb:01:62:fa:e1:f0:24:65:d4:64:
6f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:EA:52:1A:25:7B:68:BF:9D:9D:CE:89:9D:C7:A6:F6:44:03:87:98
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e584cad3-b485-48b5-a920-636e55268d8b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
59:55:c6:cb:ad:24:6c:54:6d:6b:0d:16:40:3d:b3:f8:a8:32:
b9:1f:64:ed:c2:4c:02:87:6c:1e:89:d6:2d:39:95:89:99:4a:
a8:c4:24:27:51:04:9c:89:eb:82:4a:33:1a:57:3e:58:7a:72:
b0:4d:11:2c:72:7f:c0:69:2c:33:95:11:32:c3:11:2b:7b:f5:
b7:dd:7f:72:5d:34:6f:ec:a5:99:27:85:3e:87:30:80:b9:ec:
0d:9d:32:cc:66:25:0c:06:46:ec:0b:d4:45:93:43:2a:4c:6d:
e0:38:c5:27:62:2b:62:ed:a0:59:c7:32:21:a0:98:a3:03:77:
bc:ad:f2:93:1e:06:06:1f:9a:e5:d0:f1:8b:bf:b9:f8:ec:05:
35:6c:ac:b3:47:45:a2:cc:9e:44:ca:0b:e6:56:a2:f1:4a:d6:
e0:44:79:04:69:8e:ca:a5:fe:6c:e0:ad:2c:d5:27:e1:bb:ac:
be:cc:5a:6f:6a:d0:93:d5:b9:72:45:8a:fb:5c:89:dd:8a:ad:
58:99:83:e9:8b:1e:e3:b5:77:db:eb:87:26:77:ab:10:04:4c:
fc:fe:65:b6:d5:82:38:6d:d0:fd:30:f4:ae:b3:d9:99:8c:2d:
f7:fd:05:fa:94:48:9b:1f:88:9b:ec:67:aa:f5:8d:c4:ea:51:
4d:70:99:b9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUuppF6Sxe7SRgJTOWEAVYhRcsX8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAwMDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiOWVjMDY1ODE2ZjAyYWVkNjBhZjQ0MjQ2NzIzMzJiMzQzNjA3MDhiYjQ2
NWQ3ZDgzM2ZiOWE3NDBmZDYxYWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbbE5/InAiTXuJ90+Oulhgg5WQeIQjBEiyrVVs8P8lz+Fe88jDYs4wxSO1l
GbHrrsaim5J7LK8quuGsi5dYuSM8ctXURqXWoi3v4f+PkZvBCP2xBAWw2IiRBVe2
uP738LOJxA8A05kZL0Vj/S83dZmQ3rcAot9IGJx1x46jmpTm0JQewjV9cMD8qDHk
K1Dan1TLpbiueyxirzb/9smsSQB1Om+muLejJEaZeT5X/I94NATWV/vVTXRW9yY6
hJBXUHxHYidIHK6p48/RvG9QkCvYIErFYtIY1NqnNiAe+W7Cwz/ewccevropyNmU
OevTPZWrWRm7AWL64fAkZdRkb2MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTm6lIa
JXtov52dzomdx6b2RAOHmDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTU4NGNhZDMtYjQ4NS00OGI1LWE5MjAtNjM2ZTU1MjY4ZDhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
wDANBgkqhkiG9w0BAQsFAAOCAQEAWVXGy60kbFRtaw0WQD2z+KgyuR9k7cJMAods
HonWLTmViZlKqMQkJ1EEnInrgkozGlc+WHpysE0RLHJ/wGksM5URMsMRK3v1t91/
cl00b+ylmSeFPocwgLnsDZ0yzGYlDAZG7AvURZNDKkxt4DjFJ2IrYu2gWccyIaCY
owN3vK3ykx4GBh+a5dDxi7+5+OwFNWyss0dFosyeRMoL5lai8UrW4ER5BGmOyqX+
bOCtLNUn4busvsxab2rQk9W5ckWK+1yJ3YqtWJmD6Yse47V32+uHJnerEARM/P5l
ttWCOG3Q/TD0rrPZmYwt9/0F+pRImx+Im+xnqvWNxOpRTXCZuQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:14 2025 by rpki-client