Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e875eadd-6478-4ac0-8792-06722aa80dd0.roa
File: e875eadd-6478-4ac0-8792-06722aa80dd0.roa (raw, json)
Hash identifier: ksKYCzSGsn3+/IgiMtvjzDBvk4SiMPROhJ8jmaWx1D8=
Subject key identifier: 8F:8D:11:EB:31:B5:0D:CB:02:14:33:66:3D:0E:BD:CE:58:06:7E:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 647ADC7C7BA1DE39005C18F59D1D7F5E4EC06A53
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e875eadd-6478-4ac0-8792-06722aa80dd0.roa
Signing time: Tue 20 May 2025 18:41:42 +0000
ROA not before: Tue 20 May 2025 18:41:42 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:7a:dc:7c:7b:a1:de:39:00:5c:18:f5:9d:1d:7f:5e:4e:c0:6a:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:41:42 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=1246167d03f33f7a7bf31073465bdc065bb8cd4c97ce64ea546090e9fa7d9cfd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:60:a4:60:1c:c8:60:19:55:54:d5:99:7e:c9:
72:0d:72:8d:e7:ae:52:99:33:8c:f9:1a:ab:21:87:
6a:3d:9b:ce:f7:9c:30:0c:a5:45:b2:5d:b2:4d:59:
36:d5:a7:8e:7b:56:cc:54:bc:1f:cc:d1:c8:33:84:
f5:95:b4:95:a4:0b:6d:7c:78:db:2b:de:87:cc:b4:
92:62:c7:b9:27:85:8d:d2:90:b0:fc:1b:5a:90:fe:
43:92:4e:fe:07:64:63:cf:da:73:7d:ca:f2:a4:9f:
d7:77:87:ce:05:0b:2a:98:7f:14:37:e9:8e:c9:23:
c3:0c:4e:db:12:8d:28:1c:d8:82:4d:7d:18:e9:b3:
15:07:ae:72:e7:58:ed:5f:5f:bc:40:91:c3:4e:49:
b4:b2:dc:76:90:8e:08:fd:68:e5:48:8b:53:e4:48:
3f:04:29:5d:11:c0:de:e7:1d:24:4a:aa:ad:ae:2a:
21:c8:a2:66:b6:88:a0:21:59:2b:a2:b5:10:03:ee:
28:55:c7:0b:07:c7:0d:78:eb:99:ae:34:a4:8f:4b:
c0:05:c4:30:38:f2:d9:d8:88:8c:cd:b9:57:49:6e:
25:87:0b:da:85:2b:90:44:5c:fd:91:e1:74:73:ad:
01:d4:84:c7:9f:e8:43:17:a0:43:b4:b9:23:db:c5:
c8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:8D:11:EB:31:B5:0D:CB:02:14:33:66:3D:0E:BD:CE:58:06:7E:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e875eadd-6478-4ac0-8792-06722aa80dd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
8d:0c:04:3b:f1:1d:f8:2f:88:90:c3:73:89:c0:2c:df:39:fa:
38:99:88:dd:d5:c8:0e:f0:0f:33:c0:71:9a:ab:27:05:67:31:
0f:c0:05:0f:4c:0b:db:45:1f:23:76:97:22:9f:e2:02:81:2c:
45:43:74:87:96:5e:b4:67:d3:66:da:69:5a:57:ee:90:ee:77:
29:bb:72:a3:79:54:fb:eb:ff:53:8a:43:11:9a:30:e4:ce:dc:
8a:28:b6:bc:69:75:ea:0e:04:d3:24:7e:e5:e5:a2:65:d2:60:
65:b5:69:7e:fc:80:d3:65:7a:ff:20:20:2f:f9:ae:6a:93:6e:
f3:f9:60:0f:08:aa:bf:86:96:fc:89:e8:d9:cf:4d:92:ab:0f:
fc:f2:41:77:58:0d:4e:e4:fb:ac:51:ba:64:a4:bc:1b:58:db:
00:19:bb:6a:bc:f8:c1:2f:94:94:8f:a4:b3:73:45:bf:72:95:
05:27:61:ec:31:2c:bb:d6:62:f2:e7:9b:f5:49:e1:f0:ce:76:
46:83:45:a3:3a:f9:f5:13:95:ad:82:13:f7:b7:7b:11:92:27:
b0:9e:d0:7c:53:f4:43:47:f7:54:11:b8:7b:5b:12:fe:f6:ba:
7b:e7:e1:19:21:cb:23:9c:ba:aa:5e:d1:42:0a:3c:23:fb:fb:
53:2f:90:09
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZHrcfHuh3jkAXBj1nR1/Xk7AalMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQxNDJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyNDYxNjdkMDNmMzNmN2E3YmYzMTA3MzQ2NWJkYzA2NWJiOGNkNGM5N2Nl
NjRlYTU0NjA5MGU5ZmE3ZDljZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBgpGAcyGAZVVTVmX7Jcg1yjeeuUpkzjPkaqyGHaj2bzvecMAylRbJdsk1Z
NtWnjntWzFS8H8zRyDOE9ZW0laQLbXx42yveh8y0kmLHuSeFjdKQsPwbWpD+Q5JO
/gdkY8/ac33K8qSf13eHzgULKph/FDfpjskjwwxO2xKNKBzYgk19GOmzFQeucudY
7V9fvECRw05JtLLcdpCOCP1o5UiLU+RIPwQpXRHA3ucdJEqqra4qIciiZraIoCFZ
K6K1EAPuKFXHCwfHDXjrma40pI9LwAXEMDjy2diIjM25V0luJYcL2oUrkERc/ZHh
dHOtAdSEx5/oQxegQ7S5I9vFyLUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSPjRHr
MbUNywIUM2Y9Dr3OWAZ+RjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg3NWVhZGQtNjQ3OC00YWMwLTg3OTItMDY3MjJhYTgwZGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
wDANBgkqhkiG9w0BAQsFAAOCAQEAjQwEO/Ed+C+IkMNzicAs3zn6OJmI3dXIDvAP
M8BxmqsnBWcxD8AFD0wL20UfI3aXIp/iAoEsRUN0h5ZetGfTZtppWlfukO53Kbty
o3lU++v/U4pDEZow5M7ciii2vGl16g4E0yR+5eWiZdJgZbVpfvyA02V6/yAgL/mu
apNu8/lgDwiqv4aW/Ino2c9NkqsP/PJBd1gNTuT7rFG6ZKS8G1jbABm7arz4wS+U
lI+ks3NFv3KVBSdh7DEsu9Zi8ueb9Unh8M52RoNFozr59ROVrYIT97d7EZInsJ7Q
fFP0Q0f3VBG4e1sS/va6e+fhGSHLI5y6ql7RQgo8I/v7Uy+QCQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:23 2025 by rpki-client