Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
File: f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa (raw, json)
Hash identifier: QH+mNmAvsb7mkS3X6xAN3Ao8IIs1JdBKP3gXYnxd8EI=
Subject key identifier: 76:C1:3E:E2:40:D6:F2:9B:44:2B:92:5F:59:15:77:5D:93:A2:44:23
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 573D9E0DDED86B66CBE418771FF95410F1AF02
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
Signing time: Tue 20 May 2025 19:01:21 +0000
ROA not before: Tue 20 May 2025 19:01:21 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:3d:9e:0d:de:d8:6b:66:cb:e4:18:77:1f:f9:54:10:f1:af:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:01:21 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=5f41ebde3df96ec15a819710a062cc5e7227ca9081d3b15d3ddcc95dad92da02, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:48:e1:e1:e0:65:0b:0b:22:e7:ac:13:7f:ad:
8b:de:49:7c:c9:89:ea:55:c7:67:df:b1:cf:05:ed:
29:f3:21:38:0b:26:4c:0a:f8:52:d9:e6:e9:73:37:
00:29:81:cc:fb:f5:3b:96:f9:7c:f6:ab:2c:2c:24:
09:af:8e:f0:83:ce:6c:ef:55:fe:cd:45:9c:bc:6e:
c1:80:e7:dc:09:25:14:17:ab:d7:51:95:29:a0:0c:
90:45:43:fd:bd:78:9d:17:a9:21:d6:63:a6:84:66:
18:1f:15:97:e9:eb:9e:ea:0d:76:1d:dc:f8:11:7e:
f7:a8:42:ef:09:88:3a:ec:b2:b4:c9:59:0c:43:4f:
d6:3f:c1:c1:d1:de:fd:b9:2a:81:fb:f6:2f:f0:88:
09:fa:f0:6d:d7:97:c2:d5:8f:bf:09:36:de:45:17:
ac:05:ef:14:bc:48:5b:ea:c2:80:ef:c3:56:e5:f1:
97:b8:ba:4d:1e:a4:be:ae:97:d1:52:a3:49:16:3d:
46:6d:d0:08:56:e0:cf:74:18:fe:4d:e0:7c:0d:76:
40:0a:65:62:56:2b:f8:df:c7:68:e5:02:b8:67:42:
2b:3f:bb:04:86:e6:1e:71:80:33:16:25:c9:20:58:
18:f3:f6:b2:44:00:73:85:ab:88:8f:e4:2e:26:51:
ef:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:C1:3E:E2:40:D6:F2:9B:44:2B:92:5F:59:15:77:5D:93:A2:44:23
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9000::/40
Signature Algorithm: sha256WithRSAEncryption
b6:8d:08:cf:be:1c:6d:0e:79:eb:fd:04:a1:fe:46:a1:e9:7e:
81:4b:40:79:fd:ad:f1:b3:07:3c:df:61:93:d5:e1:22:0d:8e:
78:71:a3:1b:93:11:32:7b:1c:73:50:d1:7f:ab:93:42:dd:56:
a2:ca:8f:41:83:09:6d:1d:9f:e3:65:c6:49:17:0b:0b:4c:41:
47:05:bc:78:19:dd:30:51:64:76:33:6b:c6:69:49:a3:b2:03:
08:4b:3d:8a:62:7f:33:58:77:b1:9f:84:61:d9:92:2d:b5:bd:
3d:d4:49:ca:df:7a:88:fe:f7:7a:db:cf:dd:30:b6:21:be:ff:
65:36:4e:af:ec:16:c4:04:6e:26:d8:85:05:b2:12:e7:a9:4f:
42:a0:39:99:a6:8b:4d:3a:68:28:75:c2:48:f1:e3:bd:6a:28:
d1:68:28:5a:db:e4:1d:8e:04:75:a8:a7:27:47:ab:97:64:c5:
43:85:ee:e9:5d:46:a4:3f:b1:f5:4a:9b:83:50:e5:a3:5e:9e:
9d:60:56:b6:78:18:20:c5:c8:ae:c9:52:50:0f:88:a6:75:31:
ca:8a:a2:b1:94:31:b9:56:3e:be:85:d2:da:02:91:0b:d7:7d:
c4:1b:ea:ef:41:c8:e7:93:a9:0d:5a:e5:0f:ec:b5:66:94:3a:
49:d2:51:02
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgITVz2eDd7Ya2bL5Bh3H/lUEPGvAjANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDUyMDE5MDEyMVoXDTI1MDYyNDIzNTk1OVowejFJMEcGA1UE
BRNANWY0MWViZGUzZGY5NmVjMTVhODE5NzEwYTA2MmNjNWU3MjI3Y2E5MDgxZDNi
MTVkM2RkY2M5NWRhZDkyZGEwMjEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu0jh4eBlCwsi56wTf62L3kl8yYnqVcdn37HPBe0p8yE4CyZMCvhS2ebpczcA
KYHM+/U7lvl89qssLCQJr47wg85s71X+zUWcvG7BgOfcCSUUF6vXUZUpoAyQRUP9
vXidF6kh1mOmhGYYHxWX6eue6g12Hdz4EX73qELvCYg67LK0yVkMQ0/WP8HB0d79
uSqB+/Yv8IgJ+vBt15fC1Y+/CTbeRResBe8UvEhb6sKA78NW5fGXuLpNHqS+rpfR
UqNJFj1GbdAIVuDPdBj+TeB8DXZACmViViv438do5QK4Z0IrP7sEhuYecYAzFiXJ
IFgY8/ayRABzhauIj+QuJlHvqwIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFHbBPuJA
1vKbRCuSX1kVd12TokQjMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC9m
MTlhMWNlMy0zNzI2LTRkOGQtOGQzYS1iMmVjMDUwOWNjNzYucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQAJAw
DQYJKoZIhvcNAQELBQADggEBALaNCM++HG0Oeev9BKH+RqHpfoFLQHn9rfGzBzzf
YZPV4SINjnhxoxuTETJ7HHNQ0X+rk0LdVqLKj0GDCW0dn+NlxkkXCwtMQUcFvHgZ
3TBRZHYza8ZpSaOyAwhLPYpifzNYd7GfhGHZki21vT3UScrfeoj+93rbz90wtiG+
/2U2Tq/sFsQEbibYhQWyEuepT0KgOZmmi006aCh1wkjx471qKNFoKFrb5B2OBHWo
pydHq5dkxUOF7uldRqQ/sfVKm4NQ5aNenp1gVrZ4GCDFyK7JUlAPiKZ1McqKorGU
MblWPr6F0toCkQvXfcQb6u9ByOeTqQ1a5Q/stWaUOknSUQI=
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:16 2025 by rpki-client