Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
File: f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa (raw, json)
Hash identifier: Tkr+n5fE96kXzd9MnDNVapDTEC0GiMd5p1/MZUCI1x4=
Subject key identifier: DC:B3:F6:E4:FE:F9:AE:21:C8:35:0B:08:1D:12:F0:03:DD:EE:BB:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07EF96F0796E391A41B50E5895FCF68B6E73F2C0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
Signing time: Fri 25 Apr 2025 18:50:06 +0000
ROA not before: Fri 25 Apr 2025 18:50:06 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:ef:96:f0:79:6e:39:1a:41:b5:0e:58:95:fc:f6:8b:6e:73:f2:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:50:06 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=8ae1cb05bbb9d4085ba4fc3022cae575de5931dad46ca34db696d8cc654a893e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:52:1b:b1:27:8f:99:07:52:45:97:64:de:86:
d3:30:99:1b:db:f7:2e:1f:1a:87:46:c4:f6:eb:19:
02:24:20:c3:4d:36:f1:fd:be:a5:e3:20:34:29:75:
ba:95:21:8a:f2:1d:18:68:eb:45:b6:c0:2f:8d:5e:
4f:19:79:81:9b:cc:a9:e7:f8:37:fb:15:98:02:9a:
80:d2:a3:15:2c:29:62:8e:ab:47:e4:73:eb:e4:d6:
ac:72:c3:e6:ac:ff:36:1d:0f:59:be:7a:6a:80:ae:
25:e8:f9:3a:2b:99:24:1a:db:1d:08:74:2f:9e:13:
bf:3e:2b:81:46:75:01:66:06:b4:fe:0f:00:c3:97:
b6:c7:70:06:7b:d1:8b:48:76:9b:8a:af:8a:0b:ea:
78:82:50:84:04:f2:4c:53:37:32:5a:87:1f:02:48:
03:e8:93:b7:1a:5d:5e:a9:a5:4d:eb:29:7f:34:42:
f2:db:02:20:e4:d4:87:41:73:01:dd:8a:0f:3e:14:
b3:97:84:c2:cd:8a:8a:e2:af:65:76:9d:85:15:cf:
77:31:fe:aa:76:93:f5:b9:17:1e:85:ee:3d:6e:39:
3b:c5:e7:c0:ea:a0:33:3e:36:3a:32:e4:f1:42:10:
77:40:c9:f0:66:7e:dc:5a:18:0d:e3:db:0a:4f:43:
b6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:B3:F6:E4:FE:F9:AE:21:C8:35:0B:08:1D:12:F0:03:DD:EE:BB:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:69:04:0a:8d:18:68:71:ee:6d:67:12:f2:35:77:1a:3c:cc:
4c:18:e7:d5:81:47:45:a1:ec:42:c4:63:d0:e5:6f:5b:43:39:
4d:37:35:39:f6:7b:2d:59:48:09:13:79:cc:3b:70:52:c3:f6:
1f:77:bc:c7:78:62:84:7a:47:d4:03:6a:95:17:9a:b7:29:b4:
e5:2e:11:54:1f:50:09:aa:a2:bd:c7:74:62:a3:a3:96:f8:80:
27:ce:69:39:fa:1b:a2:1a:ae:f4:4e:b1:49:d4:9b:00:f2:35:
fa:4c:13:bc:65:10:a0:96:2d:39:ca:52:63:f3:84:6b:b6:a3:
de:fa:d4:db:29:ad:99:07:3b:e1:6a:64:09:56:8e:5a:10:f4:
4e:d2:a7:48:62:f3:52:85:17:52:d5:0e:10:0c:7f:21:c2:e8:
fd:b6:a2:a6:12:b4:0f:51:23:67:b7:e7:00:dd:4d:d9:6f:ce:
6d:d1:cc:4c:45:f6:c0:da:22:8d:fc:95:ef:d8:b5:79:51:c6:
14:4a:94:78:e1:77:9d:fc:34:c1:fe:2e:b5:1f:b0:b8:a1:c3:
68:d8:b4:dd:98:21:a9:77:ed:b1:61:90:33:3e:53:ac:46:a5:
1e:5b:f9:f7:1c:4d:53:1a:27:c6:33:e2:4f:45:e6:ca:17:2b:
49:3b:df:97
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUB++W8HluORpBtQ5Ylfz2i25z8sAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUwMDZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhZTFjYjA1YmJiOWQ0MDg1YmE0ZmMzMDIyY2FlNTc1ZGU1OTMxZGFkNDZj
YTM0ZGI2OTZkOGNjNjU0YTg5M2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVSG7Enj5kHUkWXZN6G0zCZG9v3Lh8ah0bE9usZAiQgw0028f2+peMgNCl1
upUhivIdGGjrRbbAL41eTxl5gZvMqef4N/sVmAKagNKjFSwpYo6rR+Rz6+TWrHLD
5qz/Nh0PWb56aoCuJej5OiuZJBrbHQh0L54Tvz4rgUZ1AWYGtP4PAMOXtsdwBnvR
i0h2m4qvigvqeIJQhATyTFM3MlqHHwJIA+iTtxpdXqmlTespfzRC8tsCIOTUh0Fz
Ad2KDz4Us5eEws2KiuKvZXadhRXPdzH+qnaT9bkXHoXuPW45O8XnwOqgMz42OjLk
8UIQd0DJ8GZ+3FoYDePbCk9DtoUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTcs/bk
/vmuIcg1CwgdEvAD3e67PDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjE5YTFjZTMtMzcyNi00ZDhkLThkM2EtYjJlYzA1MDljYzc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDBaQQKjRhoce5tZxLyNXcaPMxMGOfVgUdFoexC
xGPQ5W9bQzlNNzU59nstWUgJE3nMO3BSw/Yfd7zHeGKEekfUA2qVF5q3KbTlLhFU
H1AJqqK9x3Rio6OW+IAnzmk5+huiGq70TrFJ1JsA8jX6TBO8ZRCgli05ylJj84Rr
tqPe+tTbKa2ZBzvhamQJVo5aEPRO0qdIYvNShRdS1Q4QDH8hwuj9tqKmErQPUSNn
t+cA3U3Zb85t0cxMRfbA2iKN/JXv2LV5UcYUSpR44Xed/DTB/i61H7C4ocNo2LTd
mCGpd+2xYZAzPlOsRqUeW/n3HE1TGifGM+JPRebKFytJO9+X
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:08 2025 by rpki-client