Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3be7af4-35f4-4df2-a374-b4daab598a9f.roa
File: f3be7af4-35f4-4df2-a374-b4daab598a9f.roa (raw, json)
Hash identifier: +rHkNFhd811tsl8hh48q7xP+5H6uS4ja2mL2beBkly8=
Subject key identifier: 2F:22:5D:68:9A:46:2B:55:D8:BA:74:BB:88:32:EF:71:CD:9B:73:B2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E6A499BDAFEDA9DD24E128D7828CDE48F7196FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3be7af4-35f4-4df2-a374-b4daab598a9f.roa
Signing time: Tue 20 May 2025 19:52:01 +0000
ROA not before: Tue 20 May 2025 19:52:01 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:6a:49:9b:da:fe:da:9d:d2:4e:12:8d:78:28:cd:e4:8f:71:96:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:52:01 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=a9650527e0e43ef04c11484017fa7126739479e221b3342ed6c3241be41afbb0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ec:f2:52:dd:0f:12:e4:72:d5:b2:56:4e:b8:
5b:be:a4:c6:fa:bf:f1:85:62:fa:b1:61:3e:90:6c:
e2:d1:2a:05:e9:00:03:c7:0f:cb:13:f6:34:50:08:
64:dc:a4:b9:72:53:98:c1:bc:73:77:3d:56:bf:fd:
c9:79:36:e6:af:71:aa:a1:6d:30:1a:c0:a0:cc:dd:
fa:d1:c9:4a:73:b4:4b:24:01:09:b1:af:b0:f6:86:
1e:b1:1c:fa:ce:d6:91:4b:8d:c8:d7:8e:d9:e4:cd:
fb:65:5a:1b:68:a3:72:3d:9a:f9:68:7d:4f:8a:7b:
09:63:e6:89:aa:6f:dd:9c:98:82:72:32:7c:3d:0e:
f3:3f:c5:a9:f5:56:4a:97:b5:f7:28:38:16:d4:5f:
9d:88:60:0e:ca:d1:b3:30:8d:10:f9:b1:c5:4b:09:
13:9e:e7:0d:4a:13:da:33:40:ec:14:bb:90:e6:c3:
c6:2e:03:04:60:81:e9:86:d4:fc:14:da:0c:9b:f5:
90:f5:9b:d9:56:cd:e7:a6:99:3e:60:86:79:14:56:
93:c1:6c:c5:6b:86:f6:25:5a:a4:13:a5:09:fe:0b:
8b:20:a3:cf:83:0f:4f:9a:fa:bf:c9:fe:3e:3d:0a:
e4:a8:8b:7a:b7:91:98:1b:c5:6d:82:28:bc:d6:33:
92:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:22:5D:68:9A:46:2B:55:D8:BA:74:BB:88:32:EF:71:CD:9B:73:B2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3be7af4-35f4-4df2-a374-b4daab598a9f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:1000::/40
Signature Algorithm: sha256WithRSAEncryption
6f:95:1d:05:33:8c:70:c3:27:e7:52:46:3a:17:14:db:2b:1d:
8b:e3:21:95:43:a6:f4:c2:17:d0:d4:fb:a2:ab:d3:1d:93:31:
a3:a2:a6:6b:1c:6d:77:b3:dd:c4:4b:62:5e:3f:a4:6a:98:63:
0d:7b:31:08:b5:d4:30:81:45:af:d6:b6:fd:16:bc:a6:5f:30:
63:3a:25:d7:5d:8a:17:25:47:bf:2e:81:a4:f7:57:c3:c1:9b:
92:04:c1:d5:a5:75:eb:57:76:e1:f4:45:df:9d:3c:c5:b9:d3:
6b:37:c8:cc:24:cb:00:30:53:a4:2f:66:3b:9d:18:0e:a2:88:
70:2f:03:70:e3:3a:bd:47:91:4a:50:94:53:d1:a5:cb:37:6d:
29:1d:d4:b4:5d:fa:45:17:f2:40:04:1c:a3:5a:29:ef:a0:11:
b6:c9:c1:7b:96:91:fd:43:ad:2e:2d:3f:63:23:7a:7c:70:d3:
49:b3:01:c4:35:18:a2:8e:b1:06:d3:76:f5:1f:c4:a3:4f:70:
16:6f:57:1d:70:dd:de:d1:a8:fa:3a:ef:d1:84:64:3b:81:11:
29:b2:0d:8e:13:e9:61:73:e2:50:36:f0:86:63:13:1f:55:67:
62:32:ff:5c:53:82:2a:cd:54:2a:8f:85:a1:16:6f:cb:bd:d1:
df:98:12:d2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHmpJm9r+2p3SThKNeCjN5I9xlv4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUyMDFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5NjUwNTI3ZTBlNDNlZjA0YzExNDg0MDE3ZmE3MTI2NzM5NDc5ZTIyMWIz
MzQyZWQ2YzMyNDFiZTQxYWZiYjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOfs8lLdDxLkctWyVk64W76kxvq/8YVi+rFhPpBs4tEqBekAA8cPyxP2NFAI
ZNykuXJTmMG8c3c9Vr/9yXk25q9xqqFtMBrAoMzd+tHJSnO0SyQBCbGvsPaGHrEc
+s7WkUuNyNeO2eTN+2VaG2ijcj2a+Wh9T4p7CWPmiapv3ZyYgnIyfD0O8z/FqfVW
Spe19yg4FtRfnYhgDsrRszCNEPmxxUsJE57nDUoT2jNA7BS7kObDxi4DBGCB6YbU
/BTaDJv1kPWb2VbN56aZPmCGeRRWk8FsxWuG9iVapBOlCf4LiyCjz4MPT5r6v8n+
Pj0K5KiLereRmBvFbYIovNYzklkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQvIl1o
mkYrVdi6dLuIMu9xzZtzsjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjNiZTdhZjQtMzVmNC00ZGYyLWEzNzQtYjRkYWFiNTk4YTlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HsQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBvlR0FM4xwwyfnUkY6FxTbKx2L4yGVQ6b0whfQ
1Puiq9MdkzGjoqZrHG13s93ES2JeP6RqmGMNezEItdQwgUWv1rb9FrymXzBjOiXX
XYoXJUe/LoGk91fDwZuSBMHVpXXrV3bh9EXfnTzFudNrN8jMJMsAMFOkL2Y7nRgO
oohwLwNw4zq9R5FKUJRT0aXLN20pHdS0XfpFF/JABByjWinvoBG2ycF7lpH9Q60u
LT9jI3p8cNNJswHENRiijrEG03b1H8SjT3AWb1cdcN3e0aj6Ou/RhGQ7gREpsg2O
E+lhc+JQNvCGYxMfVWdiMv9cU4IqzVQqj4WhFm/LvdHfmBLS
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:47 2025 by rpki-client