Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5df7952-9afa-44d3-8d00-72b89f047d7c.roa
File: f5df7952-9afa-44d3-8d00-72b89f047d7c.roa (raw, json)
Hash identifier: DeQ4eQ9yw3P3CGk8ecbbPmxti1OdupMPTiiufGxyiX8=
Subject key identifier: 9E:AA:A7:9A:0F:47:41:D9:BC:63:1C:07:DD:3E:61:C3:E3:00:77:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2519E633EFC6CBE324EC152FCC6C256FC565745F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5df7952-9afa-44d3-8d00-72b89f047d7c.roa
Signing time: Tue 20 May 2025 19:41:12 +0000
ROA not before: Tue 20 May 2025 19:41:12 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:60c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:19:e6:33:ef:c6:cb:e3:24:ec:15:2f:cc:6c:25:6f:c5:65:74:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:41:12 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=38aba6fd1d56bca89a8d29871caf070efd148ea4e3050d2cc0cd2eb613eb3b80, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:05:db:36:d7:c7:3f:63:68:8a:6d:0a:39:00:
ec:dc:ae:5a:66:80:d5:cc:c2:e5:68:43:bc:72:dc:
63:86:59:4b:bd:d8:9d:86:ce:69:fa:e6:29:eb:de:
33:0a:b1:a8:76:45:db:dc:d1:0c:11:db:52:ea:ee:
5f:79:a3:8b:25:27:a8:5e:1a:62:35:40:11:e9:8e:
47:70:9e:52:7d:f7:e2:7b:65:01:94:de:ce:a3:f2:
39:c9:b2:d8:35:4f:19:1f:3f:dd:d4:c2:0a:c2:c8:
5b:18:f1:f3:ab:f1:97:26:15:1c:ad:33:7f:9b:cb:
4e:85:2f:ec:bf:2b:2e:11:50:cc:aa:cf:a5:13:0f:
99:15:ac:31:39:66:f7:ad:d6:71:2a:f5:13:76:10:
af:5d:48:db:68:11:e5:01:89:1a:cf:17:1b:f2:37:
90:c2:29:f4:5f:71:94:78:84:4d:e4:68:f8:f7:fd:
62:3b:d3:9d:9b:f4:e6:57:ee:36:bc:88:37:5c:7f:
5b:4b:17:cc:7a:84:51:b8:ef:3f:02:cf:0b:87:4f:
49:eb:37:7a:a8:f2:f0:e6:06:c5:af:b1:1c:56:98:
e4:a2:74:44:9b:82:80:d5:1c:35:27:7d:23:21:9c:
55:c2:4f:c3:d7:29:01:68:5c:4c:08:1d:23:7d:8a:
03:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:AA:A7:9A:0F:47:41:D9:BC:63:1C:07:DD:3E:61:C3:E3:00:77:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5df7952-9afa-44d3-8d00-72b89f047d7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
bf:2d:3c:1f:da:22:ee:89:8d:6c:b4:78:3b:38:81:a1:e2:33:
08:7a:31:48:b5:f2:c7:a3:c3:31:61:ca:3e:dd:1a:d6:eb:e9:
8b:fd:b9:c6:3a:5c:fc:56:3b:d7:37:af:41:8c:c3:bb:1b:0a:
5a:77:af:93:74:79:41:b4:38:22:c1:a1:05:d5:69:e9:44:79:
f6:54:d2:f7:ad:98:f1:52:32:2c:1c:8b:c0:f3:16:8d:12:78:
fe:75:4d:ce:45:2e:fb:cc:15:03:14:a5:46:a6:5f:06:79:1b:
dc:81:fe:9e:54:7b:c9:e4:43:79:fc:af:99:5a:03:e5:a5:e8:
5d:0e:6f:d1:0d:88:de:51:92:78:f9:3c:f3:74:aa:a1:b4:dc:
c5:db:f8:bf:d6:61:71:df:9d:a3:11:96:c1:f4:5c:dd:ee:9d:
8f:bd:d5:03:1a:3f:55:48:97:9a:20:27:fb:ee:72:59:2a:2e:
9c:8d:77:b8:56:fa:bb:51:e8:81:f3:24:f1:5a:31:7f:ea:72:
5d:12:26:6d:04:7c:58:64:b8:d6:53:2d:2d:bd:f1:78:3e:d1:
ee:af:9c:20:e5:a7:1c:11:4b:c8:d8:39:a7:22:31:3a:1a:13:
6c:a9:c9:8b:ba:43:2a:1b:f3:54:89:51:c2:09:82:e9:23:0c:
84:a5:bd:83
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJRnmM+/Gy+Mk7BUvzGwlb8VldF8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQxMTJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4YWJhNmZkMWQ1NmJjYTg5YThkMjk4NzFjYWYwNzBlZmQxNDhlYTRlMzA1
MGQyY2MwY2QyZWI2MTNlYjNiODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0F2zbXxz9jaIptCjkA7NyuWmaA1czC5WhDvHLcY4ZZS73YnYbOafrmKeve
MwqxqHZF29zRDBHbUuruX3mjiyUnqF4aYjVAEemOR3CeUn334ntlAZTezqPyOcmy
2DVPGR8/3dTCCsLIWxjx86vxlyYVHK0zf5vLToUv7L8rLhFQzKrPpRMPmRWsMTlm
963WcSr1E3YQr11I22gR5QGJGs8XG/I3kMIp9F9xlHiETeRo+Pf9YjvTnZv05lfu
NryIN1x/W0sXzHqEUbjvPwLPC4dPSes3eqjy8OYGxa+xHFaY5KJ0RJuCgNUcNSd9
IyGcVcJPw9cpAWhcTAgdI32KA8UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSeqqea
D0dB2bxjHAfdPmHD4wB3ATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjVkZjc5NTItOWFmYS00NGQzLThkMDAtNzJiODlmMDQ3ZDdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Htg
wDANBgkqhkiG9w0BAQsFAAOCAQEAvy08H9oi7omNbLR4OziBoeIzCHoxSLXyx6PD
MWHKPt0a1uvpi/25xjpc/FY71zevQYzDuxsKWnevk3R5QbQ4IsGhBdVp6UR59lTS
962Y8VIyLByLwPMWjRJ4/nVNzkUu+8wVAxSlRqZfBnkb3IH+nlR7yeRDefyvmVoD
5aXoXQ5v0Q2I3lGSePk883SqobTcxdv4v9Zhcd+doxGWwfRc3e6dj73VAxo/VUiX
miAn++5yWSounI13uFb6u1HogfMk8Voxf+pyXRImbQR8WGS41lMtLb3xeD7R7q+c
IOWnHBFLyNg5pyIxOhoTbKnJi7pDKhvzVIlRwgmC6SMMhKW9gw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:14 2025 by rpki-client