Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f76388e2-5824-485d-aa99-c7ea5a481aa2.roa
File: f76388e2-5824-485d-aa99-c7ea5a481aa2.roa (raw, json)
Hash identifier: NIBfxDs34TUr8CtxeLurGhqNn50QmVeUIt/8wmjwnhQ=
Subject key identifier: 05:77:EF:20:86:DA:1A:20:A7:B4:1D:65:91:56:30:5D:FE:D6:A4:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32A42E0E5F65EC15DE9DDEE6995E92352AAF3F5A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f76388e2-5824-485d-aa99-c7ea5a481aa2.roa
Signing time: Tue 20 May 2025 19:21:33 +0000
ROA not before: Tue 20 May 2025 19:21:33 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:a4:2e:0e:5f:65:ec:15:de:9d:de:e6:99:5e:92:35:2a:af:3f:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:21:33 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=e32d91b65ad425d43e5bc713f535115d219decbe5acb754a3e1b5251deec82d9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c9:ce:60:0f:b8:c4:ce:39:41:3e:6a:6d:f3:
81:01:8e:05:6d:c6:79:9c:d2:2a:fb:df:4c:58:ca:
1c:f6:1c:dc:f0:c3:44:40:1a:31:71:01:9f:7b:37:
aa:b5:6f:7c:54:15:cc:b8:4a:9d:d1:1c:f1:98:e6:
82:6e:74:0a:b2:9a:44:54:46:f4:c0:82:a1:6c:68:
be:8f:32:86:0f:37:4d:5d:4b:a4:f1:d9:f4:95:d9:
5e:be:2f:0a:cc:f4:ff:1b:a2:0e:94:de:74:7c:da:
58:e6:57:aa:19:41:40:4c:91:3d:c2:e2:26:36:1c:
dd:fe:1d:60:40:15:dd:53:d4:8f:0b:e6:15:51:3d:
db:e8:35:6f:b8:10:08:2c:7d:f4:19:7b:6e:7b:08:
e0:81:4f:b7:04:da:45:1d:11:ed:5e:1e:c1:d0:5e:
83:ed:08:d0:7f:e1:19:13:20:a7:8b:c8:f4:5a:67:
6f:db:ab:b4:7b:3d:ba:b3:64:ec:c9:c8:22:c0:fe:
15:3b:31:b7:67:38:e7:7c:06:91:22:3e:01:ae:da:
31:1d:73:77:70:19:96:13:d9:d4:4c:4e:ea:c3:f8:
0e:49:07:3a:74:4e:12:b0:69:f2:3b:a6:f7:62:9f:
88:76:89:e3:f7:01:fb:4c:1d:93:68:fc:bb:54:15:
ce:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:77:EF:20:86:DA:1A:20:A7:B4:1D:65:91:56:30:5D:FE:D6:A4:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f76388e2-5824-485d-aa99-c7ea5a481aa2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e000::/40
Signature Algorithm: sha256WithRSAEncryption
0c:86:0b:61:83:78:c8:ae:5d:5c:f3:d4:2c:d1:b2:73:67:20:
b6:2a:2d:ba:52:6c:1f:09:5d:ad:d6:4f:5c:d6:8a:70:4a:ef:
32:99:d6:94:45:08:c2:76:3f:95:e2:97:e3:84:f0:b9:0f:99:
ed:c9:ef:22:90:0b:cc:69:27:33:23:db:48:fb:c0:06:dd:4d:
66:32:76:64:47:4d:e4:84:fb:3f:8d:67:63:0d:86:9f:58:e3:
8e:c9:dd:10:7f:c8:9a:89:37:8d:52:59:ac:bc:2d:f0:52:df:
9a:97:48:1f:3e:cf:76:9c:58:c2:e2:1e:a9:b5:be:d5:07:da:
bd:a3:5b:44:13:2d:fb:65:12:87:55:24:77:c6:e2:05:7a:de:
a6:47:7c:81:4a:b2:5f:06:b6:98:3b:a6:d3:cc:98:0f:a3:69:
94:2a:b0:26:62:db:3b:60:16:00:9a:0b:02:27:b3:61:70:1b:
6e:73:ad:b1:fe:93:f5:dc:1a:5c:17:72:ef:d7:ff:8a:38:85:
8a:eb:e1:2b:89:44:bf:14:4f:60:f6:6f:16:3e:39:72:ad:b5:
a5:0e:fc:a0:1c:e4:f0:da:10:33:90:22:48:5d:88:45:ff:c5:
c6:c0:96:73:2a:3c:2e:cc:f1:7c:32:6d:de:b0:cf:3b:34:a5:
bd:f0:24:c2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMqQuDl9l7BXend7mmV6SNSqvP1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIxMzNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzMmQ5MWI2NWFkNDI1ZDQzZTViYzcxM2Y1MzUxMTVkMjE5ZGVjYmU1YWNi
NzU0YTNlMWI1MjUxZGVlYzgyZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbJzmAPuMTOOUE+am3zgQGOBW3GeZzSKvvfTFjKHPYc3PDDREAaMXEBn3s3
qrVvfFQVzLhKndEc8Zjmgm50CrKaRFRG9MCCoWxovo8yhg83TV1LpPHZ9JXZXr4v
Csz0/xuiDpTedHzaWOZXqhlBQEyRPcLiJjYc3f4dYEAV3VPUjwvmFVE92+g1b7gQ
CCx99Bl7bnsI4IFPtwTaRR0R7V4ewdBeg+0I0H/hGRMgp4vI9Fpnb9urtHs9urNk
7MnIIsD+FTsxt2c453wGkSI+Aa7aMR1zd3AZlhPZ1ExO6sP4DkkHOnROErBp8jum
92KfiHaJ4/cB+0wdk2j8u1QVzisCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQFd+8g
htoaIKe0HWWRVjBd/takGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjc2Mzg4ZTItNTgyNC00ODVkLWFhOTktYzdlYTVhNDgxYWEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H/g
MA0GCSqGSIb3DQEBCwUAA4IBAQAMhgthg3jIrl1c89Qs0bJzZyC2Ki26UmwfCV2t
1k9c1opwSu8ymdaURQjCdj+V4pfjhPC5D5ntye8ikAvMaSczI9tI+8AG3U1mMnZk
R03khPs/jWdjDYafWOOOyd0Qf8iaiTeNUlmsvC3wUt+al0gfPs92nFjC4h6ptb7V
B9q9o1tEEy37ZRKHVSR3xuIFet6mR3yBSrJfBraYO6bTzJgPo2mUKrAmYts7YBYA
mgsCJ7NhcBtuc62x/pP13BpcF3Lv1/+KOIWK6+EriUS/FE9g9m8WPjlyrbWlDvyg
HOTw2hAzkCJIXYhF/8XGwJZzKjwuzPF8Mm3esM87NKW98CTC
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:12 2025 by rpki-client