Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
File: fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa (raw, json)
Hash identifier: ZzYn52WHgH/2i0cuVCEc7pzYv8lEueZ7Bt000AE6UtM=
Subject key identifier: CF:BA:DC:82:5A:63:72:84:10:71:B9:EA:B2:A9:A5:B8:D2:3B:F7:35
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4DE9EAC9D5423CAE71A91DC3AAB6835E51CE262C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
Signing time: Tue 20 May 2025 18:41:07 +0000
ROA not before: Tue 20 May 2025 18:41:07 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:e9:ea:c9:d5:42:3c:ae:71:a9:1d:c3:aa:b6:83:5e:51:ce:26:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:41:07 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=dcedb2314514cc1a5094d724cd8fe56c9c305ad92849858de151f52d57a16fda, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b3:02:10:86:3d:44:72:e5:40:b5:41:ac:ed:
f1:e9:ea:75:3b:06:f8:7b:4c:7f:5d:eb:cd:87:40:
b1:e6:31:74:0b:c8:2e:12:7a:e5:cb:49:fd:e0:cd:
5a:86:bd:08:13:ac:40:22:cd:3f:04:aa:fc:a7:f9:
bd:6a:55:8c:bf:74:b1:89:18:2b:ca:1a:9b:19:97:
0d:45:d3:1e:9c:41:19:c1:47:7c:b2:83:7d:4f:25:
41:04:f4:47:2c:94:e2:a1:47:31:10:dc:7c:a1:6a:
e3:30:2b:c3:cb:81:0e:76:f9:ea:46:bc:3b:b4:34:
9b:e2:9e:ef:4c:34:d5:68:d5:6c:eb:e9:b4:9d:8d:
25:ce:9f:e4:8c:ea:d9:05:17:61:c3:82:06:4e:d4:
c9:29:d0:8d:b6:4f:b7:57:fa:8f:51:1c:2b:e3:bd:
05:30:c5:1f:d8:e4:2d:21:a8:f0:a2:de:98:42:26:
42:18:d2:f3:77:30:cd:97:a1:cd:93:fd:38:0f:90:
46:c0:20:8d:d9:ff:e4:7a:f7:fd:78:7e:7e:1b:47:
7c:94:e1:6c:6e:78:f8:31:ba:72:06:34:6f:b0:fc:
3e:2a:d4:72:1e:9a:79:aa:b5:a0:44:40:c3:ab:e5:
cf:19:f5:02:68:ec:6f:5d:5a:ff:e8:a1:7a:ea:cb:
7b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:BA:DC:82:5A:63:72:84:10:71:B9:EA:B2:A9:A5:B8:D2:3B:F7:35
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
c0:c3:4d:11:83:94:8e:2b:3a:ae:70:8d:d8:0a:e6:23:9b:be:
cf:5a:61:58:62:20:c2:0c:04:e3:54:10:17:c8:f2:cb:00:45:
ee:b0:6a:06:6a:d4:37:e1:6f:60:2a:0a:2d:2e:c2:1e:c5:11:
31:41:96:07:8c:57:7b:f2:ae:d5:e2:68:a1:9d:31:9b:87:a2:
5a:1d:2f:d1:02:f3:10:75:0b:98:43:bd:30:f8:dd:d7:05:79:
22:f4:23:b0:52:a3:0f:02:d9:93:0c:2f:c6:3e:1d:01:87:67:
12:24:c4:13:18:59:31:ee:24:d0:7a:f4:ff:f3:ef:1b:2d:a2:
ef:26:3f:7f:f5:c0:34:5f:72:88:1d:0b:ad:5a:52:2a:8d:bb:
63:9c:b9:d1:c3:97:47:66:04:9a:0f:20:00:95:9d:30:e2:b2:
8d:50:cc:50:9e:1b:09:c0:d7:39:9b:57:2c:c7:bb:b3:61:49:
76:e3:d4:73:d2:cb:cf:46:e8:03:82:1f:0f:08:0f:91:01:18:
59:6b:83:01:f4:d8:b0:38:5d:c7:b3:8b:09:1c:18:55:f4:50:
71:36:50:c4:b2:9d:85:f1:48:eb:f2:d2:d9:4d:58:a6:45:89:
83:f1:f7:c3:f0:fd:48:5a:44:97:b6:ce:db:aa:2f:b5:7e:d0:
86:25:ed:f9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTenqydVCPK5xqR3DqraDXlHOJiwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQxMDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjZWRiMjMxNDUxNGNjMWE1MDk0ZDcyNGNkOGZlNTZjOWMzMDVhZDkyODQ5
ODU4ZGUxNTFmNTJkNTdhMTZmZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN+zAhCGPURy5UC1Qazt8enqdTsG+HtMf13rzYdAseYxdAvILhJ65ctJ/eDN
Woa9CBOsQCLNPwSq/Kf5vWpVjL90sYkYK8oamxmXDUXTHpxBGcFHfLKDfU8lQQT0
RyyU4qFHMRDcfKFq4zArw8uBDnb56ka8O7Q0m+Ke70w01WjVbOvptJ2NJc6f5Izq
2QUXYcOCBk7UySnQjbZPt1f6j1EcK+O9BTDFH9jkLSGo8KLemEImQhjS83cwzZeh
zZP9OA+QRsAgjdn/5Hr3/Xh+fhtHfJThbG54+DG6cgY0b7D8PirUch6aeaq1oERA
w6vlzxn1Amjsb11a/+iheurLe0cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTPutyC
WmNyhBBxueqyqaW40jv3NTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNlN2EwM2ItOWU5MC00OTIxLTljNTYtNWIwYmQ0ZTYwZWQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
wDANBgkqhkiG9w0BAQsFAAOCAQEAwMNNEYOUjis6rnCN2ArmI5u+z1phWGIgwgwE
41QQF8jyywBF7rBqBmrUN+FvYCoKLS7CHsURMUGWB4xXe/Ku1eJooZ0xm4eiWh0v
0QLzEHULmEO9MPjd1wV5IvQjsFKjDwLZkwwvxj4dAYdnEiTEExhZMe4k0Hr0//Pv
Gy2i7yY/f/XANF9yiB0LrVpSKo27Y5y50cOXR2YEmg8gAJWdMOKyjVDMUJ4bCcDX
OZtXLMe7s2FJduPUc9LLz0boA4IfDwgPkQEYWWuDAfTYsDhdx7OLCRwYVfRQcTZQ
xLKdhfFI6/LS2U1YpkWJg/H3w/D9SFpEl7bO26ovtX7QhiXt+Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:12 2025 by rpki-client