Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3b5c68d3-e5a1-4742-a90c-59b1e29cfc00.roa
File: 3b5c68d3-e5a1-4742-a90c-59b1e29cfc00.roa (raw, json)
Hash identifier: VQ/MrRLyPe8FSihbFc9wNHbN8Zzq2Y8ffTs7iwX/4vY=
Subject key identifier: 7A:43:B9:99:B0:13:FA:D9:8E:5D:49:FD:89:08:5A:68:4C:C7:13:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4557FCA74B5E46E427E4C42EBC1BA52142E8A726
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3b5c68d3-e5a1-4742-a90c-59b1e29cfc00.roa
Signing time: Fri 23 May 2025 00:41:16 +0000
ROA not before: Fri 23 May 2025 00:41:16 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:57:fc:a7:4b:5e:46:e4:27:e4:c4:2e:bc:1b:a5:21:42:e8:a7:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:41:16 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=4a333e54b1d64152f8fb1e1038807d56da21179b78b434a3682cd9869d42c006, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9f:7f:3f:a3:a3:fd:58:d3:e2:5d:0d:87:21:
c8:42:79:d0:b5:46:6d:62:90:d7:84:00:ca:9a:df:
2d:41:16:71:37:f2:96:6a:74:37:17:d0:f6:32:bb:
0a:d9:70:55:32:97:2e:7e:a0:bd:28:0e:d7:3d:72:
02:44:0c:f3:9b:47:1f:af:c7:9e:a6:3e:d4:e9:36:
ff:52:a6:e5:f2:91:e7:93:80:1f:82:d1:2b:10:65:
2f:8d:87:d8:fd:1d:ba:22:2f:2c:93:25:ff:8c:c7:
45:7e:43:2f:7e:79:46:61:f0:cc:45:00:71:2d:89:
91:ff:25:b2:fc:f5:ae:36:85:f2:a3:a6:78:43:f1:
d6:b1:e1:bf:59:9d:42:c5:a1:e0:5f:81:9e:0c:a5:
d8:71:e5:92:d0:66:a2:94:c0:24:83:db:8c:6e:45:
77:77:fa:01:84:5d:b1:b0:0d:44:6d:e5:e7:e8:70:
ed:0b:7d:70:8b:b9:e6:c4:ab:f9:8c:a0:d4:21:7a:
ee:a7:b0:6b:ae:69:94:cb:cf:9b:03:97:3b:ff:4f:
2e:ca:66:a4:14:37:19:61:59:33:65:50:0b:54:14:
97:05:cb:2a:0d:b8:17:4a:77:22:c5:db:ae:3c:67:
01:c9:6b:f7:68:6d:b3:43:fa:49:39:49:d3:80:fa:
80:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:43:B9:99:B0:13:FA:D9:8E:5D:49:FD:89:08:5A:68:4C:C7:13:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3b5c68d3-e5a1-4742-a90c-59b1e29cfc00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:c000::/40
Signature Algorithm: sha256WithRSAEncryption
65:5f:7a:7e:24:58:c7:a7:42:4b:57:3d:98:cf:51:e4:ec:8b:
07:dd:f0:20:c3:fa:2f:5b:c7:85:fc:a0:44:6c:63:d9:69:0d:
9a:a2:bf:e1:41:a3:fa:a8:e0:68:ba:c1:44:92:70:e1:90:3a:
d8:fa:c7:e7:20:94:4b:be:84:34:35:11:64:6f:e8:8b:e6:79:
92:10:db:db:1d:c6:85:df:6e:25:2f:66:6c:2e:39:a6:75:33:
09:33:0e:b8:de:59:86:88:c5:62:23:df:0b:7b:31:a4:5c:ef:
1f:57:de:53:8e:48:f5:19:77:ac:ff:0b:6a:42:df:e0:97:25:
d0:8f:f2:41:a3:5d:ae:ad:3d:cb:7f:37:c0:ff:5d:35:4a:21:
a4:dd:1e:30:73:f6:77:8b:b2:c8:6f:c9:47:db:84:3b:47:62:
9b:bf:ec:1c:66:6e:bc:37:7d:78:b6:8f:c0:a8:5c:c9:dc:48:
78:1c:8a:0c:03:01:20:f9:b3:b4:44:8b:71:99:d3:85:7e:f7:
04:64:78:4e:8a:07:d3:92:96:ec:63:23:f3:6a:97:b4:2b:7c:
a8:5e:4d:b0:ae:1a:5c:b1:1d:66:4e:5a:7c:e1:a6:c9:8c:14:
34:ce:ff:bf:a3:3d:92:0d:a2:77:6d:58:47:70:0f:1f:21:c9:
a0:91:34:0e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURVf8p0teRuQn5MQuvBulIULopyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQxMTZaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhMzMzZTU0YjFkNjQxNTJmOGZiMWUxMDM4ODA3ZDU2ZGEyMTE3OWI3OGI0
MzRhMzY4MmNkOTg2OWQ0MmMwMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqffz+jo/1Y0+JdDYchyEJ50LVGbWKQ14QAyprfLUEWcTfylmp0NxfQ9jK7
CtlwVTKXLn6gvSgO1z1yAkQM85tHH6/HnqY+1Ok2/1Km5fKR55OAH4LRKxBlL42H
2P0duiIvLJMl/4zHRX5DL355RmHwzEUAcS2Jkf8lsvz1rjaF8qOmeEPx1rHhv1md
QsWh4F+Bngyl2HHlktBmopTAJIPbjG5Fd3f6AYRdsbANRG3l5+hw7Qt9cIu55sSr
+Yyg1CF67qewa65plMvPmwOXO/9PLspmpBQ3GWFZM2VQC1QUlwXLKg24F0p3IsXb
rjxnAclr92hts0P6STlJ04D6gP8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR6Q7mZ
sBP62Y5dSf2JCFpoTMcTCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2I1YzY4ZDMtZTVhMS00NzQyLWE5MGMtNTliMWUyOWNmYzAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/A
MA0GCSqGSIb3DQEBCwUAA4IBAQBlX3p+JFjHp0JLVz2Yz1Hk7IsH3fAgw/ovW8eF
/KBEbGPZaQ2aor/hQaP6qOBousFEknDhkDrY+sfnIJRLvoQ0NRFkb+iL5nmSENvb
HcaF324lL2ZsLjmmdTMJMw643lmGiMViI98LezGkXO8fV95Tjkj1GXes/wtqQt/g
lyXQj/JBo12urT3LfzfA/101SiGk3R4wc/Z3i7LIb8lH24Q7R2Kbv+wcZm68N314
to/AqFzJ3Eh4HIoMAwEg+bO0RItxmdOFfvcEZHhOigfTkpbsYyPzape0K3yoXk2w
rhpcsR1mTlp84abJjBQ0zv+/oz2SDaJ3bVhHcA8fIcmgkTQO
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:33 2025 by rpki-client