Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa
File: 431d8e22-a384-419e-9218-32a80c0ce0e3.roa (raw, json)
Hash identifier: 2WBtldCzV1snMTeVl21lAjFIiltwSdFDYuvuW6msmQo=
Subject key identifier: 9C:6E:AA:F0:87:41:17:BF:60:30:03:89:FD:67:ED:AD:2F:62:0A:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54EBC29187282C894D0E09478699025AC0FD5128
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa
Signing time: Tue 13 May 2025 18:30:32 +0000
ROA not before: Tue 13 May 2025 18:30:32 +0000
ROA not after: Tue 17 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:eb:c2:91:87:28:2c:89:4d:0e:09:47:86:99:02:5a:c0:fd:51:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 13 18:30:32 2025 GMT
Not After : Jun 17 23:59:59 2025 GMT
Subject: serialNumber=34122a5ad732a2024a3b34b23b0a9fdaa22b096efdaeff890c37603fa0007b64, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:01:12:db:3a:17:b6:eb:c9:cb:f9:09:db:80:
ef:1d:7d:44:16:14:42:7a:48:b2:9b:0c:52:3e:cf:
aa:b3:ce:bc:60:de:55:86:f0:e4:bc:34:62:49:0d:
7b:f4:59:ec:94:d7:21:72:0c:e2:7d:03:ff:ff:44:
3d:b7:19:74:d8:63:a2:d4:5f:0f:24:e4:11:3d:f3:
da:40:83:79:66:b4:19:d6:43:85:f0:ac:d8:49:62:
ee:2b:b9:9a:a2:67:12:c8:f1:8a:d4:37:1a:64:88:
7f:04:8d:4e:be:5a:16:ce:70:8e:df:e5:3d:8f:a4:
d3:96:d9:30:77:1a:de:31:af:95:d9:65:56:2e:73:
6b:8a:96:02:40:6b:40:74:4f:25:a5:8e:ba:35:18:
24:52:9c:18:f8:91:93:c5:22:2b:52:b0:99:24:6d:
d9:41:f3:2d:d4:1b:23:70:5c:cd:32:88:7c:16:35:
f6:6e:eb:f7:d5:b5:10:ef:5d:9f:4f:e5:46:f2:dd:
5a:17:a1:6c:1b:99:c6:7b:db:8a:64:62:0e:4b:f6:
de:bf:cc:cd:e3:30:32:d3:68:f5:d3:5f:a4:4f:59:
c1:5c:70:b2:3d:3b:31:c4:13:5b:43:f8:de:af:fd:
32:8e:db:bb:3f:61:4c:b6:a2:9a:d5:ae:cf:9e:24:
d4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:6E:AA:F0:87:41:17:BF:60:30:03:89:FD:67:ED:AD:2F:62:0A:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:e000::/40
Signature Algorithm: sha256WithRSAEncryption
76:9e:3b:d6:19:b6:ba:d6:6d:04:54:04:b2:e9:95:95:3e:95:
70:4f:d6:37:16:99:ab:94:bb:8a:9e:df:84:a3:cd:c4:da:41:
64:a7:bc:6c:4f:5f:b5:29:38:75:35:5b:95:c7:bf:66:2b:fd:
60:02:7f:9f:8e:27:37:2e:34:22:76:50:5b:a0:0b:e5:3d:37:
cb:cb:38:d5:91:64:67:dc:60:72:e6:aa:e6:06:4d:00:ae:c3:
83:1f:82:d1:c7:ae:f9:ff:a6:d8:a2:61:ca:36:39:bd:f9:d7:
ef:14:de:f2:55:d3:63:4e:37:60:8a:50:79:13:0c:79:c1:86:
aa:a0:24:3b:7d:99:6d:79:2f:97:d4:74:60:6e:25:73:64:25:
31:31:e3:74:f2:d8:1e:6f:22:ac:a1:26:59:81:8e:68:c7:98:
79:a8:9c:7b:f8:b7:3d:e6:0a:7a:f1:52:07:9f:a0:87:e7:e9:
50:5b:f1:16:d0:22:6a:95:17:ec:7a:b5:e4:ec:9c:f5:4b:7f:
85:26:85:95:09:47:36:80:0b:fa:4a:e2:b6:bc:96:7f:37:5f:
33:c5:64:a8:ed:36:40:b4:3a:43:85:63:47:fd:9b:e8:68:36:
55:c1:34:55:e0:d9:56:c7:e6:4c:c9:1f:49:09:c3:1a:98:41:
f2:92:93:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVOvCkYcoLIlNDglHhpkCWsD9USgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTMxODMwMzJaFw0yNTA2MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0MTIyYTVhZDczMmEyMDI0YTNiMzRiMjNiMGE5ZmRhYTIyYjA5NmVmZGFl
ZmY4OTBjMzc2MDNmYTAwMDdiNjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQBEts6F7brycv5CduA7x19RBYUQnpIspsMUj7PqrPOvGDeVYbw5Lw0YkkN
e/RZ7JTXIXIM4n0D//9EPbcZdNhjotRfDyTkET3z2kCDeWa0GdZDhfCs2Eli7iu5
mqJnEsjxitQ3GmSIfwSNTr5aFs5wjt/lPY+k05bZMHca3jGvldllVi5za4qWAkBr
QHRPJaWOujUYJFKcGPiRk8UiK1KwmSRt2UHzLdQbI3BczTKIfBY19m7r99W1EO9d
n0/lRvLdWhehbBuZxnvbimRiDkv23r/MzeMwMtNo9dNfpE9ZwVxwsj07McQTW0P4
3q/9Mo7buz9hTLaimtWuz54k1NMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBScbqrw
h0EXv2AwA4n9Z+2tL2IKBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDMxZDhlMjItYTM4NC00MTllLTkyMTgtMzJhODBjMGNlMGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hbg
MA0GCSqGSIb3DQEBCwUAA4IBAQB2njvWGba61m0EVASy6ZWVPpVwT9Y3FpmrlLuK
nt+Eo83E2kFkp7xsT1+1KTh1NVuVx79mK/1gAn+fjic3LjQidlBboAvlPTfLyzjV
kWRn3GBy5qrmBk0ArsODH4LRx675/6bYomHKNjm9+dfvFN7yVdNjTjdgilB5Ewx5
wYaqoCQ7fZlteS+X1HRgbiVzZCUxMeN08tgebyKsoSZZgY5ox5h5qJx7+Lc95gp6
8VIHn6CH5+lQW/EW0CJqlRfserXk7Jz1S3+FJoWVCUc2gAv6SuK2vJZ/N18zxWSo
7TZAtDpDhWNH/ZvoaDZVwTRV4NlWx+ZMyR9JCcMamEHykpOs
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:15 2025 by rpki-client