Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
File: 493f1269-3ba4-4dea-829a-985dda6749ee.roa (raw, json)
Hash identifier: E/Ae5RNIUbYe+jkbitP0piY7onk6recy8gLKuRQNMz4=
Subject key identifier: 21:73:E2:FD:FB:D1:2D:3D:36:48:91:C7:72:BB:FB:83:6E:81:8D:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46E612E71EFDE0A4F92F1A75FACAD4845C296C3E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
Signing time: Tue 20 May 2025 20:11:03 +0000
ROA not before: Tue 20 May 2025 20:11:03 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:e6:12:e7:1e:fd:e0:a4:f9:2f:1a:75:fa:ca:d4:84:5c:29:6c:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:03 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=338ad078cae6f1d5e83575e36a3b301a2573a1141d098479cf67ca50d65457f1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ae:aa:32:71:d6:a6:9a:93:39:12:e4:6e:77:
59:65:30:83:47:76:04:ed:48:0b:08:6c:40:19:c7:
36:eb:64:f0:6b:07:08:24:20:6c:f6:62:d3:1d:f7:
28:46:e8:e3:06:17:75:dc:d6:e9:20:e4:56:f5:13:
18:a3:15:7f:03:b7:01:7e:47:10:32:a4:ab:c0:d5:
1d:bf:ca:98:2f:03:a1:7d:dc:d4:fb:81:7d:c7:98:
26:c4:4b:69:15:73:07:76:72:df:67:79:f3:fb:c6:
37:f3:e8:87:39:bd:e7:81:7f:31:a5:4a:6c:9e:73:
b4:02:20:22:bc:eb:65:aa:13:2b:a9:d4:13:f3:37:
5c:ca:ee:79:bc:db:1b:e6:82:56:ed:cb:a0:04:4a:
a7:cc:56:b7:7e:9b:87:aa:8b:5b:59:0f:28:2f:94:
99:38:7b:ee:7b:f2:db:6b:9d:ff:c3:db:ee:4e:33:
7a:12:fd:76:e1:25:ed:e8:6e:02:6c:ed:0f:01:97:
c9:09:de:ad:a7:2c:66:2c:74:3e:55:ac:ab:a2:d0:
29:d1:6d:5c:23:4f:87:62:b7:d1:40:df:e4:ed:ff:
7b:a5:ae:9d:59:2c:d9:7d:ef:b7:52:2c:6a:9c:98:
89:7e:64:4c:cc:32:10:72:27:66:86:b3:c4:a7:5e:
78:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:73:E2:FD:FB:D1:2D:3D:36:48:91:C7:72:BB:FB:83:6E:81:8D:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075::/32
Signature Algorithm: sha256WithRSAEncryption
66:70:81:2a:d1:f1:53:4a:1a:73:2b:c8:3e:31:c5:59:d0:05:
44:4b:59:ed:b7:e7:9d:32:49:c3:b2:18:4c:12:d0:7b:8e:f0:
86:ac:8c:f0:9e:57:6a:d6:02:90:7e:47:8e:3f:1e:1e:04:78:
b6:95:0f:b8:dd:fb:c2:1a:ae:16:8a:34:70:11:27:22:2b:84:
ae:db:a5:c1:8d:15:29:49:8a:2e:be:71:6e:93:dc:d4:10:1d:
fa:82:ad:fe:76:0c:85:3f:02:96:e1:92:3b:46:6e:3c:0a:04:
5a:66:4e:09:23:5d:d3:4f:29:fe:8a:3e:b0:a7:6e:8e:65:ec:
f3:70:00:f2:47:c0:36:04:64:34:ee:d2:a8:d1:f5:ea:eb:df:
71:b9:47:da:df:a6:31:0d:0e:da:51:37:ec:10:09:4e:20:b8:
7b:16:b2:32:c2:5b:22:e1:77:f8:01:ac:c4:24:2d:48:f1:50:
a0:2d:d3:79:73:5f:27:b3:f7:f0:cc:59:9d:11:0c:be:84:7d:
8b:e2:6e:b3:1c:85:c8:16:aa:9d:91:b5:5d:2b:b2:ba:60:ae:
dd:a2:57:3b:f1:3c:cd:c2:eb:81:d9:08:c6:48:2c:76:c7:d9:
32:a9:12:cc:99:e4:c6:c9:38:7b:d6:43:f8:5b:34:dd:9f:22:
85:ba:75:3e
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIURuYS5x794KT5Lxp1+srUhFwpbD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMDNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzOGFkMDc4Y2FlNmYxZDVlODM1NzVlMzZhM2IzMDFhMjU3M2ExMTQxZDA5
ODQ3OWNmNjdjYTUwZDY1NDU3ZjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKOuqjJx1qaakzkS5G53WWUwg0d2BO1ICwhsQBnHNutk8GsHCCQgbPZi0x33
KEbo4wYXddzW6SDkVvUTGKMVfwO3AX5HEDKkq8DVHb/KmC8DoX3c1PuBfceYJsRL
aRVzB3Zy32d58/vGN/Pohzm954F/MaVKbJ5ztAIgIrzrZaoTK6nUE/M3XMruebzb
G+aCVu3LoARKp8xWt36bh6qLW1kPKC+UmTh77nvy22ud/8Pb7k4zehL9duEl7ehu
AmztDwGXyQneracsZix0PlWsq6LQKdFtXCNPh2K30UDf5O3/e6WunVks2X3vt1Is
apyYiX5kTMwyEHInZoazxKdeeD8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQhc+L9
+9EtPTZIkcdyu/uDboGN/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkzZjEyNjktM2JhNC00ZGVhLTgyOWEtOTg1ZGRhNjc0OWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HUw
DQYJKoZIhvcNAQELBQADggEBAGZwgSrR8VNKGnMryD4xxVnQBURLWe23550yScOy
GEwS0HuO8IasjPCeV2rWApB+R44/Hh4EeLaVD7jd+8IarhaKNHARJyIrhK7bpcGN
FSlJii6+cW6T3NQQHfqCrf52DIU/ApbhkjtGbjwKBFpmTgkjXdNPKf6KPrCnbo5l
7PNwAPJHwDYEZDTu0qjR9err33G5R9rfpjENDtpRN+wQCU4guHsWsjLCWyLhd/gB
rMQkLUjxUKAt03lzXyez9/DMWZ0RDL6EfYvibrMchcgWqp2RtV0rsrpgrt2iVzvx
PM3C64HZCMZILHbH2TKpEsyZ5MbJOHvWQ/hbNN2fIoW6dT4=
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:29 2025 by rpki-client