Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
File: d6931f13-0c44-4edc-b1b7-89dc8e035321.roa (raw, json)
Hash identifier: nVzLcqmEgRlfPZnGwTtiOpL2Y3Yl1nrODh6ioa29Aq8=
Subject key identifier: F0:C9:0A:F5:D7:FE:B6:DD:B9:8B:A4:2A:21:BE:49:BC:34:4A:03:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C46A8C8FEABB23CA21425C4817291E53C642855
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
Signing time: Tue 20 May 2025 20:11:25 +0000
ROA not before: Tue 20 May 2025 20:11:25 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:46:a8:c8:fe:ab:b2:3c:a2:14:25:c4:81:72:91:e5:3c:64:28:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:25 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b62e81f03066d033be20ebb6b41a4794678a9fcfab6260cf7709b824f6276d24, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:aa:f1:63:47:54:9b:de:24:03:bd:06:55:3b:
07:f6:23:3b:14:33:5b:fb:36:d4:1d:a9:4e:cc:96:
e9:53:8d:93:54:d7:d9:4d:23:fa:cf:53:6f:b1:cb:
3c:db:fe:07:55:a4:c4:bb:4e:e2:73:51:64:9b:3c:
f9:e6:ae:e6:45:57:09:fb:d3:1e:a4:c0:90:49:2a:
70:5e:fe:0b:26:2c:05:c7:da:4d:b0:85:bd:c0:e4:
45:65:74:a6:3d:40:01:eb:9f:3c:7a:f0:31:71:31:
17:ba:42:51:a9:42:d7:41:a4:db:19:0a:79:51:54:
e1:ff:b3:35:19:d5:f3:ac:d8:92:98:a8:1a:07:16:
5d:d9:83:fd:9c:4a:fb:f8:b3:4f:42:2f:74:24:4d:
0c:a6:22:09:6b:fc:76:38:a5:88:10:1a:1a:b6:e5:
14:21:95:fc:69:2a:6c:ea:44:ff:10:94:20:fa:df:
dd:7a:42:6a:ee:95:2a:35:e7:2e:4e:b1:43:d0:ab:
92:f0:df:f1:df:e1:ae:d9:38:69:c9:56:9e:4a:05:
25:37:9b:c1:0b:74:aa:3b:55:ca:86:bd:71:2d:fe:
6e:01:51:e9:db:d5:57:66:27:65:7f:47:95:c9:75:
8d:89:71:2d:9d:6c:39:46:78:d5:8a:22:3f:64:ea:
83:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C9:0A:F5:D7:FE:B6:DD:B9:8B:A4:2A:21:BE:49:BC:34:4A:03:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058::/32
Signature Algorithm: sha256WithRSAEncryption
75:ee:cd:d8:2a:f2:cd:aa:86:cc:ae:87:0a:f2:b8:b5:f7:fa:
69:44:01:d1:cc:a7:50:a5:c8:b0:89:cf:1b:a4:66:81:a8:17:
69:98:cb:5b:58:64:17:30:0d:29:fe:d0:d9:4e:f2:1c:4e:62:
e2:e2:02:16:e9:5c:09:9a:87:23:a9:81:be:c6:e9:0d:d1:7c:
30:01:9f:34:bf:4a:a3:f9:72:8a:67:24:90:dd:d0:73:d9:57:
7b:6c:a5:bd:64:86:ea:c8:13:6f:05:83:e5:8a:d6:86:2a:42:
08:47:de:a8:d3:d6:d8:0f:e1:05:bc:eb:87:de:9f:31:6a:7f:
a5:2f:8b:76:2b:23:85:d6:11:e3:5e:f5:70:9a:a2:c2:b9:8b:
39:c9:19:f1:44:e5:f8:68:81:11:14:65:bf:ef:c0:ee:b0:36:
60:57:87:e1:2f:de:5e:d7:b6:4b:de:5f:4d:e0:15:4d:62:5b:
83:9d:57:4a:0f:0a:7d:36:3c:12:25:f0:a4:26:51:5e:d5:ea:
3c:ed:86:90:0c:fe:9f:14:76:80:c2:c9:8e:27:af:39:4d:ab:
e0:ad:19:0b:5a:ee:04:84:7c:48:70:bb:86:f9:53:f6:51:40:
4d:e6:c8:5e:cc:cd:73:52:3c:5f:2a:00:63:f7:98:0d:a6:8e:
d2:95:c1:27
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUTEaoyP6rsjyiFCXEgXKR5TxkKFUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMjVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2MmU4MWYwMzA2NmQwMzNiZTIwZWJiNmI0MWE0Nzk0Njc4YTlmY2ZhYjYy
NjBjZjc3MDliODI0ZjYyNzZkMjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSq8WNHVJveJAO9BlU7B/YjOxQzW/s21B2pTsyW6VONk1TX2U0j+s9Tb7HL
PNv+B1WkxLtO4nNRZJs8+eau5kVXCfvTHqTAkEkqcF7+CyYsBcfaTbCFvcDkRWV0
pj1AAeufPHrwMXExF7pCUalC10Gk2xkKeVFU4f+zNRnV86zYkpioGgcWXdmD/ZxK
+/izT0IvdCRNDKYiCWv8djiliBAaGrblFCGV/GkqbOpE/xCUIPrf3XpCau6VKjXn
Lk6xQ9CrkvDf8d/hrtk4aclWnkoFJTebwQt0qjtVyoa9cS3+bgFR6dvVV2YnZX9H
lcl1jYlxLZ1sOUZ41YoiP2TqgysCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTwyQr1
1/623bmLpCohvkm8NEoDNjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDY5MzFmMTMtMGM0NC00ZWRjLWIxYjctODlkYzhlMDM1MzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Fgw
DQYJKoZIhvcNAQELBQADggEBAHXuzdgq8s2qhsyuhwryuLX3+mlEAdHMp1ClyLCJ
zxukZoGoF2mYy1tYZBcwDSn+0NlO8hxOYuLiAhbpXAmahyOpgb7G6Q3RfDABnzS/
SqP5copnJJDd0HPZV3tspb1khurIE28Fg+WK1oYqQghH3qjT1tgP4QW864fenzFq
f6Uvi3YrI4XWEeNe9XCaosK5iznJGfFE5fhogREUZb/vwO6wNmBXh+Ev3l7Xtkve
X03gFU1iW4OdV0oPCn02PBIl8KQmUV7V6jzthpAM/p8UdoDCyY4nrzlNq+CtGQta
7gSEfEhwu4b5U/ZRQE3myF7MzXNSPF8qAGP3mA2mjtKVwSc=
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:15 2025 by rpki-client