Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
File: f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa (raw, json)
Hash identifier: mhj/iQoghZyAF+WQswPcQQdiGkCLexALBYi8dlsjKNQ=
Subject key identifier: EB:81:F4:49:51:5E:6E:B3:FF:7B:93:A9:EA:31:6F:27:81:1B:04:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1AFDC066CDA79ADB14C63806D1288DF6BC169632
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
Signing time: Mon 12 May 2025 16:21:15 +0000
ROA not before: Mon 12 May 2025 16:21:15 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:fd:c0:66:cd:a7:9a:db:14:c6:38:06:d1:28:8d:f6:bc:16:96:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:21:15 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=b05fcaae46567a61af142a68a1cb5cb0b81ce6ee1e88d98ed2a0e79ce75e8264, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:21:51:b9:99:93:9f:74:69:79:84:c1:da:fc:
61:2d:51:2a:d4:81:48:10:bb:fe:0e:be:fe:34:e6:
c7:93:2a:af:b3:99:12:8a:36:49:be:56:87:05:5c:
a9:c5:0d:30:5f:61:85:48:15:41:92:38:52:85:12:
14:9c:fc:84:ee:0e:25:95:a1:37:58:e7:6f:1d:74:
91:2d:13:62:ae:e5:c7:4d:02:73:44:26:a1:1b:d7:
b3:55:f0:d4:21:17:0b:ed:eb:51:a1:b9:49:62:34:
12:28:6b:91:30:8e:99:ab:2b:39:23:a0:4e:89:b7:
a3:74:dd:35:70:6b:dd:01:3f:0d:9f:1a:5b:f2:b1:
ca:76:c7:72:ca:da:6b:85:10:2b:22:cc:14:a9:76:
b4:ac:b1:a0:74:99:e7:16:f6:db:b5:8e:42:13:0a:
79:5f:4e:77:d2:94:e6:a7:f1:4d:00:e7:cb:1b:f4:
7b:01:bb:81:13:ad:75:f8:b1:d0:3d:bf:7b:ee:58:
3f:93:23:0e:74:7d:e7:b5:6b:c1:60:a8:0e:7f:6d:
41:c7:d3:83:4c:5d:63:35:c4:2b:87:9d:82:1f:4b:
ce:7f:a5:99:68:cd:bb:d2:8a:ac:1b:80:1c:ae:5c:
40:a7:15:ef:ec:c9:91:a1:b1:5b:db:de:30:f1:f8:
14:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:81:F4:49:51:5E:6E:B3:FF:7B:93:A9:EA:31:6F:27:81:1B:04:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:e000::/40
Signature Algorithm: sha256WithRSAEncryption
9a:1f:df:81:5b:a9:21:9b:26:1c:cd:a2:8a:88:ea:90:32:40:
6a:1b:08:f7:81:b9:66:47:05:0c:13:49:9c:c9:82:04:86:fb:
48:c2:3e:1f:b9:54:d4:1c:01:27:6b:f4:83:c0:8b:75:d6:6b:
fd:54:a5:cb:3c:9a:dc:6d:dd:0f:8b:d8:e0:8a:c2:66:a5:a9:
2d:b1:02:38:89:35:f1:e1:41:de:5e:63:43:51:ef:f7:54:12:
4a:b2:6a:29:9a:b2:de:27:b7:da:1d:c3:99:2d:7d:26:05:ae:
b6:77:f2:7f:24:4a:5c:f8:ce:1e:d2:a2:e3:d0:a5:d5:f9:a0:
b8:ad:a1:03:39:9a:01:02:cd:37:0b:e2:d3:dc:9a:7f:6e:3d:
4d:5f:5b:94:d2:6f:35:19:24:22:2d:37:26:4f:a0:73:6b:77:
58:c6:ab:e2:51:2e:f2:f1:0a:31:5f:55:20:e6:df:70:2d:10:
7d:0f:85:8d:c0:4e:79:d9:1d:de:8b:53:ff:04:ea:8c:94:9c:
4c:bc:17:20:80:f0:22:a3:5e:41:f8:f7:1c:70:62:07:3d:ed:
1d:e3:fb:68:aa:a8:16:0c:0c:f6:cf:ee:06:aa:6d:2e:42:3d:
a9:38:d0:09:8c:f3:97:9a:88:56:05:8f:2b:1a:0e:74:17:33:
9f:7a:32:c4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGv3AZs2nmtsUxjgG0SiN9rwWljIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIxMTVaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwNWZjYWFlNDY1NjdhNjFhZjE0MmE2OGExY2I1Y2IwYjgxY2U2ZWUxZTg4
ZDk4ZWQyYTBlNzljZTc1ZTgyNjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYhUbmZk590aXmEwdr8YS1RKtSBSBC7/g6+/jTmx5Mqr7OZEoo2Sb5WhwVc
qcUNMF9hhUgVQZI4UoUSFJz8hO4OJZWhN1jnbx10kS0TYq7lx00Cc0QmoRvXs1Xw
1CEXC+3rUaG5SWI0EihrkTCOmasrOSOgTom3o3TdNXBr3QE/DZ8aW/KxynbHcsra
a4UQKyLMFKl2tKyxoHSZ5xb227WOQhMKeV9Od9KU5qfxTQDnyxv0ewG7gROtdfix
0D2/e+5YP5MjDnR957VrwWCoDn9tQcfTg0xdYzXEK4edgh9Lzn+lmWjNu9KKrBuA
HK5cQKcV7+zJkaGxW9veMPH4FBsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTrgfRJ
UV5us/97k6nqMW8ngRsEuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdjMTRjYjMtMjRkNS00ODkwLTg4ODktY2I3YzI2MzM4YTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDg
MA0GCSqGSIb3DQEBCwUAA4IBAQCaH9+BW6khmyYczaKKiOqQMkBqGwj3gblmRwUM
E0mcyYIEhvtIwj4fuVTUHAEna/SDwIt11mv9VKXLPJrcbd0Pi9jgisJmpaktsQI4
iTXx4UHeXmNDUe/3VBJKsmopmrLeJ7faHcOZLX0mBa62d/J/JEpc+M4e0qLj0KXV
+aC4raEDOZoBAs03C+LT3Jp/bj1NX1uU0m81GSQiLTcmT6Bza3dYxqviUS7y8Qox
X1Ug5t9wLRB9D4WNwE552R3ei1P/BOqMlJxMvBcggPAio15B+PcccGIHPe0d4/to
qqgWDAz2z+4Gqm0uQj2pONAJjPOXmohWBY8rGg50FzOfejLE
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:02 2025 by rpki-client