Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
File: fad76837-d6e1-4885-9781-3088c0b0c06c.roa (raw, json)
Hash identifier: nJjKIA9UxoouMbqpl+yaSUNQnUN7+53+BpkXfbb9lRg=
Subject key identifier: 32:CC:F8:7C:37:88:FA:F2:21:96:7D:C0:43:7E:0C:AB:61:F9:9D:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: FB5A4C2B64A59958B9D841ACF8AAB2DC176329
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
Signing time: Fri 23 May 2025 00:40:52 +0000
ROA not before: Fri 23 May 2025 00:40:52 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
fb:5a:4c:2b:64:a5:99:58:b9:d8:41:ac:f8:aa:b2:dc:17:63:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:52 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=e5cf005223aa95ef56b37da46f9c39b26b0177f6866d72e40779b9f9e5775e36, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:44:6d:b3:b3:ac:08:35:b6:90:9c:57:ae:00:
b3:00:c0:ba:19:f4:74:20:12:b2:23:78:9f:94:ef:
59:66:c4:7c:27:90:da:de:12:b2:e9:fe:aa:60:6f:
14:1e:66:5f:57:4d:ab:b3:47:0f:a1:0e:85:46:33:
4c:0b:47:bf:e7:14:74:f1:ff:39:0c:97:55:9a:cc:
0e:e7:02:65:0d:1e:87:bd:5a:07:66:ec:94:9e:9a:
19:18:d1:c7:26:2b:c7:16:27:fc:1a:2d:a8:d7:62:
3d:44:e6:1c:6d:5b:9f:84:a3:4d:bb:d8:0a:36:d2:
06:96:09:f5:e9:56:48:95:fc:1d:9d:f0:0b:c0:bb:
b2:e6:37:3e:ae:78:82:4c:20:d9:ae:5b:32:2b:55:
08:f5:84:a9:45:b7:a0:fe:51:23:67:f1:46:65:2e:
ce:75:ed:b0:e7:eb:76:91:c8:11:17:02:7d:2d:e6:
e0:c9:bb:3e:7d:41:06:2b:cb:ed:48:34:d9:e6:41:
ba:8a:a4:4a:bf:34:15:ac:95:d9:44:e1:8a:27:2c:
a4:53:d0:94:de:2e:5f:2c:54:82:dc:05:91:7f:fb:
0b:03:6d:f0:7c:48:8d:98:01:9e:3e:e4:2f:5e:2b:
6f:0e:62:a9:7e:10:f4:5f:78:f5:ba:55:02:e3:34:
99:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:CC:F8:7C:37:88:FA:F2:21:96:7D:C0:43:7E:0C:AB:61:F9:9D:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:6000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:4d:e2:e6:8c:11:6a:9f:60:6b:d6:1f:d1:cd:e3:c7:9a:e9:
e2:d1:f3:b3:6b:39:3a:7b:1d:7e:4e:1e:59:5f:f0:0f:e3:44:
d0:14:2e:c0:9f:95:55:06:7c:35:c3:94:55:62:95:c9:bd:db:
24:80:13:a7:0a:e7:8d:58:d8:5f:bb:a1:56:ef:56:01:4d:f2:
9a:17:d3:3d:82:3a:86:e9:65:9c:e5:07:4f:f0:12:b7:e9:0d:
55:c8:f3:5c:6e:5a:4a:35:db:52:46:d4:eb:56:a4:67:4c:c3:
fb:67:c0:45:b5:fc:fc:3c:40:b4:8d:10:e3:79:0d:d0:94:20:
6a:7b:69:1e:75:62:75:ac:c5:2b:6e:3a:85:19:43:05:d4:f8:
8a:55:e2:52:d3:f6:bb:a7:96:6d:f4:ab:3b:39:37:63:cb:e4:
8b:56:36:04:ef:09:3f:0f:2a:9b:95:f4:ab:d7:76:c3:f9:e4:
0e:4a:d8:0e:92:48:e9:a3:50:fe:6d:c3:88:c1:f4:e8:5b:b8:
df:d8:d3:1d:4c:cc:69:67:f9:ca:0c:ee:cc:2f:ba:f5:df:b6:
d0:e6:1b:16:5f:91:6b:45:75:2d:36:d4:37:ac:56:c9:b4:35:
51:0f:9a:7d:9b:a9:06:3b:ea:b8:eb:84:9f:4c:6a:44:ab:0e:
57:41:c5:56
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAPtaTCtkpZlYudhBrPiqstwXYykwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwNTJaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1Y2YwMDUyMjNhYTk1ZWY1NmIzN2RhNDZmOWMzOWIyNmIwMTc3ZjY4NjZk
NzJlNDA3NzliOWY5ZTU3NzVlMzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBEbbOzrAg1tpCcV64AswDAuhn0dCASsiN4n5TvWWbEfCeQ2t4Ssun+qmBv
FB5mX1dNq7NHD6EOhUYzTAtHv+cUdPH/OQyXVZrMDucCZQ0eh71aB2bslJ6aGRjR
xyYrxxYn/BotqNdiPUTmHG1bn4SjTbvYCjbSBpYJ9elWSJX8HZ3wC8C7suY3Pq54
gkwg2a5bMitVCPWEqUW3oP5RI2fxRmUuznXtsOfrdpHIERcCfS3m4Mm7Pn1BBivL
7Ug02eZBuoqkSr80FayV2UThiicspFPQlN4uXyxUgtwFkX/7CwNt8HxIjZgBnj7k
L14rbw5iqX4Q9F949bpVAuM0mSUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQyzPh8
N4j68iGWfcBDfgyrYfmd4TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmFkNzY4MzctZDZlMS00ODg1LTk3ODEtMzA4OGMwYjBjMDZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dhg
MA0GCSqGSIb3DQEBCwUAA4IBAQA8TeLmjBFqn2Br1h/RzePHmuni0fOzazk6ex1+
Th5ZX/AP40TQFC7An5VVBnw1w5RVYpXJvdskgBOnCueNWNhfu6FW71YBTfKaF9M9
gjqG6WWc5QdP8BK36Q1VyPNcblpKNdtSRtTrVqRnTMP7Z8BFtfz8PEC0jRDjeQ3Q
lCBqe2kedWJ1rMUrbjqFGUMF1PiKVeJS0/a7p5Zt9Ks7OTdjy+SLVjYE7wk/Dyqb
lfSr13bD+eQOStgOkkjpo1D+bcOIwfToW7jf2NMdTMxpZ/nKDO7ML7r137bQ5hsW
X5FrRXUtNtQ3rFbJtDVRD5p9m6kGO+q464SfTGpEqw5XQcVW
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:10 2025 by rpki-client