Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/47b4bd5c-c9b0-4a11-b3ca-d1275fd15ca9.roa
File: 47b4bd5c-c9b0-4a11-b3ca-d1275fd15ca9.roa (raw, json)
Hash identifier: FO5kCRDRwZvMpjbM/v0U6kr8yz6F3CIsI6Hvr5/F4s0=
Subject key identifier: 83:5D:F4:A5:37:38:72:03:18:05:8A:76:1F:D1:AE:88:27:79:DD:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B46C98E7880B677DB7577845E3C6763AA257297
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/47b4bd5c-c9b0-4a11-b3ca-d1275fd15ca9.roa
Signing time: Fri 25 Apr 2025 19:31:28 +0000
ROA not before: Fri 25 Apr 2025 19:31:28 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:40c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:46:c9:8e:78:80:b6:77:db:75:77:84:5e:3c:67:63:aa:25:72:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:31:28 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d997e909a8c1ad4d03a023e96d8b63454ddcddb8effbc9e8c22c1d59279fb273, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d0:99:0e:df:f6:3d:60:6c:5e:d6:1c:12:6f:
61:76:e7:1c:2b:c8:bf:58:77:a0:0f:a5:ba:90:fc:
6a:ef:3a:c6:84:dd:36:3f:00:82:2d:a0:4b:b5:6d:
e4:bc:96:fd:a8:d7:51:4e:cd:be:1c:19:bd:bd:d0:
13:97:51:68:9b:ce:43:2b:92:fe:30:0a:ba:de:29:
f3:71:b4:f9:fc:3e:4b:9f:d3:06:d4:a0:e1:d6:0d:
cc:86:7c:fa:13:32:14:cf:f7:67:0d:86:3e:90:da:
7e:99:e1:ec:83:54:35:bd:a2:53:c1:e4:21:52:74:
eb:d3:eb:c7:0c:6b:bc:2c:1e:9b:c5:6d:43:93:f2:
3d:44:da:5b:31:bb:fc:ff:a8:1d:1d:12:f5:cd:ec:
14:69:53:77:e4:da:8f:78:8b:4f:a4:d6:0a:98:c4:
24:d8:24:bb:cc:f7:8f:ad:8a:ad:9b:32:d3:f3:59:
c5:e8:68:82:bc:64:09:27:26:22:1d:2e:55:b1:5b:
ee:50:93:4a:b9:09:14:ca:a6:9b:26:6c:b8:50:ce:
8b:fd:44:51:0a:ca:0b:cf:21:67:e8:3a:03:46:04:
34:d5:37:71:8a:a4:6d:f1:9f:54:14:03:fa:98:0d:
02:09:0c:69:b4:26:52:d8:5a:ee:34:06:49:8a:4e:
a4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:5D:F4:A5:37:38:72:03:18:05:8A:76:1F:D1:AE:88:27:79:DD:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/47b4bd5c-c9b0-4a11-b3ca-d1275fd15ca9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:40c0::/46
Signature Algorithm: sha256WithRSAEncryption
06:85:fe:dc:b9:44:bd:df:1a:49:0a:5d:7b:07:37:0a:dd:3b:
c1:c4:4b:35:5d:f7:3f:f5:38:a4:67:c6:e6:a4:94:d0:40:75:
f0:7f:d4:cc:bc:28:24:88:05:35:40:d7:91:22:8d:c0:18:9a:
ee:75:b9:9a:3c:e8:af:f6:7e:3c:b9:1f:8d:96:4c:37:57:63:
90:aa:fa:64:1a:90:97:f4:81:cd:fc:cb:8a:c2:21:28:77:a4:
51:ca:c2:c2:b4:2b:c4:f1:aa:7e:f7:71:ed:14:b3:4f:64:23:
b6:77:ba:b0:55:92:9e:13:8a:7e:11:3b:3b:64:43:58:f1:4e:
74:1d:47:bd:9c:aa:ca:93:3f:f0:4f:7f:7b:70:a8:98:6c:18:
7d:c2:f2:12:fe:15:1c:ca:01:1d:08:43:d0:fb:d6:94:31:2d:
7c:5b:18:d0:94:59:d7:07:8e:10:cb:15:e3:54:f1:ef:fb:96:
f9:34:6d:c9:1b:47:72:45:38:c9:11:5d:9c:86:43:04:ec:ac:
cd:13:59:39:0d:a6:a2:70:37:e8:76:8f:c5:97:9a:95:b2:c9:
6a:73:25:c9:10:bd:7f:27:96:5a:ec:44:82:4a:23:f4:bb:ab:
09:1b:af:ae:4c:21:f9:67:2b:0b:a8:f7:ee:45:90:48:1b:38:
67:46:9b:0d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe0bJjniAtnfbdXeEXjxnY6olcpcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMxMjhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5OTdlOTA5YThjMWFkNGQwM2EwMjNlOTZkOGI2MzQ1NGRkY2RkYjhlZmZi
YzllOGMyMmMxZDU5Mjc5ZmIyNzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7QmQ7f9j1gbF7WHBJvYXbnHCvIv1h3oA+lupD8au86xoTdNj8Agi2gS7Vt
5LyW/ajXUU7NvhwZvb3QE5dRaJvOQyuS/jAKut4p83G0+fw+S5/TBtSg4dYNzIZ8
+hMyFM/3Zw2GPpDafpnh7INUNb2iU8HkIVJ069PrxwxrvCwem8VtQ5PyPUTaWzG7
/P+oHR0S9c3sFGlTd+Taj3iLT6TWCpjEJNgku8z3j62KrZsy0/NZxehogrxkCScm
Ih0uVbFb7lCTSrkJFMqmmyZsuFDOi/1EUQrKC88hZ+g6A0YENNU3cYqkbfGfVBQD
+pgNAgkMabQmUtha7jQGSYpOpCkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSDXfSl
NzhyAxgFinYf0a6IJ3ndSTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDdiNGJkNWMtYzliMC00YTExLWIzY2EtZDEyNzVmZDE1Y2E5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVA
wDANBgkqhkiG9w0BAQsFAAOCAQEABoX+3LlEvd8aSQpdewc3Ct07wcRLNV33P/U4
pGfG5qSU0EB18H/UzLwoJIgFNUDXkSKNwBia7nW5mjzor/Z+PLkfjZZMN1djkKr6
ZBqQl/SBzfzLisIhKHekUcrCwrQrxPGqfvdx7RSzT2Qjtne6sFWSnhOKfhE7O2RD
WPFOdB1HvZyqypM/8E9/e3ComGwYfcLyEv4VHMoBHQhD0PvWlDEtfFsY0JRZ1weO
EMsV41Tx7/uW+TRtyRtHckU4yRFdnIZDBOyszRNZOQ2monA36HaPxZealbLJanMl
yRC9fyeWWuxEgkoj9LurCRuvrkwh+WcrC6j37kWQSBs4Z0abDQ==
-----END CERTIFICATE-----
Generated at Mon May 5 10:33:26 2025 by rpki-client