Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1aeed91-7b62-4371-b8f3-245485e1bf21.roa
File: a1aeed91-7b62-4371-b8f3-245485e1bf21.roa (raw, json)
Hash identifier: 5IpqCmARZaITtTeq9vzDqsJw0qlQTlzNejO8kebe69M=
Subject key identifier: 74:5A:C3:88:A3:BB:1A:59:CD:13:2A:FE:42:5B:7D:92:48:E2:87:4D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5AA09427EB066691BFF9B6512F14B472F06E9DEF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1aeed91-7b62-4371-b8f3-245485e1bf21.roa
Signing time: Fri 25 Apr 2025 19:20:12 +0000
ROA not before: Fri 25 Apr 2025 19:20:12 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:e0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:a0:94:27:eb:06:66:91:bf:f9:b6:51:2f:14:b4:72:f0:6e:9d:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:20:12 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=2821ac52825f2cdbfc2cd90497f148955b404847f7f1a11c76711c6d54bb9804, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:06:7e:81:f2:64:c8:0a:5e:79:6f:dd:eb:55:
f3:63:4b:07:f1:56:34:9e:dd:93:bb:a2:9b:ad:cf:
a1:3e:cc:d4:63:ff:f2:95:c6:43:e0:d1:b6:e0:e6:
8d:db:f1:1f:99:e6:f6:99:c6:2a:49:b2:cd:2e:77:
90:fd:2f:56:8b:b4:74:17:1f:24:31:70:2b:2c:44:
69:9d:a6:fa:e6:a1:a3:b0:17:d8:8c:f7:d4:b3:3c:
27:fe:96:3e:17:5c:ae:32:f8:51:61:47:2f:7d:66:
4e:dd:0e:4f:a6:74:39:b5:9e:6b:ea:96:ce:31:0a:
de:79:33:fa:a4:ee:d8:17:11:64:1f:04:4d:f7:89:
6e:96:ff:ac:25:88:95:d5:00:e5:9a:4d:f2:db:7f:
e6:0d:ce:0a:d0:8c:46:6c:0c:bf:04:02:d2:06:2c:
dd:5d:2f:5f:d5:37:f7:7d:88:81:4a:38:6c:f0:81:
49:f8:76:af:61:99:11:b6:62:30:b9:a6:8e:ae:ea:
d1:d2:33:f2:62:e0:1f:56:18:57:27:1e:a8:ab:b8:
4a:12:b1:f8:e0:36:d0:8e:aa:26:4c:c5:42:22:a3:
c1:49:02:21:6f:a0:0a:26:cf:fa:07:e5:a2:a5:67:
0b:22:c2:fd:d1:23:83:b3:4e:24:b4:05:8c:7b:63:
a4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:5A:C3:88:A3:BB:1A:59:CD:13:2A:FE:42:5B:7D:92:48:E2:87:4D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1aeed91-7b62-4371-b8f3-245485e1bf21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:e0c0::/46
Signature Algorithm: sha256WithRSAEncryption
a3:72:5b:43:eb:a7:97:aa:35:6e:cd:cc:1f:86:c2:6d:c3:3b:
6b:6d:fb:91:15:f5:85:af:ba:eb:24:b2:90:d7:e1:88:d6:51:
45:7b:3c:29:06:f1:26:9a:13:52:57:d8:dd:1b:ac:ba:81:49:
51:27:a4:d0:a3:3b:04:b1:92:7c:5d:6c:f5:01:47:7d:07:43:
74:92:28:3c:01:20:db:76:40:10:75:87:4c:61:7d:4d:63:cd:
bd:b6:74:28:e4:39:a7:5e:e0:54:70:c8:88:38:7d:b1:fc:f1:
ff:f3:ee:5c:15:f3:be:20:85:73:77:62:4a:48:7d:66:e1:7b:
ca:94:30:45:05:88:9a:89:e2:c3:ce:7f:43:8d:02:48:d2:5b:
ce:72:8b:4c:e7:5e:36:9a:c5:97:fc:cf:2e:b3:79:b5:ab:29:
ed:58:c0:d3:78:64:20:de:08:fd:63:0b:11:86:72:33:45:97:
b5:4a:8e:1b:10:43:b2:e1:69:37:59:9c:69:88:70:18:cf:98:
0a:4e:7d:0f:02:bd:de:f5:10:5b:cd:ec:75:b6:b2:90:71:10:
89:1c:a8:55:b1:ca:cf:35:cb:a8:03:96:68:09:a9:34:c0:13:
c8:1b:71:cf:a0:2c:f3:70:cb:08:84:45:19:95:1e:ba:19:15:
8c:ae:7c:09
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWqCUJ+sGZpG/+bZRLxS0cvBune8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIwMTJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4MjFhYzUyODI1ZjJjZGJmYzJjZDkwNDk3ZjE0ODk1NWI0MDQ4NDdmN2Yx
YTExYzc2NzExYzZkNTRiYjk4MDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsGfoHyZMgKXnlv3etV82NLB/FWNJ7dk7uim63PoT7M1GP/8pXGQ+DRtuDm
jdvxH5nm9pnGKkmyzS53kP0vVou0dBcfJDFwKyxEaZ2m+uaho7AX2Iz31LM8J/6W
PhdcrjL4UWFHL31mTt0OT6Z0ObWea+qWzjEK3nkz+qTu2BcRZB8ETfeJbpb/rCWI
ldUA5ZpN8tt/5g3OCtCMRmwMvwQC0gYs3V0vX9U3932IgUo4bPCBSfh2r2GZEbZi
MLmmjq7q0dIz8mLgH1YYVyceqKu4ShKx+OA20I6qJkzFQiKjwUkCIW+gCibP+gfl
oqVnCyLC/dEjg7NOJLQFjHtjpMECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR0WsOI
o7saWc0TKv5CW32SSOKHTTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTFhZWVkOTEtN2I2Mi00MzcxLWI4ZjMtMjQ1NDg1ZTFiZjIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hvg
wDANBgkqhkiG9w0BAQsFAAOCAQEAo3JbQ+unl6o1bs3MH4bCbcM7a237kRX1ha+6
6ySykNfhiNZRRXs8KQbxJpoTUlfY3RusuoFJUSek0KM7BLGSfF1s9QFHfQdDdJIo
PAEg23ZAEHWHTGF9TWPNvbZ0KOQ5p17gVHDIiDh9sfzx//PuXBXzviCFc3diSkh9
ZuF7ypQwRQWImoniw85/Q40CSNJbznKLTOdeNprFl/zPLrN5tasp7VjA03hkIN4I
/WMLEYZyM0WXtUqOGxBDsuFpN1mcaYhwGM+YCk59DwK93vUQW83sdbaykHEQiRyo
VbHKzzXLqAOWaAmpNMATyBtxz6As83DLCIRFGZUeuhkVjK58CQ==
-----END CERTIFICATE-----
Generated at Mon May 5 10:50:42 2025 by rpki-client