Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
File: b4bc5ce4-db80-4527-b720-60a744036322.roa (raw, json)
Hash identifier: 76kmQrbdwy0m7fra4VRqY2FJNQAmDSzlImkTw9CDWZc=
Subject key identifier: 74:1C:23:B3:9B:40:E3:D5:2F:7C:ED:9B:3A:7F:7B:D0:F8:6E:75:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E289CE8763245879BCA76AECBD6E567C9682002
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
Signing time: Fri 25 Apr 2025 19:50:16 +0000
ROA not before: Fri 25 Apr 2025 19:50:16 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:28:9c:e8:76:32:45:87:9b:ca:76:ae:cb:d6:e5:67:c9:68:20:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:50:16 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=08437f8681aed6c766b241300b18ab412330777f5ab98664326c1acaf1b0ecd0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:43:3b:51:c5:b7:8c:bc:4b:5b:c5:b9:88:ef:
59:c0:5b:50:e2:03:fd:a7:0b:bb:fa:b0:78:75:db:
e7:4b:f3:63:48:b6:93:c3:46:b4:d7:7c:bc:d9:fc:
ed:51:1a:79:2e:5e:44:50:1f:f5:c6:21:a5:a4:21:
b4:d8:01:59:1f:91:8f:eb:00:83:95:e9:d2:1b:54:
ba:c7:37:b7:64:d4:49:6e:69:13:f0:ac:7e:cc:ea:
70:8a:b4:39:ad:59:a9:e2:d6:81:ed:16:81:02:4d:
3e:26:54:71:7b:d8:6f:d6:73:27:76:21:24:ab:b3:
31:c4:fd:50:07:2c:10:45:de:43:90:26:12:e6:b3:
c8:4d:95:7e:08:75:5e:75:fd:e9:98:05:03:33:bd:
46:56:11:08:b2:1f:43:f5:c3:dd:72:3b:9d:19:3f:
ab:c0:66:3b:8b:76:89:24:5d:5f:b8:8b:bc:2c:4e:
3f:b7:65:f9:05:bb:20:64:e9:f0:ba:fc:f8:2f:72:
f1:e1:24:4b:19:a1:34:9a:e4:15:03:94:29:75:16:
1a:e1:89:05:5a:28:ad:c4:d9:01:9e:8d:72:ee:ed:
0c:f1:a0:3c:13:dc:f7:c1:b2:69:af:4b:52:d6:b1:
d8:3f:4b:78:e2:65:5c:13:8b:86:3c:24:7b:75:94:
ce:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:1C:23:B3:9B:40:E3:D5:2F:7C:ED:9B:3A:7F:7B:D0:F8:6E:75:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:b000::/40
Signature Algorithm: sha256WithRSAEncryption
8b:e1:42:82:b8:1a:bc:ca:ec:1a:d1:d3:76:86:9a:5a:6b:19:
dd:ff:5f:9a:9d:13:b6:ba:96:28:cd:87:c3:bb:a4:6b:71:43:
cb:ef:46:e3:25:0c:52:4d:da:ed:a1:e2:2f:7e:5c:01:c6:b8:
46:6c:f9:5d:87:bd:7d:a2:6f:a8:4f:6a:07:89:a7:23:09:df:
93:08:9d:d6:79:cc:f6:ee:36:61:5e:a4:82:a8:98:30:e1:51:
18:09:b0:0e:42:26:25:8c:76:c9:7e:98:7d:dc:c8:a3:8a:10:
8c:81:3a:d7:ac:f9:c8:50:ec:02:e4:60:75:35:af:8b:fc:cc:
82:35:3d:93:a5:fe:8d:f3:6a:c6:0f:9a:c3:2e:44:86:10:68:
b4:4f:45:b0:62:ed:59:1f:19:d8:43:04:fd:f5:a4:05:03:ce:
b6:f4:7e:09:ae:3f:ac:89:d4:dc:0e:b6:95:77:b5:2c:45:b4:
50:75:33:49:83:a0:79:98:51:e3:92:3a:49:dc:1f:90:b6:34:
4d:38:6c:b4:19:be:c7:fb:ff:56:91:49:8a:27:bc:f0:68:d4:
c8:14:86:95:9d:cb:95:de:0a:fa:fb:25:55:36:f0:c3:70:dd:
3f:49:17:85:d9:21:49:d1:32:60:5a:65:2c:48:08:1f:6c:7b:
b3:cd:9a:f0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbiic6HYyRYebynauy9blZ8loIAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUwMTZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4NDM3Zjg2ODFhZWQ2Yzc2NmIyNDEzMDBiMThhYjQxMjMzMDc3N2Y1YWI5
ODY2NDMyNmMxYWNhZjFiMGVjZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFDO1HFt4y8S1vFuYjvWcBbUOID/acLu/qweHXb50vzY0i2k8NGtNd8vNn8
7VEaeS5eRFAf9cYhpaQhtNgBWR+Rj+sAg5Xp0htUusc3t2TUSW5pE/CsfszqcIq0
Oa1ZqeLWge0WgQJNPiZUcXvYb9ZzJ3YhJKuzMcT9UAcsEEXeQ5AmEuazyE2Vfgh1
XnX96ZgFAzO9RlYRCLIfQ/XD3XI7nRk/q8BmO4t2iSRdX7iLvCxOP7dl+QW7IGTp
8Lr8+C9y8eEkSxmhNJrkFQOUKXUWGuGJBVoorcTZAZ6Ncu7tDPGgPBPc98Gyaa9L
Utax2D9LeOJlXBOLhjwke3WUzrcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR0HCOz
m0Dj1S987Zs6f3vQ+G510DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjRiYzVjZTQtZGI4MC00NTI3LWI3MjAtNjBhNzQ0MDM2MzIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6w
MA0GCSqGSIb3DQEBCwUAA4IBAQCL4UKCuBq8yuwa0dN2hppaaxnd/1+anRO2upYo
zYfDu6RrcUPL70bjJQxSTdrtoeIvflwBxrhGbPldh719om+oT2oHiacjCd+TCJ3W
ecz27jZhXqSCqJgw4VEYCbAOQiYljHbJfph93MijihCMgTrXrPnIUOwC5GB1Na+L
/MyCNT2Tpf6N82rGD5rDLkSGEGi0T0WwYu1ZHxnYQwT99aQFA8629H4Jrj+sidTc
DraVd7UsRbRQdTNJg6B5mFHjkjpJ3B+QtjRNOGy0Gb7H+/9WkUmKJ7zwaNTIFIaV
ncuV3gr6+yVVNvDDcN0/SReF2SFJ0TJgWmUsSAgfbHuzzZrw
-----END CERTIFICATE-----
Generated at Mon May 5 10:33:52 2025 by rpki-client