Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf0cf493-d65d-4886-a341-bcbb40fbf10b.roa
File: bf0cf493-d65d-4886-a341-bcbb40fbf10b.roa (raw, json)
Hash identifier: tlv7uIgBkAGJBiqe3KQ3rQgjbRo9Ekuark2yH6MZ4p8=
Subject key identifier: 9F:0A:72:8F:75:9D:B7:E6:5D:04:4F:A3:73:23:68:33:54:56:9B:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 363AEDF0FE2776E02FAE711CDFDAA23E0E5BD5E1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf0cf493-d65d-4886-a341-bcbb40fbf10b.roa
Signing time: Wed 16 Apr 2025 19:22:26 +0000
ROA not before: Wed 16 Apr 2025 19:22:26 +0000
ROA not after: Wed 21 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:3a:ed:f0:fe:27:76:e0:2f:ae:71:1c:df:da:a2:3e:0e:5b:d5:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 16 19:22:26 2025 GMT
Not After : May 21 23:59:59 2025 GMT
Subject: serialNumber=5171246a3b634d7c72ed21e568a9dffd1e2d9e17695b579f2f83001192bd7e02, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c6:43:86:41:fd:23:d9:d6:ae:59:3a:2b:15:
54:b3:71:28:03:bd:39:f8:e3:61:52:0a:82:51:8c:
5b:3a:c4:17:70:53:28:4b:e3:5f:5b:81:7d:38:9d:
aa:8e:6e:12:d7:b3:82:11:23:cc:74:64:78:98:53:
fa:52:0d:b8:b5:89:65:3f:fa:3d:ad:6e:fc:0a:cb:
ec:14:87:35:64:ef:fb:61:36:d0:2b:35:cf:d2:9a:
83:31:76:58:26:09:4b:f6:58:37:19:c4:9f:e6:83:
64:4c:3a:e9:94:cd:8a:56:e8:f5:df:46:2c:e7:1c:
0a:9c:7a:69:0d:13:46:71:ed:27:a7:c4:20:63:33:
29:86:c8:c4:00:8e:83:e7:77:b4:61:08:63:c5:a0:
03:0e:da:f2:01:e7:1a:5f:0e:7b:d8:7b:7e:b3:7a:
47:19:e1:d7:57:4b:9c:0b:ed:1d:32:b4:48:bc:00:
0f:15:c4:86:e5:4b:1e:fa:7b:b8:a9:14:97:10:42:
7c:5e:30:c0:e5:fc:44:77:18:50:ad:1f:1a:d0:3d:
74:23:de:be:24:9e:51:bf:14:2c:aa:95:31:60:a3:
92:24:23:6f:19:fd:d5:45:84:c7:98:06:cd:4b:01:
c2:05:02:ec:a2:e9:88:f6:82:3d:32:6a:91:4d:a3:
9a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:0A:72:8F:75:9D:B7:E6:5D:04:4F:A3:73:23:68:33:54:56:9B:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf0cf493-d65d-4886-a341-bcbb40fbf10b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:4000::/40
Signature Algorithm: sha256WithRSAEncryption
25:d6:74:94:da:90:7a:00:73:59:54:f3:0f:53:63:91:4d:ee:
50:a1:7c:4e:9a:df:66:b6:62:46:06:57:76:f0:d9:54:bc:f9:
c0:55:27:af:43:47:b5:83:eb:e5:69:9f:43:68:b5:e1:8c:e3:
95:06:e5:03:e6:58:30:4a:65:d3:6c:da:70:f0:9e:54:e2:31:
f1:62:51:69:48:a4:99:dd:25:23:22:9c:5b:dc:ea:40:6e:4b:
17:e6:c4:89:d5:28:c3:99:e5:85:3e:79:a7:2e:83:e4:c2:70:
82:ce:11:b4:3f:bb:2a:0a:79:fb:24:7b:ff:b5:82:ea:fd:ce:
6a:ba:49:e9:83:50:5d:aa:9b:24:c3:8f:5e:de:92:0d:0b:75:
59:8b:65:17:a6:c4:89:e0:4a:2f:6a:a3:57:b9:50:bf:ea:b3:
b6:1b:2c:3c:47:24:88:06:fa:ca:5f:46:6a:44:32:a0:4d:f8:
a6:aa:d2:ab:fc:bc:48:46:ff:33:54:c2:d4:ac:54:f4:80:10:
14:c2:f5:53:15:3e:7a:3b:49:6a:a3:dd:71:66:0e:26:fa:47:
6c:b1:77:cc:aa:02:6d:57:dd:33:44:87:89:36:52:f1:ee:a9:
21:14:8d:92:fc:24:21:d6:8a:c5:b0:1f:a7:6d:ec:52:69:69:
91:4c:50:7e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNjrt8P4nduAvrnEc39qiPg5b1eEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTYxOTIyMjZaFw0yNTA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxNzEyNDZhM2I2MzRkN2M3MmVkMjFlNTY4YTlkZmZkMWUyZDllMTc2OTVi
NTc5ZjJmODMwMDExOTJiZDdlMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMbGQ4ZB/SPZ1q5ZOisVVLNxKAO9OfjjYVIKglGMWzrEF3BTKEvjX1uBfTid
qo5uEtezghEjzHRkeJhT+lINuLWJZT/6Pa1u/ArL7BSHNWTv+2E20Cs1z9KagzF2
WCYJS/ZYNxnEn+aDZEw66ZTNilbo9d9GLOccCpx6aQ0TRnHtJ6fEIGMzKYbIxACO
g+d3tGEIY8WgAw7a8gHnGl8Oe9h7frN6Rxnh11dLnAvtHTK0SLwADxXEhuVLHvp7
uKkUlxBCfF4wwOX8RHcYUK0fGtA9dCPeviSeUb8ULKqVMWCjkiQjbxn91UWEx5gG
zUsBwgUC7KLpiPaCPTJqkU2jmi8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSfCnKP
dZ235l0ET6NzI2gzVFab3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmYwY2Y0OTMtZDY1ZC00ODg2LWEzNDEtYmNiYjQwZmJmMTBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRA
MA0GCSqGSIb3DQEBCwUAA4IBAQAl1nSU2pB6AHNZVPMPU2ORTe5QoXxOmt9mtmJG
Bld28NlUvPnAVSevQ0e1g+vlaZ9DaLXhjOOVBuUD5lgwSmXTbNpw8J5U4jHxYlFp
SKSZ3SUjIpxb3OpAbksX5sSJ1SjDmeWFPnmnLoPkwnCCzhG0P7sqCnn7JHv/tYLq
/c5quknpg1Bdqpskw49e3pINC3VZi2UXpsSJ4EovaqNXuVC/6rO2Gyw8RySIBvrK
X0ZqRDKgTfimqtKr/LxIRv8zVMLUrFT0gBAUwvVTFT56O0lqo91xZg4m+kdssXfM
qgJtV90zRIeJNlLx7qkhFI2S/CQh1orFsB+nbexSaWmRTFB+
-----END CERTIFICATE-----
Generated at Mon May 5 18:42:28 2025 by rpki-client