Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
File: bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa (raw, json)
Hash identifier: uled6t+ZwmGpRJBrO0UUTorwyUxsiSACLgw+KBnl7Ig=
Subject key identifier: C6:76:9A:C0:DD:81:60:E5:0B:84:A1:B1:28:D6:82:94:36:E6:27:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50F4E1D40165DE86BC07C55CC6EBF88A97F0171E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
Signing time: Mon 16 Jun 2025 20:01:18 +0000
ROA not before: Mon 16 Jun 2025 20:01:18 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:f4:e1:d4:01:65:de:86:bc:07:c5:5c:c6:eb:f8:8a:97:f0:17:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:01:18 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=6f05b8219e6ba1f60c265354e30dc1eaa35e628289f958c88637154a989dfa68, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:86:34:ed:52:63:3f:34:5e:a7:b1:8a:48:e3:
ac:58:03:a8:6b:82:18:0a:90:65:24:3e:15:98:6a:
6b:ac:bc:db:b5:d0:01:27:13:19:d7:82:f0:fb:76:
26:2e:a7:3a:47:0a:88:d3:65:81:11:ba:09:58:84:
45:37:e4:4a:55:05:6b:db:f2:e2:8d:75:bc:fd:be:
cd:3b:4e:7d:4f:8b:2e:b4:73:eb:e0:3c:08:94:0e:
35:bc:49:81:4a:c0:df:c0:be:5a:0a:34:1d:a6:5a:
d2:da:82:ce:83:80:e8:a3:7a:c5:48:6a:35:2e:6c:
24:bf:b2:20:48:12:19:29:e9:7b:04:5f:c4:a5:bf:
13:1e:8a:89:e5:7f:3b:aa:b8:f8:ad:e5:1d:70:30:
50:95:a3:86:7f:ca:c3:13:a3:98:86:4d:e5:70:88:
fb:5e:c5:58:21:78:f8:8a:39:05:11:e2:da:32:05:
92:8c:20:e9:21:b2:7e:50:ea:f6:d2:78:b4:04:13:
44:9b:61:ca:e0:65:3e:87:aa:49:bc:ca:21:c8:a3:
32:81:1c:9e:e0:8d:4b:e2:0d:0f:3f:37:d7:f2:13:
fb:15:87:fd:1a:4f:34:a0:ab:78:89:f0:2c:c7:8d:
27:9c:65:65:aa:2a:3d:25:cb:39:82:4e:09:f8:4d:
51:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:76:9A:C0:DD:81:60:E5:0B:84:A1:B1:28:D6:82:94:36:E6:27:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4020::/48
Signature Algorithm: sha256WithRSAEncryption
40:2b:bb:50:a7:10:0c:f2:4b:3b:89:f8:73:b3:ab:86:ec:59:
e7:2b:17:3a:a6:69:00:94:99:ba:d1:5e:a8:58:48:59:7a:88:
be:05:42:14:9d:cc:c2:21:1d:38:67:32:0e:d3:82:e0:ce:b6:
75:85:f7:54:8e:9f:9b:e6:06:c9:6c:9c:71:fa:52:23:01:e9:
86:91:9f:f3:70:82:3a:47:69:cf:ea:6d:e2:10:03:86:4c:71:
4f:65:2d:b4:a8:07:50:e3:01:57:e3:48:09:07:d5:49:d8:95:
97:de:db:ba:a4:f9:63:4a:da:a4:26:aa:6a:fc:9c:c8:0b:e2:
97:52:d3:eb:a3:51:5d:f9:98:b9:d1:ed:4d:4a:b9:c2:04:52:
08:e5:d1:ed:86:5f:2f:4c:89:c8:31:08:f5:02:65:ca:3a:22:
85:9f:6c:79:7a:7b:21:02:61:3a:a2:75:dc:dd:eb:59:b2:82:
60:30:c5:94:1f:4e:10:96:d8:8e:ab:a9:9a:a6:3b:67:dc:ac:
b8:e8:d1:7f:b5:21:83:0f:d8:8a:ed:63:52:e9:48:01:f6:92:
2c:2e:f0:61:52:fa:74:c5:8c:b5:ac:a6:20:4d:f4:f7:f5:77:
f1:82:44:19:41:d1:3a:ca:9d:a9:07:e5:64:6d:2c:d6:ff:d8:
e6:8b:ce:d3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUPTh1AFl3oa8B8Vcxuv4ipfwFx4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAxMThaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmMDViODIxOWU2YmExZjYwYzI2NTM1NGUzMGRjMWVhYTM1ZTYyODI4OWY5
NThjODg2MzcxNTRhOTg5ZGZhNjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCGNO1SYz80XqexikjjrFgDqGuCGAqQZSQ+FZhqa6y827XQAScTGdeC8Pt2
Ji6nOkcKiNNlgRG6CViERTfkSlUFa9vy4o11vP2+zTtOfU+LLrRz6+A8CJQONbxJ
gUrA38C+Wgo0HaZa0tqCzoOA6KN6xUhqNS5sJL+yIEgSGSnpewRfxKW/Ex6KieV/
O6q4+K3lHXAwUJWjhn/KwxOjmIZN5XCI+17FWCF4+Io5BRHi2jIFkowg6SGyflDq
9tJ4tAQTRJthyuBlPoeqSbzKIcijMoEcnuCNS+INDz831/IT+xWH/RpPNKCreInw
LMeNJ5xlZaoqPSXLOYJOCfhNUW8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTGdprA
3YFg5QuEobEo1oKUNuYnmTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmY1NDA0YzItYmNiZS00ZGY0LTg2Y2UtNzJjZWIwNjdmNjY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
IDANBgkqhkiG9w0BAQsFAAOCAQEAQCu7UKcQDPJLO4n4c7OrhuxZ5ysXOqZpAJSZ
utFeqFhIWXqIvgVCFJ3MwiEdOGcyDtOC4M62dYX3VI6fm+YGyWyccfpSIwHphpGf
83CCOkdpz+pt4hADhkxxT2UttKgHUOMBV+NICQfVSdiVl97buqT5Y0rapCaqavyc
yAvil1LT66NRXfmYudHtTUq5wgRSCOXR7YZfL0yJyDEI9QJlyjoihZ9seXp7IQJh
OqJ13N3rWbKCYDDFlB9OEJbYjqupmqY7Z9ysuOjRf7Uhgw/Yiu1jUulIAfaSLC7w
YVL6dMWMtaymIE309/V38YJEGUHROsqdqQflZG0s1v/Y5ovO0w==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:56:49 2025 by rpki-client