Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
File: c6b4bacc-5824-4f9c-a10d-49f145db8549.roa (raw, json)
Hash identifier: ymAQq743WXKFgw9WWCAIbfj5+iaDACzAvveO/lG2F3A=
Subject key identifier: CD:97:B0:DB:3B:6D:C7:46:C2:2A:03:BD:50:86:02:57:0F:12:63:94
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52286EC26D96ADC9E5C4244F21FC28C35965EBFC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
Signing time: Wed 30 Apr 2025 00:10:15 +0000
ROA not before: Wed 30 Apr 2025 00:10:15 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02f::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:28:6e:c2:6d:96:ad:c9:e5:c4:24:4f:21:fc:28:c3:59:65:eb:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 30 00:10:15 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=32e5ce951b8c4e05b2d39542d286970b3fd5c3e5cf3e1149dcb775b77aa0e276, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b9:b0:b5:5c:de:f9:e7:44:83:da:83:da:6d:
3f:98:1f:a4:aa:b2:ac:5f:30:db:39:c4:d0:d3:79:
aa:d2:64:3c:ff:d4:f0:a2:aa:37:54:3a:9f:b9:67:
a4:13:b6:4a:cb:48:3c:ba:ed:4b:9f:3d:36:23:7a:
da:ef:41:21:c4:eb:77:0a:d9:56:69:a0:e5:ac:ba:
96:98:1d:b4:2f:66:ff:24:35:70:39:6f:58:55:eb:
51:41:78:52:a9:f0:49:b9:c2:fc:a8:ef:51:1e:ff:
b1:a9:ed:2f:0a:d5:7f:46:bb:2c:59:6f:dd:88:8b:
dc:49:9c:4c:f4:47:28:f1:0f:0a:cd:de:fd:2b:b4:
18:35:5e:e3:bc:53:e5:38:6d:08:c9:05:2b:21:d6:
ec:9e:67:6a:87:82:6c:c3:96:d0:00:1a:f7:86:6c:
af:01:c5:b1:13:77:44:fb:50:eb:55:ed:03:51:f9:
2b:d1:b5:a2:e8:99:76:12:e2:d3:33:3c:14:51:dc:
1a:f1:9a:2a:ff:46:a8:fd:7d:80:73:ec:c4:76:58:
df:b1:41:8c:09:69:08:9f:f3:40:97:93:a9:a3:3e:
c0:35:b4:de:91:e0:7e:12:ac:a1:20:02:26:ac:23:
ee:7e:38:00:42:8f:4b:bd:aa:9a:5a:bd:1d:87:a0:
72:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:97:B0:DB:3B:6D:C7:46:C2:2A:03:BD:50:86:02:57:0F:12:63:94
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02f::/36
Signature Algorithm: sha256WithRSAEncryption
4a:4b:e4:d3:f2:94:83:c3:36:f7:f4:85:51:92:e3:1d:fb:d9:
3e:ab:dc:c9:9f:7d:60:63:9a:3d:d1:5d:b8:ef:68:ad:ce:41:
7b:92:f7:fa:39:aa:8d:3e:bf:aa:1b:5e:1d:83:94:d4:d3:14:
39:6c:6a:16:cd:56:6d:91:5f:59:5b:f6:5f:a6:c8:6f:17:50:
52:77:81:c1:d6:5d:22:ef:7e:01:b5:1d:f2:6c:e6:fd:a2:f0:
57:98:ca:4f:d6:ea:f9:d1:b6:c6:80:a5:f2:2f:81:b8:e8:43:
ce:42:19:b0:df:b2:d7:c9:c6:e4:b6:6a:27:7c:03:26:a9:eb:
21:22:07:93:63:9b:09:f9:c7:69:30:3e:1b:12:3e:44:97:a1:
aa:c2:b9:56:f2:6d:73:37:1f:a6:74:fe:92:f5:0b:9a:ea:58:
9d:f1:0a:6b:5f:78:fa:ad:0e:64:07:40:16:8d:ce:24:02:5c:
94:39:bd:93:d9:a0:d7:2b:0b:23:60:4c:45:0a:4a:92:cf:90:
5d:91:39:38:41:b2:f7:e6:13:b7:79:2a:e0:a7:1f:0b:8d:49:
58:af:f6:81:18:38:f3:9c:e6:91:22:5d:bc:6c:ce:49:2f:a8:
91:e7:ea:7a:cb:11:b2:77:7b:08:ac:da:e3:5a:04:ed:60:ad:
7e:03:c4:84
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUihuwm2WrcnlxCRPIfwow1ll6/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MzAwMDEwMTVaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyZTVjZTk1MWI4YzRlMDViMmQzOTU0MmQyODY5NzBiM2ZkNWMzZTVjZjNl
MTE0OWRjYjc3NWI3N2FhMGUyNzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM25sLVc3vnnRIPag9ptP5gfpKqyrF8w2znE0NN5qtJkPP/U8KKqN1Q6n7ln
pBO2SstIPLrtS589NiN62u9BIcTrdwrZVmmg5ay6lpgdtC9m/yQ1cDlvWFXrUUF4
UqnwSbnC/KjvUR7/santLwrVf0a7LFlv3YiL3EmcTPRHKPEPCs3e/Su0GDVe47xT
5ThtCMkFKyHW7J5naoeCbMOW0AAa94ZsrwHFsRN3RPtQ61XtA1H5K9G1ouiZdhLi
0zM8FFHcGvGaKv9GqP19gHPsxHZY37FBjAlpCJ/zQJeTqaM+wDW03pHgfhKsoSAC
Jqwj7n44AEKPS72qmlq9HYegcucCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTNl7Db
O23HRsIqA71QhgJXDxJjlDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzZiNGJhY2MtNTgyNC00ZjljLWExMGQtNDlmMTQ1ZGI4NTQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C8A
MA0GCSqGSIb3DQEBCwUAA4IBAQBKS+TT8pSDwzb39IVRkuMd+9k+q9zJn31gY5o9
0V2472itzkF7kvf6OaqNPr+qG14dg5TU0xQ5bGoWzVZtkV9ZW/ZfpshvF1BSd4HB
1l0i734BtR3ybOb9ovBXmMpP1ur50bbGgKXyL4G46EPOQhmw37LXycbktmonfAMm
qeshIgeTY5sJ+cdpMD4bEj5El6GqwrlW8m1zNx+mdP6S9Qua6lid8QprX3j6rQ5k
B0AWjc4kAlyUOb2T2aDXKwsjYExFCkqSz5BdkTk4QbL35hO3eSrgpx8LjUlYr/aB
GDjznOaRIl28bM5JL6iR5+p6yxGyd3sIrNrjWgTtYK1+A8SE
-----END CERTIFICATE-----
Generated at Mon May 5 10:34:18 2025 by rpki-client