Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
File: ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa (raw, json)
Hash identifier: E/XD5GUDhaK5iehQVqrOLSVkshOYPjON85aNBSvo0pU=
Subject key identifier: 65:36:37:E1:B0:82:AE:F4:4D:BE:A6:33:FD:F0:88:BA:38:85:60:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 584B2FEF9C35C99F4A488D2E409D1A517953A9CD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
Signing time: Mon 16 Jun 2025 21:20:36 +0000
ROA not before: Mon 16 Jun 2025 21:20:36 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:4b:2f:ef:9c:35:c9:9f:4a:48:8d:2e:40:9d:1a:51:79:53:a9:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:20:36 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=1f52c61fcfeab6a7154bd94f710b9e678007abeb7225786b0151909f2f5c733d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d7:3e:23:95:b0:bc:77:b9:bf:fd:c9:90:12:
54:8e:ed:17:f8:70:ec:3b:12:b0:dc:30:24:14:c2:
82:78:c8:80:4c:03:7c:ae:53:1f:d1:6d:38:61:bf:
45:5b:8a:a2:f9:ea:b9:bf:72:4e:54:1a:4b:bd:6d:
e4:ac:ed:ad:40:24:ea:e6:b8:59:f7:54:3f:e3:71:
28:a7:a6:ac:2c:9f:36:5f:24:ca:2b:b6:83:72:89:
4d:ef:7d:80:04:0d:36:74:93:97:33:a1:77:00:76:
42:ce:41:6e:36:64:ae:d6:61:49:f0:23:a0:4f:29:
3c:84:15:3c:d3:ef:de:9f:18:19:7c:3f:bd:fd:68:
fa:09:a6:5c:3b:c1:fd:2a:0c:f1:66:17:e9:50:81:
6d:c7:be:c9:f4:d1:a8:05:fe:6b:ca:42:3d:39:51:
d0:7e:58:8c:a0:77:13:28:33:0b:93:f2:de:9a:2e:
db:23:cd:20:79:98:75:fa:b8:1f:2d:92:5e:15:f8:
aa:27:e8:0f:f6:7b:b3:54:26:91:54:b1:7b:f7:74:
b0:70:b2:5d:cf:90:70:0b:81:97:26:62:95:8b:61:
6c:57:00:ea:56:ee:b7:14:e3:51:a7:44:a9:dd:4a:
0d:02:8f:17:1e:fa:ff:20:cc:d5:e8:d6:19:bb:75:
ea:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:36:37:E1:B0:82:AE:F4:4D:BE:A6:33:FD:F0:88:BA:38:85:60:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:5000::/40
Signature Algorithm: sha256WithRSAEncryption
c4:f1:58:5d:95:26:5d:be:da:3b:dc:ef:ea:d0:7a:45:5c:9a:
b3:11:46:7f:df:9f:fa:a8:2c:18:9a:3b:34:cf:fa:1a:30:36:
17:02:b4:75:38:a9:92:ad:b6:6f:3d:51:71:8c:3a:a6:5f:79:
69:7c:72:6f:7c:cc:36:80:2d:e3:b7:b4:c5:a9:3e:14:a0:e9:
ec:11:89:03:e8:63:59:60:4b:4f:a8:bb:13:84:93:a2:d0:14:
c4:fb:1c:67:54:22:0f:99:f4:d4:0c:19:fc:58:12:ac:76:90:
d1:c8:50:2e:a1:61:f5:15:cd:c7:dd:52:7b:2f:de:cd:22:d6:
92:25:26:49:2f:bc:13:b4:61:79:a0:99:46:69:95:38:81:9f:
2f:62:b2:bd:18:d7:67:fe:09:8d:6c:8b:8a:c1:f0:82:c6:79:
5e:d0:37:5d:c2:56:dc:0c:78:c3:a8:1a:44:8b:3a:67:00:e7:
12:45:d1:38:c6:14:fd:f7:ee:bb:e4:d4:5d:bb:9b:e2:82:ec:
13:2d:bd:63:a4:56:7a:17:d5:3f:a0:d9:7c:2e:58:a5:20:22:
d4:83:44:2c:31:ea:f4:28:22:94:64:ea:36:00:05:00:8e:79:
0e:cd:f7:bc:44:ec:7b:37:21:b6:9c:9a:a1:50:73:c6:a4:2f:
d3:5e:9e:dc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWEsv75w1yZ9KSI0uQJ0aUXlTqc0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIwMzZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmNTJjNjFmY2ZlYWI2YTcxNTRiZDk0ZjcxMGI5ZTY3ODAwN2FiZWI3MjI1
Nzg2YjAxNTE5MDlmMmY1YzczM2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXXPiOVsLx3ub/9yZASVI7tF/hw7DsSsNwwJBTCgnjIgEwDfK5TH9FtOGG/
RVuKovnqub9yTlQaS71t5KztrUAk6ua4WfdUP+NxKKemrCyfNl8kyiu2g3KJTe99
gAQNNnSTlzOhdwB2Qs5BbjZkrtZhSfAjoE8pPIQVPNPv3p8YGXw/vf1o+gmmXDvB
/SoM8WYX6VCBbce+yfTRqAX+a8pCPTlR0H5YjKB3EygzC5Py3pou2yPNIHmYdfq4
Hy2SXhX4qifoD/Z7s1QmkVSxe/d0sHCyXc+QcAuBlyZilYthbFcA6lbutxTjUadE
qd1KDQKPFx76/yDM1ejWGbt16o8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRlNjfh
sIKu9E2+pjP98Ii6OIVg9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWExMGRhYzUtMzJjZS00YWFmLTgyOTctZmZkMWRiYzg1MjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DpQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDE8VhdlSZdvto73O/q0HpFXJqzEUZ/35/6qCwY
mjs0z/oaMDYXArR1OKmSrbZvPVFxjDqmX3lpfHJvfMw2gC3jt7TFqT4UoOnsEYkD
6GNZYEtPqLsThJOi0BTE+xxnVCIPmfTUDBn8WBKsdpDRyFAuoWH1Fc3H3VJ7L97N
ItaSJSZJL7wTtGF5oJlGaZU4gZ8vYrK9GNdn/gmNbIuKwfCCxnle0DddwlbcDHjD
qBpEizpnAOcSRdE4xhT99+675NRdu5viguwTLb1jpFZ6F9U/oNl8LlilICLUg0Qs
Mer0KCKUZOo2AAUAjnkOzfe8ROx7NyG2nJqhUHPGpC/TXp7c
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:05:02 2025 by rpki-client