Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
File: ed0f44c7-c286-45c9-9156-5644f580ab41.roa (raw, json)
Hash identifier: 2t+8ihhGCvsbT6oD00O5O5PGEPZDbK/OySKKvwbyTlU=
Subject key identifier: 5D:C6:01:DD:EF:D2:EE:27:D6:E4:1E:03:A3:1A:FD:7A:EC:11:45:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 076F97F3E5578F2B959A7EBFD292B39310DB2A66
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
Signing time: Mon 16 Jun 2025 21:10:18 +0000
ROA not before: Mon 16 Jun 2025 21:10:18 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:6f:97:f3:e5:57:8f:2b:95:9a:7e:bf:d2:92:b3:93:10:db:2a:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:10:18 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=cfef78a59a70b652393adfe3399020f0dc5504172042e752c96425a5416c3511, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:22:91:0c:e0:73:0b:30:f0:18:50:2f:a5:f0:
18:92:ef:d5:f7:51:1a:a1:08:90:ef:45:2a:f4:90:
ea:5d:c8:15:c4:98:c4:fd:82:1b:83:3e:b2:3d:52:
70:ff:aa:2d:d7:cc:14:2c:60:f8:cc:76:f8:c6:7e:
38:9a:4c:81:98:d2:1d:ab:62:ba:ff:64:d7:37:3f:
59:37:37:30:c2:54:b9:51:28:4f:40:71:4a:54:6f:
3c:2b:89:c6:dd:59:48:51:28:72:5d:52:9e:97:99:
97:c3:02:23:85:11:c6:ee:b4:ef:03:a7:82:c5:52:
15:0c:b2:ae:0c:0e:9c:ac:a8:f7:db:b1:4d:bd:0b:
92:a9:5b:2c:cd:fc:d0:16:63:d4:f3:0e:c6:fd:5e:
5e:0f:3c:5f:95:aa:ad:6a:5e:28:c1:9d:75:fb:9b:
a6:ee:84:ff:e4:82:69:be:ee:41:96:12:72:ea:32:
ce:c1:d0:7f:83:75:ea:56:8e:a3:e5:dc:47:8c:01:
61:23:70:99:d0:34:10:01:26:41:41:53:17:62:d8:
1f:81:4e:ab:49:50:8c:3c:f6:c0:99:b7:f2:c4:3b:
92:29:da:38:84:72:c1:90:19:9a:30:39:cf:d4:f0:
89:44:b9:dd:a9:45:f0:d0:7b:18:4b:1c:3c:d5:1c:
11:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C6:01:DD:EF:D2:EE:27:D6:E4:1E:03:A3:1A:FD:7A:EC:11:45:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:b000::/40
Signature Algorithm: sha256WithRSAEncryption
78:3b:54:b6:83:d9:6d:65:52:3e:57:78:df:b4:17:cd:1a:06:
aa:b8:22:bc:a1:92:06:6a:cc:a0:e2:55:45:20:1b:49:43:c2:
c0:fa:65:e6:d7:ab:ed:54:b7:f6:96:bb:5a:0d:01:81:02:2a:
51:49:a4:34:fd:4f:2e:1d:0b:63:b5:c5:03:32:22:56:d5:57:
e5:6e:b8:f0:d9:57:b2:04:1e:23:12:73:5d:19:ba:bc:d3:9d:
ee:0d:11:c3:ea:f4:8c:80:db:21:11:e5:b2:ab:d6:98:d1:59:
d9:f5:aa:bd:8b:7e:33:db:19:20:06:c9:ee:e8:c6:20:c9:17:
2c:eb:89:5f:5c:cc:dd:e8:5a:aa:51:84:33:c3:46:67:aa:11:
6a:84:d1:a9:7f:51:cb:76:65:3d:b9:53:50:18:c2:2a:63:ca:
ff:5a:6e:60:bb:82:02:ec:ff:b4:67:fb:e6:84:18:d1:cb:59:
ec:d2:8c:98:3f:fa:13:65:b3:77:70:a0:cf:4f:71:64:ac:96:
5f:92:b2:a2:47:47:f2:83:ed:d5:1e:26:d7:99:91:59:10:5d:
05:9b:21:a0:e0:74:29:fa:ad:37:29:5c:14:be:c3:59:f5:eb:
bb:7a:6b:56:61:74:b6:d0:90:68:99:8d:f6:59:40:4f:2f:a6:
00:f5:c3:06
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUB2+X8+VXjyuVmn6/0pKzkxDbKmYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTEwMThaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmZWY3OGE1OWE3MGI2NTIzOTNhZGZlMzM5OTAyMGYwZGM1NTA0MTcyMDQy
ZTc1MmM5NjQyNWE1NDE2YzM1MTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8ikQzgcwsw8BhQL6XwGJLv1fdRGqEIkO9FKvSQ6l3IFcSYxP2CG4M+sj1S
cP+qLdfMFCxg+Mx2+MZ+OJpMgZjSHatiuv9k1zc/WTc3MMJUuVEoT0BxSlRvPCuJ
xt1ZSFEocl1SnpeZl8MCI4URxu607wOngsVSFQyyrgwOnKyo99uxTb0LkqlbLM38
0BZj1PMOxv1eXg88X5WqrWpeKMGddfubpu6E/+SCab7uQZYScuoyzsHQf4N16laO
o+XcR4wBYSNwmdA0EAEmQUFTF2LYH4FOq0lQjDz2wJm38sQ7kinaOIRywZAZmjA5
z9TwiUS53alF8NB7GEscPNUcEdUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRdxgHd
79LuJ9bkHgOjGv167BFFTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWQwZjQ0YzctYzI4Ni00NWM5LTkxNTYtNTY0NGY1ODBhYjQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fiw
MA0GCSqGSIb3DQEBCwUAA4IBAQB4O1S2g9ltZVI+V3jftBfNGgaquCK8oZIGasyg
4lVFIBtJQ8LA+mXm16vtVLf2lrtaDQGBAipRSaQ0/U8uHQtjtcUDMiJW1Vflbrjw
2VeyBB4jEnNdGbq8053uDRHD6vSMgNshEeWyq9aY0VnZ9aq9i34z2xkgBsnu6MYg
yRcs64lfXMzd6FqqUYQzw0ZnqhFqhNGpf1HLdmU9uVNQGMIqY8r/Wm5gu4IC7P+0
Z/vmhBjRy1ns0oyYP/oTZbN3cKDPT3FkrJZfkrKiR0fyg+3VHibXmZFZEF0FmyGg
4HQp+q03KVwUvsNZ9eu7emtWYXS20JBomY32WUBPL6YA9cMG
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:01:12 2025 by rpki-client