Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
File: fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa (raw, json)
Hash identifier: 2+Wcy3QQX7HwtHwMGnPZYZmZToOY7EuCPNnTaNuc39I=
Subject key identifier: 71:A2:FA:7A:27:C5:A9:3E:EE:4B:F2:DF:DD:23:BE:99:E3:BA:E3:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32B1603AC503979591F7E3E1AE850D097A655D0B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
Signing time: Fri 25 Apr 2025 18:41:39 +0000
ROA not before: Fri 25 Apr 2025 18:41:39 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 20:38:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:b1:60:3a:c5:03:97:95:91:f7:e3:e1:ae:85:0d:09:7a:65:5d:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:41:39 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=722d29e58233cca753613fa210f5fa7543fbde93929195524629bfb5068b916f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:36:3d:d1:a3:73:a8:f3:5b:54:c0:e9:28:df:
95:d5:2b:56:61:13:01:41:c2:8b:6b:9c:2c:db:d7:
2a:11:74:68:cf:0e:0a:e4:15:96:cf:49:75:ba:0a:
8a:7a:64:ac:c3:ba:2a:97:f0:f2:05:fc:50:28:69:
27:17:f2:58:10:a8:68:4a:47:94:91:b0:7b:ca:5e:
14:2a:69:1b:5d:3c:13:a8:5f:66:88:ba:32:28:81:
9c:79:c2:cd:44:8c:d7:95:9b:ca:f1:25:e8:b0:4b:
be:9c:3b:fe:32:ad:c7:ab:97:cb:02:c3:9c:1e:17:
96:be:a4:27:eb:a3:82:64:f0:c9:a4:fe:a8:02:28:
dd:91:03:9b:7c:27:92:1f:94:98:ba:3d:82:86:69:
54:0b:5c:52:1f:77:75:58:fa:00:be:a9:bd:65:39:
09:90:de:7b:2e:73:d9:76:90:e0:4f:14:6d:41:0a:
c5:45:6f:0a:47:2d:bc:01:d3:23:fb:b0:7b:9a:23:
2b:7e:2e:53:2d:96:8c:ea:d3:52:98:2a:5d:ba:b1:
8e:86:df:f7:dd:ec:22:55:e1:b6:21:ed:ca:c8:c0:
d9:b2:76:f0:98:43:09:ce:ca:5d:c6:b7:ad:f5:ac:
19:68:15:60:30:62:d7:22:ad:7a:fe:5e:e8:cf:29:
d3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A2:FA:7A:27:C5:A9:3E:EE:4B:F2:DF:DD:23:BE:99:E3:BA:E3:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:a9:ec:f7:8c:9f:55:84:0f:ad:44:9b:f1:4b:d0:3e:aa:85:
ba:3a:af:8c:b3:63:f8:45:db:60:32:d4:d2:0f:84:1f:a4:d3:
27:48:a8:fa:f2:7a:36:53:16:94:1b:fa:6a:af:4a:18:f7:23:
2e:48:5b:41:31:53:cf:1a:e0:c9:09:b9:56:2a:d0:2d:14:45:
9e:28:4e:2d:a6:dc:d0:69:bb:1a:be:b5:56:ac:47:26:5f:ce:
44:b8:0f:10:4b:22:72:47:1c:33:d6:50:ca:46:f3:b1:88:44:
09:b9:59:42:de:d3:97:8e:b4:a5:35:c0:61:20:3e:b5:dc:13:
ee:31:92:6e:73:d3:1d:e3:02:ba:43:22:3d:fe:79:a3:2d:58:
81:91:e2:a9:1e:8a:76:36:a4:21:ef:de:60:fb:46:44:ef:1a:
34:22:90:d2:df:dd:b0:66:63:89:9f:35:ac:16:b3:8d:f4:3b:
90:d1:48:60:d2:97:9c:91:35:79:26:8b:5f:65:85:a0:13:40:
86:97:37:41:a2:32:09:c9:4e:10:a4:08:0b:0d:86:84:2f:6d:
bd:25:68:b7:1c:78:76:23:e4:7b:1c:17:99:a4:9d:66:24:1e:
0c:c8:24:ca:a6:d7:3e:89:36:d7:0a:aa:3c:8a:62:32:6e:5e:
39:cb:14:1e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMrFgOsUDl5WR9+PhroUNCXplXQswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQxMzlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyMmQyOWU1ODIzM2NjYTc1MzYxM2ZhMjEwZjVmYTc1NDNmYmRlOTM5Mjkx
OTU1MjQ2MjliZmI1MDY4YjkxNmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANM2PdGjc6jzW1TA6SjfldUrVmETAUHCi2ucLNvXKhF0aM8OCuQVls9JdboK
inpkrMO6Kpfw8gX8UChpJxfyWBCoaEpHlJGwe8peFCppG108E6hfZoi6MiiBnHnC
zUSM15WbyvEl6LBLvpw7/jKtx6uXywLDnB4Xlr6kJ+ujgmTwyaT+qAIo3ZEDm3wn
kh+UmLo9goZpVAtcUh93dVj6AL6pvWU5CZDeey5z2XaQ4E8UbUEKxUVvCkctvAHT
I/uwe5ojK34uUy2WjOrTUpgqXbqxjobf993sIlXhtiHtysjA2bJ28JhDCc7KXca3
rfWsGWgVYDBi1yKtev5e6M8p0+cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRxovp6
J8WpPu5L8t/dI76Z47rjgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmMzY2YxZmYtMjA5ZC00NmY2LWE3ZGQtYTdiYTVkNWJmYmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DiA
MA0GCSqGSIb3DQEBCwUAA4IBAQDBqez3jJ9VhA+tRJvxS9A+qoW6Oq+Ms2P4Rdtg
MtTSD4QfpNMnSKj68no2UxaUG/pqr0oY9yMuSFtBMVPPGuDJCblWKtAtFEWeKE4t
ptzQabsavrVWrEcmX85EuA8QSyJyRxwz1lDKRvOxiEQJuVlC3tOXjrSlNcBhID61
3BPuMZJuc9Md4wK6QyI9/nmjLViBkeKpHop2NqQh795g+0ZE7xo0IpDS392wZmOJ
nzWsFrON9DuQ0Uhg0peckTV5JotfZYWgE0CGlzdBojIJyU4QpAgLDYaEL229JWi3
HHh2I+R7HBeZpJ1mJB4MyCTKptc+iTbXCqo8imIybl45yxQe
-----END CERTIFICATE-----
Generated at Thu May 8 00:54:09 2025 by rpki-client