Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc8b1b19-8868-43a4-8d84-4c0b99202a0d.roa
File: fc8b1b19-8868-43a4-8d84-4c0b99202a0d.roa (raw, json)
Hash identifier: TK2jEf49K8Lc5zAOzBaNjq0RCA6CO7sTqFo605I77fw=
Subject key identifier: 95:81:CA:6F:B9:A2:5D:8C:D1:E7:D5:F1:FF:99:32:98:0F:98:02:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 159ACABEA95C0331EFA50C0E15823400E2424090
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc8b1b19-8868-43a4-8d84-4c0b99202a0d.roa
Signing time: Fri 25 Apr 2025 19:30:09 +0000
ROA not before: Fri 25 Apr 2025 19:30:09 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:9a:ca:be:a9:5c:03:31:ef:a5:0c:0e:15:82:34:00:e2:42:40:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:30:09 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=9fe9dac158bb8d780c725cc2d37c971610e0e1c81a901cd0444fa557f1882ef3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:95:be:ad:c5:da:49:ed:e9:7d:00:26:d0:56:
b3:ac:b7:0d:f8:63:18:06:1a:b5:71:99:19:16:64:
dd:fa:77:aa:59:25:06:f7:9d:6d:ec:f8:11:ef:05:
e3:70:02:e0:f1:ca:93:81:5a:e5:eb:3e:8f:55:dc:
59:55:97:cf:43:88:b6:86:20:8c:95:a1:de:c3:27:
b5:74:ab:f0:91:26:bf:ac:3a:52:de:5f:73:8e:65:
86:59:5d:9d:b1:ef:9a:07:4c:9d:38:7f:c9:0d:95:
b5:22:90:3b:a5:1c:95:e4:28:b0:91:38:f8:6a:ed:
21:f0:52:bc:24:03:e6:53:a2:cf:66:a9:d0:28:18:
74:cf:a5:21:7a:b0:4e:68:8a:30:bd:9f:99:ad:53:
46:bf:78:b1:a1:16:0e:f5:d5:00:2f:8e:ac:ee:d9:
e9:3f:54:e1:a0:9c:0a:91:1e:d0:f7:7f:76:f5:ff:
aa:77:42:c0:c3:77:b5:40:b0:47:d5:21:78:cf:98:
a0:f2:ac:2f:68:d1:19:45:be:06:0d:15:1f:bf:30:
48:80:00:1f:a0:8c:26:96:c4:2c:02:30:90:42:b1:
70:f3:f2:41:7c:13:ec:ec:99:66:a1:ab:6c:e9:0a:
3a:af:6a:3c:ed:20:32:e6:fe:3e:9c:67:0a:74:4f:
8e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:81:CA:6F:B9:A2:5D:8C:D1:E7:D5:F1:FF:99:32:98:0F:98:02:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc8b1b19-8868-43a4-8d84-4c0b99202a0d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:6000::/40
Signature Algorithm: sha256WithRSAEncryption
90:cd:d9:22:3e:28:f6:db:78:70:cc:f8:3e:76:8f:e7:8c:3c:
90:80:e7:85:56:b3:5b:30:62:37:21:a0:15:16:01:9e:f6:22:
3d:d1:7f:c0:bf:f1:9d:56:a4:64:9b:e2:c7:a4:f3:d9:e6:f5:
93:6e:81:aa:f2:cf:62:1a:4c:df:28:fb:ae:b9:90:f3:41:07:
18:02:7b:a4:6b:bc:95:0e:cb:82:cc:c0:66:1d:36:37:2e:fa:
b7:80:01:a6:14:fb:d5:a3:4c:7d:1a:e9:ed:8d:5c:f9:77:f7:
a2:3e:46:e7:60:fd:dc:ee:02:1a:9d:0f:cf:3f:d3:6d:6e:fa:
c4:ca:1d:8e:d2:43:75:77:d6:96:ba:86:f3:b9:43:c6:85:21:
01:5d:47:22:12:37:50:5f:2f:13:85:69:23:59:af:14:89:b5:
1c:d5:10:ed:af:10:e6:f8:4d:e5:9f:6c:c1:41:99:fe:11:45:
0b:5e:fd:ee:92:ab:a4:e2:da:77:91:7a:1a:af:e7:e6:92:ff:
06:0b:13:0f:33:28:90:a6:33:8c:89:ab:96:72:c6:2c:25:1a:
a8:6b:93:18:23:44:ae:2a:65:68:00:56:6a:ac:79:e3:29:e0:
df:27:ea:2f:fe:62:eb:52:dd:29:7b:40:c4:cd:fd:a8:0a:1b:
4c:85:59:2d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFZrKvqlcAzHvpQwOFYI0AOJCQJAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMwMDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmZTlkYWMxNThiYjhkNzgwYzcyNWNjMmQzN2M5NzE2MTBlMGUxYzgxYTkw
MWNkMDQ0NGZhNTU3ZjE4ODJlZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOVvq3F2knt6X0AJtBWs6y3DfhjGAYatXGZGRZk3fp3qlklBvedbez4Ee8F
43AC4PHKk4Fa5es+j1XcWVWXz0OItoYgjJWh3sMntXSr8JEmv6w6Ut5fc45lhlld
nbHvmgdMnTh/yQ2VtSKQO6UcleQosJE4+GrtIfBSvCQD5lOiz2ap0CgYdM+lIXqw
TmiKML2fma1TRr94saEWDvXVAC+OrO7Z6T9U4aCcCpEe0Pd/dvX/qndCwMN3tUCw
R9UheM+YoPKsL2jRGUW+Bg0VH78wSIAAH6CMJpbELAIwkEKxcPPyQXwT7OyZZqGr
bOkKOq9qPO0gMub+PpxnCnRPjp0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSVgcpv
uaJdjNHn1fH/mTKYD5gCejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM4YjFiMTktODg2OC00M2E0LThkODQtNGMwYjk5MjAyYTBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Htg
MA0GCSqGSIb3DQEBCwUAA4IBAQCQzdkiPij223hwzPg+do/njDyQgOeFVrNbMGI3
IaAVFgGe9iI90X/Av/GdVqRkm+LHpPPZ5vWTboGq8s9iGkzfKPuuuZDzQQcYAnuk
a7yVDsuCzMBmHTY3Lvq3gAGmFPvVo0x9GuntjVz5d/eiPkbnYP3c7gIanQ/PP9Nt
bvrEyh2O0kN1d9aWuobzuUPGhSEBXUciEjdQXy8ThWkjWa8UibUc1RDtrxDm+E3l
n2zBQZn+EUULXv3ukquk4tp3kXoar+fmkv8GCxMPMyiQpjOMiauWcsYsJRqoa5MY
I0SuKmVoAFZqrHnjKeDfJ+ov/mLrUt0pe0DEzf2oChtMhVkt
-----END CERTIFICATE-----
Generated at Mon May 5 20:59:12 2025 by rpki-client