Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/060d4100-8917-4547-940a-7545ce6a0fcb.roa
File: 060d4100-8917-4547-940a-7545ce6a0fcb.roa (raw, json)
Hash identifier: PUsQP1FJ2dWKJ8KuDTL4w/7ZHEkOqDFqHxQ152zBSQk=
Subject key identifier: 44:20:35:93:56:7E:08:49:18:82:69:59:FF:98:87:7D:1D:95:1C:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F077C0894D88DD4DB7F4CFB93DE730C130AB293
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/060d4100-8917-4547-940a-7545ce6a0fcb.roa
Signing time: Mon 07 Jul 2025 18:20:18 +0000
ROA not before: Mon 07 Jul 2025 18:20:18 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:07:7c:08:94:d8:8d:d4:db:7f:4c:fb:93:de:73:0c:13:0a:b2:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:20:18 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=9ffc7b118cdf1ab894b647d01f5ffa913310482313ecec9376aa8a7f39a033d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2d:02:a4:58:fd:bd:98:61:fe:13:aa:41:c4:
0a:0d:8f:16:82:ad:45:77:a9:b9:0c:53:59:94:b6:
1c:6a:12:4b:75:ce:bb:51:de:39:ae:6b:96:aa:63:
7e:be:19:e6:c2:58:2b:90:41:7d:0f:50:7d:eb:96:
a3:8e:a1:2b:82:4a:f2:9e:b9:37:a7:08:6d:0d:b8:
94:7b:cb:da:59:9f:ec:ee:28:46:77:20:d8:6b:5f:
c5:57:33:20:a0:b5:c7:89:cc:67:61:39:e7:96:a5:
c5:20:de:09:71:c4:0c:bc:7b:14:10:38:e0:ef:a4:
0c:92:f8:0c:2b:ce:2f:d5:18:fc:de:d7:28:92:b6:
58:cd:3a:ad:b7:82:bd:8c:96:8e:e3:15:dd:c8:ba:
7a:30:c3:69:00:b3:f9:db:e6:3f:c5:cb:55:a4:99:
06:a8:05:e3:49:b5:41:f1:53:ab:43:1f:e0:17:9e:
c3:ff:11:1c:65:ef:2e:ff:9d:81:06:ff:24:b3:03:
8b:73:8f:33:71:e2:b8:8e:e4:ae:62:fb:ad:1a:51:
49:49:dd:44:e9:5a:74:55:82:5c:18:67:8d:4c:ff:
b4:ae:72:5d:f7:cf:51:17:80:8d:bc:75:78:9f:ad:
09:00:55:37:54:c3:cb:e5:67:a8:0f:08:25:0d:ef:
9d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:20:35:93:56:7E:08:49:18:82:69:59:FF:98:87:7D:1D:95:1C:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/060d4100-8917-4547-940a-7545ce6a0fcb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:880::/46
Signature Algorithm: sha256WithRSAEncryption
ba:ca:71:dd:29:39:de:4a:c3:c5:ea:ea:a5:3f:9c:70:84:d9:
80:e9:39:ff:9e:03:ea:d6:35:55:1c:c5:37:6d:42:4f:5e:be:
ed:ca:67:9b:d4:b2:f2:be:01:2a:35:04:5b:7b:29:28:13:0c:
05:c8:ad:73:89:11:c9:69:a2:ec:2c:62:65:d8:b5:01:d0:78:
c7:ae:19:13:28:6b:9d:9e:48:00:5b:1c:25:51:e1:cf:92:0a:
89:66:2d:b0:93:13:70:a2:79:1f:46:e8:9d:fd:42:5a:fc:50:
76:07:67:9d:9f:86:58:84:f8:10:38:32:09:6a:63:84:68:a3:
79:c9:d0:29:c3:6d:36:3b:22:02:53:5b:a9:ad:36:a0:14:75:
27:49:46:e2:11:2c:88:11:c3:bc:92:60:55:c8:23:09:ba:c9:
9d:6c:b2:ef:43:2e:f9:8a:c1:71:b2:f6:01:1b:6f:ca:ab:55:
0c:53:f0:ef:5e:35:c4:b9:8f:da:0b:9c:07:40:3b:83:86:0e:
91:ca:f7:f5:5c:4f:69:42:1e:7b:ef:93:c1:2e:61:a8:f2:0d:
f8:b4:2d:cf:71:61:f6:7c:87:14:8e:20:b1:f6:98:67:e2:9e:
1b:b8:dc:6a:9e:ff:1a:54:c2:c0:1a:9a:4f:94:b6:92:8c:93:
1e:95:7f:43
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDwd8CJTYjdTbf0z7k95zDBMKspMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIwMThaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmZmM3YjExOGNkZjFhYjg5NGI2NDdkMDFmNWZmYTkxMzMxMDQ4MjMxM2Vj
ZWM5Mzc2YWE4YTdmMzlhMDMzZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0tAqRY/b2YYf4TqkHECg2PFoKtRXepuQxTWZS2HGoSS3XOu1HeOa5rlqpj
fr4Z5sJYK5BBfQ9QfeuWo46hK4JK8p65N6cIbQ24lHvL2lmf7O4oRncg2GtfxVcz
IKC1x4nMZ2E555alxSDeCXHEDLx7FBA44O+kDJL4DCvOL9UY/N7XKJK2WM06rbeC
vYyWjuMV3ci6ejDDaQCz+dvmP8XLVaSZBqgF40m1QfFTq0Mf4Beew/8RHGXvLv+d
gQb/JLMDi3OPM3HiuI7krmL7rRpRSUndROladFWCXBhnjUz/tK5yXffPUReAjbx1
eJ+tCQBVN1TDy+VnqA8IJQ3vnUMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBREIDWT
Vn4ISRiCaVn/mId9HZUcMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDYwZDQxMDAtODkxNy00NTQ3LTk0MGEtNzU0NWNlNmEwZmNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HsI
gDANBgkqhkiG9w0BAQsFAAOCAQEAuspx3Sk53krDxerqpT+ccITZgOk5/54D6tY1
VRzFN21CT16+7cpnm9Sy8r4BKjUEW3spKBMMBcitc4kRyWmi7CxiZdi1AdB4x64Z
EyhrnZ5IAFscJVHhz5IKiWYtsJMTcKJ5H0bonf1CWvxQdgdnnZ+GWIT4EDgyCWpj
hGijecnQKcNtNjsiAlNbqa02oBR1J0lG4hEsiBHDvJJgVcgjCbrJnWyy70Mu+YrB
cbL2ARtvyqtVDFPw7141xLmP2gucB0A7g4YOkcr39VxPaUIee++TwS5hqPIN+LQt
z3Fh9nyHFI4gsfaYZ+KeG7jcap7/GlTCwBqaT5S2koyTHpV/Qw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:27 2025 by rpki-client