Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c150fc-dcb5-402c-9bf0-5a46c2b58d35.roa
File: 11c150fc-dcb5-402c-9bf0-5a46c2b58d35.roa (raw, json)
Hash identifier: JL8XMMkgh/pAI8mwc+Zvd6A5Shz6CVnGl9ceBLsK3X0=
Subject key identifier: 48:D3:61:7D:F7:AA:27:1B:D8:2D:C0:4D:F6:E6:B4:D8:D9:C6:03:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A79B13F8E8F3B7963BB4E3C85C3BED91D3CE442
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c150fc-dcb5-402c-9bf0-5a46c2b58d35.roa
Signing time: Fri 11 Jul 2025 20:50:11 +0000
ROA not before: Fri 11 Jul 2025 20:50:11 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:79:b1:3f:8e:8f:3b:79:63:bb:4e:3c:85:c3:be:d9:1d:3c:e4:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:50:11 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=684ab3cfbeed94bb13fec725a4a541de675af3329b48ed4fd042bfc8806ba169, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4d:2f:c1:87:59:a6:9f:02:c7:06:e4:7a:66:
0d:a3:48:66:01:74:57:1d:40:35:77:38:ae:24:c1:
26:22:0a:17:cb:4f:d6:d6:e7:88:b8:f4:aa:47:82:
56:64:c2:f0:b3:4a:06:41:9c:be:24:da:93:10:a7:
e6:32:a5:c7:a8:1b:d0:df:12:bd:8a:c4:3e:76:4b:
e1:ca:b7:e7:60:f0:e9:83:b7:6c:f3:92:ee:6b:24:
ef:5c:0c:3f:46:c2:d5:51:44:74:8b:4d:20:7b:9a:
15:65:de:25:f8:c3:f8:0f:a2:ff:a2:8d:ed:ff:c5:
a4:54:46:cd:5d:32:0e:42:1a:b9:b8:bb:93:82:93:
58:b8:fb:2a:64:79:05:fd:f8:e9:35:57:b5:33:28:
87:c0:e8:53:c5:ac:c9:e2:c6:33:9d:cf:01:e5:40:
f5:02:69:4f:82:e2:45:ad:5d:d2:5d:d4:c0:27:1b:
9e:2f:05:a0:84:3b:57:b8:f7:b4:62:2c:83:dc:3c:
e2:e3:91:96:a2:a6:97:44:14:d5:d5:20:dd:f8:cd:
55:8a:5e:5b:40:d5:ef:11:3e:b5:21:7b:36:56:38:
cd:c2:c2:8f:f0:bf:8e:3a:8e:c4:e2:bd:05:84:38:
0f:e4:4c:98:a4:31:dd:5c:61:94:ff:7d:49:fd:2f:
97:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:D3:61:7D:F7:AA:27:1B:D8:2D:C0:4D:F6:E6:B4:D8:D9:C6:03:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c150fc-dcb5-402c-9bf0-5a46c2b58d35.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b:800::/37
Signature Algorithm: sha256WithRSAEncryption
1d:fa:79:c4:e0:2e:8f:32:05:2e:f0:cd:5b:94:d3:fc:3b:21:
d5:eb:09:1a:f5:4c:b3:30:ab:3b:40:ca:3d:19:22:da:c3:82:
d7:b6:8c:b5:60:81:48:cc:94:5d:fb:da:f0:8d:e3:69:ca:2b:
79:c3:56:eb:9b:a7:72:bd:03:4d:d7:8e:00:f6:9f:ef:04:11:
70:e7:4c:2a:68:fe:54:68:12:45:ae:74:dc:5b:7f:ba:ca:de:
36:aa:fb:1e:0e:bf:3e:c1:0c:68:4e:a7:47:b8:35:12:0d:87:
df:03:56:f5:2a:f6:74:49:f9:d7:8b:05:32:27:1b:ac:5e:4d:
49:81:6b:c1:ea:8a:30:ee:32:00:92:f1:47:b2:21:a2:85:a6:
85:c1:5e:1a:c1:b4:96:aa:62:f4:42:51:0a:cc:7f:7c:d8:ee:
06:5c:e2:8c:89:40:d8:97:9e:8c:d5:5b:ca:21:52:54:ab:33:
a5:03:bc:6b:47:2d:1c:bc:6b:b9:cb:33:27:cb:5a:05:1a:a3:
71:b1:a4:9e:64:58:58:f8:0a:8c:13:44:33:d5:0b:f7:61:d6:
09:f0:f2:b9:bd:d5:75:92:27:2f:a1:b3:c2:8b:00:c0:14:f3:
4b:b6:a6:74:42:b4:c7:8b:d2:74:69:fd:9a:28:05:2d:df:d5:
02:44:3e:40
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWnmxP46PO3lju048hcO+2R085EIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDUwMTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4NGFiM2NmYmVlZDk0YmIxM2ZlYzcyNWE0YTU0MWRlNjc1YWYzMzI5YjQ4
ZWQ0ZmQwNDJiZmM4ODA2YmExNjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVNL8GHWaafAscG5HpmDaNIZgF0Vx1ANXc4riTBJiIKF8tP1tbniLj0qkeC
VmTC8LNKBkGcviTakxCn5jKlx6gb0N8SvYrEPnZL4cq352Dw6YO3bPOS7msk71wM
P0bC1VFEdItNIHuaFWXeJfjD+A+i/6KN7f/FpFRGzV0yDkIaubi7k4KTWLj7KmR5
Bf346TVXtTMoh8DoU8WsyeLGM53PAeVA9QJpT4LiRa1d0l3UwCcbni8FoIQ7V7j3
tGIsg9w84uORlqKml0QU1dUg3fjNVYpeW0DV7xE+tSF7NlY4zcLCj/C/jjqOxOK9
BYQ4D+RMmKQx3VxhlP99Sf0vl68CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRI02F9
96onG9gtwE325rTY2cYDHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFjMTUwZmMtZGNiNS00MDJjLTliZjAtNWE0NmMyYjU4ZDM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0BsI
MA0GCSqGSIb3DQEBCwUAA4IBAQAd+nnE4C6PMgUu8M1blNP8OyHV6wka9UyzMKs7
QMo9GSLaw4LXtoy1YIFIzJRd+9rwjeNpyit5w1brm6dyvQNN144A9p/vBBFw50wq
aP5UaBJFrnTcW3+6yt42qvseDr8+wQxoTqdHuDUSDYffA1b1KvZ0SfnXiwUyJxus
Xk1JgWvB6oow7jIAkvFHsiGihaaFwV4awbSWqmL0QlEKzH982O4GXOKMiUDYl56M
1VvKIVJUqzOlA7xrRy0cvGu5yzMny1oFGqNxsaSeZFhY+AqME0Qz1Qv3YdYJ8PK5
vdV1kicvobPCiwDAFPNLtqZ0QrTHi9J0af2aKAUt39UCRD5A
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:35:48 2025 by rpki-client