Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
File: 17057de1-0841-47c5-9f52-f4f803d5e2d4.roa (raw, json)
Hash identifier: PqADn//NhHWtvAnfVlbi7y+Hl/7+SjAPIoRpAXTxsHI=
Subject key identifier: B3:EE:F8:19:A7:EC:E0:11:5D:5A:C2:6C:10:85:E6:43:74:79:B4:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0328E6533413F76DB56BC965E4DFE4CE3A8ECF73
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
Signing time: Fri 11 Jul 2025 20:21:55 +0000
ROA not before: Fri 11 Jul 2025 20:21:55 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:28:e6:53:34:13:f7:6d:b5:6b:c9:65:e4:df:e4:ce:3a:8e:cf:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:21:55 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=6f37966c04eb4db879b4cb23315f06fa3d125c3ae679f7ce4d995057f8e01742, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9e:08:a0:76:8b:a8:13:69:dc:55:62:4a:1a:
35:a0:cd:88:6b:78:c1:96:c3:01:c3:4e:c3:4d:97:
39:44:7b:af:33:78:ab:7c:15:2a:f5:a8:44:70:ea:
69:e3:78:51:cd:d4:42:76:0f:34:d8:3a:66:31:70:
bb:41:2b:e9:6e:c2:40:0f:96:65:41:96:2a:46:13:
c9:5a:ce:4d:bc:8f:9a:bb:db:91:3f:33:7c:e1:bc:
46:e3:ea:33:24:22:0f:19:55:42:ce:f6:e1:7c:3e:
0f:49:f0:e7:86:5d:2a:be:b3:62:80:ed:7b:a4:6e:
2e:a1:3a:ca:3b:7a:4f:5b:de:9f:30:62:df:a1:1f:
ca:67:57:94:97:bf:6e:04:ba:f4:0b:9a:06:3f:5b:
46:0a:4f:13:2d:1c:68:61:ef:a0:8f:e3:6f:4b:e9:
e8:a7:31:1b:d8:68:0e:93:74:15:29:05:ff:b3:e5:
22:fe:96:91:72:a6:38:8f:22:23:65:77:25:b0:5b:
10:d0:33:9f:d1:89:20:4e:8e:83:78:2d:0b:0b:de:
97:08:31:ea:75:85:bc:73:e3:8a:19:d4:fa:d7:e3:
39:b5:86:7c:d2:bd:6e:87:09:52:b8:8e:00:d9:b2:
4e:9b:6c:1b:8d:13:98:b5:9e:21:7b:cb:19:b2:64:
b6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:EE:F8:19:A7:EC:E0:11:5D:5A:C2:6C:10:85:E6:43:74:79:B4:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
20:44:73:cb:f3:24:e5:18:d5:54:68:b3:5a:1c:2a:6c:86:e4:
94:ca:93:fe:9a:5f:93:8b:78:d2:f5:79:b8:3b:da:1d:d1:3a:
6a:02:a5:a5:bd:0d:ba:06:88:77:ab:99:74:a5:48:27:e3:ae:
52:91:27:95:2e:74:b8:0c:27:35:25:c3:cc:95:6b:c8:86:d7:
f9:be:6e:e3:15:3a:5f:89:e8:79:7f:0b:17:d0:63:5c:1e:8b:
12:57:f5:d3:df:7e:fa:29:2e:52:ed:d7:00:32:d4:12:52:b9:
15:05:cd:9b:2b:d1:e7:fb:c8:45:51:58:f4:aa:62:43:fe:9c:
42:7c:26:05:55:21:39:a4:1c:52:0f:52:7c:70:6e:2f:70:c4:
7b:6a:28:46:be:d1:48:7e:d3:4b:d1:ab:28:cb:3e:2a:c6:41:
82:d3:fe:e2:64:fe:19:10:f1:b9:5a:ab:e6:d2:8f:72:6b:48:
f8:e5:d4:b1:6b:db:3f:82:7e:5e:af:ab:ef:46:0b:27:86:12:
f4:db:9a:d5:93:da:ea:1e:7b:d6:ec:ae:b2:6f:60:19:7d:b1:
62:59:dc:3b:36:46:74:17:e7:74:f9:7a:ce:6a:70:da:c4:0e:
59:17:1e:5f:bc:b3:b8:a8:20:0b:5c:6a:f1:4d:74:5e:11:24:
3b:d1:85:6e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAyjmUzQT9221a8ll5N/kzjqOz3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDIxNTVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmMzc5NjZjMDRlYjRkYjg3OWI0Y2IyMzMxNWYwNmZhM2QxMjVjM2FlNjc5
ZjdjZTRkOTk1MDU3ZjhlMDE3NDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGeCKB2i6gTadxVYkoaNaDNiGt4wZbDAcNOw02XOUR7rzN4q3wVKvWoRHDq
aeN4Uc3UQnYPNNg6ZjFwu0Er6W7CQA+WZUGWKkYTyVrOTbyPmrvbkT8zfOG8RuPq
MyQiDxlVQs724Xw+D0nw54ZdKr6zYoDte6RuLqE6yjt6T1venzBi36EfymdXlJe/
bgS69AuaBj9bRgpPEy0caGHvoI/jb0vp6KcxG9hoDpN0FSkF/7PlIv6WkXKmOI8i
I2V3JbBbENAzn9GJIE6Og3gtCwvelwgx6nWFvHPjihnU+tfjObWGfNK9bocJUriO
ANmyTptsG40TmLWeIXvLGbJktrkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSz7vgZ
p+zgEV1awmwQheZDdHm05DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTcwNTdkZTEtMDg0MS00N2M1LTlmNTItZjRmODAzZDVlMmQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dpg
MA0GCSqGSIb3DQEBCwUAA4IBAQAgRHPL8yTlGNVUaLNaHCpshuSUypP+ml+Ti3jS
9Xm4O9od0TpqAqWlvQ26Boh3q5l0pUgn465SkSeVLnS4DCc1JcPMlWvIhtf5vm7j
FTpfieh5fwsX0GNcHosSV/XT3376KS5S7dcAMtQSUrkVBc2bK9Hn+8hFUVj0qmJD
/pxCfCYFVSE5pBxSD1J8cG4vcMR7aihGvtFIftNL0asoyz4qxkGC0/7iZP4ZEPG5
Wqvm0o9ya0j45dSxa9s/gn5er6vvRgsnhhL025rVk9rqHnvW7K6yb2AZfbFiWdw7
NkZ0F+d0+XrOanDaxA5ZFx5fvLO4qCALXGrxTXReESQ70YVu
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:15 2025 by rpki-client