Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
File: 1977ffde-7d26-418c-800c-ccacd18fe560.roa (raw, json)
Hash identifier: hgT1He2h5S4BOfHSdfD0uMKVHoFSwIRFaN4m7MklpXw=
Subject key identifier: 89:D2:48:85:50:58:CA:76:17:96:BB:A5:A2:FA:A1:E8:DF:A5:45:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E156E3D41A4658377C0D4ACBC3605BE239F89F5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
Signing time: Mon 21 Jul 2025 17:00:06 +0000
ROA not before: Mon 21 Jul 2025 17:00:06 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 14:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:15:6e:3d:41:a4:65:83:77:c0:d4:ac:bc:36:05:be:23:9f:89:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 17:00:06 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=686f0226eb04295c81b370cd3618064e9072639d2f898414d3ce41afa976c814, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9a:28:f8:fe:88:26:a1:80:65:bf:82:63:34:
41:dd:4e:c3:59:82:d8:6f:6b:7c:42:5a:0c:10:ab:
13:66:67:4f:74:67:f9:50:73:c7:32:dd:f5:d3:8f:
7c:cf:87:23:8a:8d:5a:ed:1b:32:2a:30:a3:95:0c:
69:68:78:c8:94:c1:73:93:f5:51:bf:58:c4:7e:77:
ba:9b:2d:ef:11:4e:cf:9c:bc:ba:c5:14:2e:db:32:
67:80:00:e6:55:50:4c:74:88:9c:41:72:ee:8b:cb:
89:0f:b1:c7:1d:25:96:bc:d0:f1:35:84:f3:55:64:
c0:44:ac:f9:cc:44:7a:e5:63:cc:46:45:af:e0:ed:
56:41:9b:9c:fb:2d:6e:50:1d:e3:e4:f4:f5:8b:0f:
8c:3b:cf:9c:04:a3:de:74:9a:be:84:7f:24:a9:3a:
13:35:a0:4b:b4:37:7c:67:ab:84:0b:37:57:e8:63:
3d:1d:1d:35:fd:6a:ac:04:aa:01:57:81:97:c4:27:
6d:3c:6f:7b:3b:f3:d4:97:f1:3d:91:7b:b5:69:08:
6b:14:9b:86:43:c4:e1:bd:ac:f6:60:cf:48:ae:b4:
03:3e:18:a3:64:7a:f7:9d:bb:9d:f0:94:5a:01:87:
6c:21:8d:05:7a:0b:69:6a:e4:6f:8c:d9:af:8b:1b:
cb:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D2:48:85:50:58:CA:76:17:96:BB:A5:A2:FA:A1:E8:DF:A5:45:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
23:51:f3:a5:46:4d:ae:24:03:40:63:c3:7c:c8:8f:be:c8:33:
19:3a:ac:0f:6d:e1:1e:28:6e:8e:0f:e4:51:c1:22:bb:25:06:
d4:df:5d:0c:27:10:32:69:ea:99:f7:28:06:ad:d8:c2:cc:91:
6e:61:ac:02:33:b3:7b:71:41:93:82:0b:23:2d:fd:04:43:6e:
31:2f:0a:02:d2:11:44:f5:fa:0b:6a:e5:80:61:49:2f:c7:59:
b2:67:94:c0:b1:ea:b9:6f:72:32:6b:83:78:e9:ed:df:5c:eb:
ea:e2:78:37:fb:f5:17:4b:d2:72:19:55:d6:89:a1:cd:2d:a4:
c2:4d:8f:59:90:df:f0:bb:dd:75:8b:ff:6e:b4:31:45:c1:9f:
bc:73:30:06:97:0b:17:d1:e5:ab:4b:db:f3:a1:cd:7b:dc:39:
75:45:b1:7c:c0:14:86:2e:fe:dd:d2:e3:9f:97:b6:21:4a:41:
9a:66:90:a4:e7:da:e1:e6:74:65:df:5d:2a:e7:aa:6f:b4:d1:
00:05:f9:24:93:ac:9b:66:d7:1e:1e:02:a4:d3:a7:f4:55:38:
31:43:21:55:e1:a3:fe:4e:26:34:b3:d5:f2:03:f3:85:e5:99:
11:b6:50:00:c0:50:f2:90:b2:4c:ad:d2:72:8e:54:19:87:1c:
1f:6a:d7:22
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUbhVuPUGkZYN3wNSsvDYFviOfifUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNzAwMDZaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4NmYwMjI2ZWIwNDI5NWM4MWIzNzBjZDM2MTgwNjRlOTA3MjYzOWQyZjg5
ODQxNGQzY2U0MWFmYTk3NmM4MTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmaKPj+iCahgGW/gmM0Qd1Ow1mC2G9rfEJaDBCrE2ZnT3Rn+VBzxzLd9dOP
fM+HI4qNWu0bMiowo5UMaWh4yJTBc5P1Ub9YxH53upst7xFOz5y8usUULtsyZ4AA
5lVQTHSInEFy7ovLiQ+xxx0llrzQ8TWE81VkwESs+cxEeuVjzEZFr+DtVkGbnPst
blAd4+T09YsPjDvPnASj3nSavoR/JKk6EzWgS7Q3fGerhAs3V+hjPR0dNf1qrASq
AVeBl8QnbTxvezvz1JfxPZF7tWkIaxSbhkPE4b2s9mDPSK60Az4Yo2R69527nfCU
WgGHbCGNBXoLaWrkb4zZr4sbyykCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSJ0kiF
UFjKdheWu6Wi+qHo36VF1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTk3N2ZmZGUtN2QyNi00MThjLTgwMGMtY2NhY2QxOGZlNTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBACNR86VGTa4kA0Bjw3zIj77IMxk6rA9t4R4obo4P
5FHBIrslBtTfXQwnEDJp6pn3KAat2MLMkW5hrAIzs3txQZOCCyMt/QRDbjEvCgLS
EUT1+gtq5YBhSS/HWbJnlMCx6rlvcjJrg3jp7d9c6+rieDf79RdL0nIZVdaJoc0t
pMJNj1mQ3/C73XWL/260MUXBn7xzMAaXCxfR5atL2/OhzXvcOXVFsXzAFIYu/t3S
45+XtiFKQZpmkKTn2uHmdGXfXSrnqm+00QAF+SSTrJtm1x4eAqTTp/RVODFDIVXh
o/5OJjSz1fID84XlmRG2UADAUPKQskyt0nKOVBmHHB9q1yI=
-----END CERTIFICATE-----
Generated at Mon Jul 21 23:16:41 2025 by rpki-client