Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
File: 1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa (raw, json)
Hash identifier: m4lAuALSEpqOti9rHALgXL0sjeBGrCrtGbcNlmU7ZQ0=
Subject key identifier: 06:0D:8D:6C:A7:B1:3C:F8:D7:1A:B4:D1:FD:2B:96:A2:1D:BE:FA:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C6ECA00557FA47B812DD04CD4F249FCE5F4EB53
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
Signing time: Fri 11 Jul 2025 20:50:09 +0000
ROA not before: Fri 11 Jul 2025 20:50:09 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:6e:ca:00:55:7f:a4:7b:81:2d:d0:4c:d4:f2:49:fc:e5:f4:eb:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:50:09 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=6a08406ce1fa167d174d1826c768f8b17eafb1273a63a8e221527340f8aaa079, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:25:f9:c4:9a:9d:bf:31:66:e0:66:57:c0:ed:
40:7f:df:1a:91:b2:e8:80:e4:a9:32:60:7d:0c:3e:
0a:14:d0:aa:e2:c1:12:95:69:3b:96:7f:bb:b3:22:
ff:cf:b2:f2:3e:3c:f3:7a:15:15:38:e6:f5:6d:2f:
23:3d:19:ed:d6:ed:47:26:27:4d:13:b3:d0:b7:3d:
66:8c:3d:f1:d3:da:32:7c:df:b0:e1:61:e4:05:42:
aa:c7:ec:66:b7:94:ce:7e:7e:29:a7:dc:50:dd:58:
99:6c:10:0b:17:88:d6:47:12:04:a4:b3:1a:82:4e:
de:69:53:f3:4a:b5:f3:8e:50:ce:11:a7:04:41:7c:
c7:af:b0:01:10:9b:7f:41:d8:71:e6:77:63:1d:a7:
f9:f1:d7:bf:53:d9:9a:df:d1:ee:19:23:2f:84:a7:
57:f5:ea:f5:c5:08:62:bf:2e:0f:a4:7d:2b:03:a6:
85:e7:37:c5:a7:cb:23:21:d4:f6:3b:f4:b2:2d:b9:
ff:85:ad:6c:e9:95:61:f6:95:e8:26:6c:bb:7d:cf:
1b:3b:57:81:da:3d:a0:ff:c2:b1:9e:3d:76:60:98:
1e:73:3e:ae:bc:39:31:23:d5:de:5e:d5:43:d4:e6:
a2:ae:e3:69:11:1f:bd:37:34:93:00:93:10:ff:ba:
ea:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:0D:8D:6C:A7:B1:3C:F8:D7:1A:B4:D1:FD:2B:96:A2:1D:BE:FA:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d:800::/37
Signature Algorithm: sha256WithRSAEncryption
9a:8f:66:64:59:25:78:0c:cd:9e:64:3c:58:1e:d9:59:ea:82:
b3:25:30:4b:a9:26:2c:86:67:a5:ae:87:fc:f4:f2:88:e0:33:
2d:41:77:29:eb:ec:ef:81:dd:f4:fd:e6:f1:f6:d9:b5:62:ac:
f8:18:73:3c:4b:40:1c:38:d1:39:6a:b2:da:be:f8:5a:d6:95:
dc:6e:9c:8f:b4:f0:8c:26:73:29:1b:26:b3:81:3b:2f:90:23:
40:37:76:c1:03:85:d2:b2:8e:38:d8:92:b5:36:01:51:fe:ac:
1b:8a:3d:6e:86:4f:4f:60:7c:b1:8a:05:6b:7c:62:43:ca:3b:
3d:ac:b0:17:f7:67:e2:bb:af:e7:7e:33:8b:c0:29:2e:04:39:
17:05:56:a0:74:18:77:e8:78:9b:d8:39:f3:0e:a7:5a:fe:20:
7d:80:d9:88:da:e9:58:53:8a:2a:4b:b2:6b:bf:e9:df:23:91:
30:a9:cc:15:59:5e:f9:e4:0f:a9:db:d7:2d:36:f3:8d:55:c4:
1f:13:a1:e6:ab:24:8b:d9:a3:fe:08:34:77:75:54:04:46:7e:
25:ab:00:49:0a:dd:b4:8a:a9:92:0e:5c:bc:19:ed:e8:c8:06:
c1:18:40:b1:b1:5e:97:1e:10:80:ea:c3:dd:46:5d:3b:88:2b:
c6:53:68:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULG7KAFV/pHuBLdBM1PJJ/OX061MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDUwMDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhMDg0MDZjZTFmYTE2N2QxNzRkMTgyNmM3NjhmOGIxN2VhZmIxMjczYTYz
YThlMjIxNTI3MzQwZjhhYWEwNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMl+cSanb8xZuBmV8DtQH/fGpGy6IDkqTJgfQw+ChTQquLBEpVpO5Z/u7Mi
/8+y8j4883oVFTjm9W0vIz0Z7dbtRyYnTROz0Lc9Zow98dPaMnzfsOFh5AVCqsfs
ZreUzn5+KafcUN1YmWwQCxeI1kcSBKSzGoJO3mlT80q1845QzhGnBEF8x6+wARCb
f0HYceZ3Yx2n+fHXv1PZmt/R7hkjL4SnV/Xq9cUIYr8uD6R9KwOmhec3xafLIyHU
9jv0si25/4WtbOmVYfaV6CZsu33PGztXgdo9oP/CsZ49dmCYHnM+rrw5MSPV3l7V
Q9Tmoq7jaREfvTc0kwCTEP+66nkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQGDY1s
p7E8+NcatNH9K5aiHb76KzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ0ODBiNmQtMjVmYy00ZjM3LWIxMjUtZjQ1Y2UyMzZmNGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0I
MA0GCSqGSIb3DQEBCwUAA4IBAQCaj2ZkWSV4DM2eZDxYHtlZ6oKzJTBLqSYshmel
rof89PKI4DMtQXcp6+zvgd30/ebx9tm1Yqz4GHM8S0AcONE5arLavvha1pXcbpyP
tPCMJnMpGyazgTsvkCNAN3bBA4XSso442JK1NgFR/qwbij1uhk9PYHyxigVrfGJD
yjs9rLAX92fiu6/nfjOLwCkuBDkXBVagdBh36Hib2DnzDqda/iB9gNmI2ulYU4oq
S7Jrv+nfI5EwqcwVWV755A+p29ctNvONVcQfE6HmqySL2aP+CDR3dVQERn4lqwBJ
Ct20iqmSDly8Ge3oyAbBGECxsV6XHhCA6sPdRl07iCvGU2hl
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:46 2025 by rpki-client