Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa
File: 35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa (raw, json)
Hash identifier: LCiLRoN7rVI7/dYdcITWd52YwZRMRN6YCcD3bjhgFtg=
Subject key identifier: 12:0F:40:9D:48:03:2C:78:96:37:75:F0:DF:C9:EE:7D:77:8B:90:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5CFBF8B8FFB71BED4825DCA3A212E8B885586725
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa
Signing time: Sat 12 Jul 2025 00:50:11 +0000
ROA not before: Sat 12 Jul 2025 00:50:11 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:fb:f8:b8:ff:b7:1b:ed:48:25:dc:a3:a2:12:e8:b8:85:58:67:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:50:11 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=7f5d5b2931686cb4b0166f0215912fe50f668cc2a0b71f7d914f86afa0e0776f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b8:9f:08:fa:5b:69:0b:56:29:df:79:c5:9a:
4d:ae:cf:ce:68:96:e6:cb:f8:ed:b8:06:d3:22:59:
92:f7:7c:7a:a2:6b:40:d2:b8:7b:3f:c3:28:68:f5:
46:f2:9f:da:e9:b5:36:35:a0:be:94:5b:30:1c:ee:
e3:d6:9b:f3:d8:07:26:8d:25:50:95:6f:25:e0:2b:
49:c3:7e:dd:f0:23:83:52:50:f0:40:ae:09:f8:f9:
ee:da:ea:56:25:82:51:03:35:1f:b5:cd:31:62:ac:
64:e3:cd:da:5e:a6:f7:14:44:56:d1:ad:6b:ab:8e:
68:53:f2:19:eb:8f:c4:ca:69:7d:fb:20:df:75:a5:
40:49:49:00:4c:ab:dc:57:2d:0d:3f:96:88:80:a5:
d3:29:24:50:97:b5:d4:07:2e:1e:1b:3f:d0:01:34:
cc:1f:52:e2:d0:37:cd:95:71:7c:78:62:12:68:40:
07:13:5b:17:7c:7a:51:d6:5d:8f:eb:1f:36:08:f5:
52:ac:de:8e:d1:6b:de:d5:3f:40:24:a0:a7:d6:1d:
c1:bc:34:b3:b3:b6:3a:4e:57:ec:84:d5:4f:89:fb:
c8:27:d3:8e:e4:c6:f5:ec:88:a8:2d:45:c5:bf:6a:
f7:9b:8d:7e:ab:07:aa:5b:ff:8b:ea:c7:65:c5:30:
3e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:0F:40:9D:48:03:2C:78:96:37:75:F0:DF:C9:EE:7D:77:8B:90:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:2000::/40
Signature Algorithm: sha256WithRSAEncryption
43:9b:ca:7f:30:4b:05:62:b1:c8:62:54:b6:fc:91:a3:33:c2:
bf:03:e8:eb:17:dc:cb:f8:5a:8d:df:74:19:e8:fb:51:b6:44:
4c:7f:99:33:a2:62:a7:f4:a4:38:57:1e:66:6a:ed:41:c3:ec:
7f:48:ca:b2:66:36:47:54:0c:b0:43:47:22:ed:96:fe:d1:df:
f2:6b:6f:c8:29:82:5d:81:a6:f6:ca:c4:2d:52:5a:87:8f:ed:
28:04:fb:47:0a:68:74:04:55:0f:f4:d5:4e:a4:56:ee:78:09:
82:25:89:f7:da:9a:40:6e:82:ef:b7:c1:6b:5e:e8:aa:c1:2b:
8c:58:15:89:b2:8a:42:e4:f8:fa:a6:83:84:2a:62:6a:d9:f7:
dc:52:3f:3e:9a:ab:19:39:cc:36:4d:ae:b8:84:e0:36:7e:88:
31:69:99:70:ef:00:28:42:df:05:66:a4:44:51:28:8d:64:b9:
9c:9f:5b:87:f1:d4:2a:13:06:81:b7:73:11:0b:cd:e6:4b:b1:
5f:6d:16:3d:96:90:cd:45:ac:30:5c:39:1c:fc:60:0e:1b:18:
3e:c1:00:f8:f8:ee:8e:ef:53:49:62:eb:3d:83:50:08:05:3f:
9b:39:b0:79:4b:93:dc:8a:b0:24:be:20:65:b9:ac:ee:12:c3:
c2:57:6b:1d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXPv4uP+3G+1IJdyjohLouIVYZyUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUwMTFaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmNWQ1YjI5MzE2ODZjYjRiMDE2NmYwMjE1OTEyZmU1MGY2NjhjYzJhMGI3
MWY3ZDkxNGY4NmFmYTBlMDc3NmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALK4nwj6W2kLVinfecWaTa7PzmiW5sv47bgG0yJZkvd8eqJrQNK4ez/DKGj1
RvKf2um1NjWgvpRbMBzu49ab89gHJo0lUJVvJeArScN+3fAjg1JQ8ECuCfj57trq
ViWCUQM1H7XNMWKsZOPN2l6m9xREVtGta6uOaFPyGeuPxMppffsg33WlQElJAEyr
3FctDT+WiICl0ykkUJe11AcuHhs/0AE0zB9S4tA3zZVxfHhiEmhABxNbF3x6UdZd
j+sfNgj1UqzejtFr3tU/QCSgp9Ydwbw0s7O2Ok5X7ITVT4n7yCfTjuTG9eyIqC1F
xb9q95uNfqsHqlv/i+rHZcUwPhECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQSD0Cd
SAMseJY3dfDfye59d4uQHDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVhODcxN2MtZWNmNi00Y2Y3LWE3M2MtZjU2NmY3ODg0YTE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fkg
MA0GCSqGSIb3DQEBCwUAA4IBAQBDm8p/MEsFYrHIYlS2/JGjM8K/A+jrF9zL+FqN
33QZ6PtRtkRMf5kzomKn9KQ4Vx5mau1Bw+x/SMqyZjZHVAywQ0ci7Zb+0d/ya2/I
KYJdgab2ysQtUlqHj+0oBPtHCmh0BFUP9NVOpFbueAmCJYn32ppAboLvt8FrXuiq
wSuMWBWJsopC5Pj6poOEKmJq2ffcUj8+mqsZOcw2Ta64hOA2fogxaZlw7wAoQt8F
ZqREUSiNZLmcn1uH8dQqEwaBt3MRC83mS7FfbRY9lpDNRawwXDkc/GAOGxg+wQD4
+O6O71NJYus9g1AIBT+bObB5S5PcirAkviBluazuEsPCV2sd
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:33:00 2025 by rpki-client