Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
File: 35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa (raw, json)
Hash identifier: gXmxQFenmUCxPBmuviw1huONnrHOSzbG2qGIe3SOPjY=
Subject key identifier: FD:9D:81:D9:62:05:E3:9A:B0:50:8B:71:80:06:0F:9E:22:35:D6:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40A34A3A8FE126CB352961B973C35BD34A46EA48
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
Signing time: Fri 11 Jul 2025 20:40:11 +0000
ROA not before: Fri 11 Jul 2025 20:40:11 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:a3:4a:3a:8f:e1:26:cb:35:29:61:b9:73:c3:5b:d3:4a:46:ea:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:40:11 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=018232514402a1c1902d5fb5384cc323bbc5123caed6355a26afc02329e9ee29, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d7:b1:0d:df:68:45:5a:40:43:b4:b4:d3:30:
c4:fd:f2:a4:89:1d:96:66:3b:a3:d2:68:84:01:7d:
ea:d7:64:c6:26:c8:f0:41:10:41:4d:f9:75:84:00:
f0:95:04:54:7a:2e:9f:b1:30:7c:33:7e:ae:d8:20:
d3:e8:9d:61:dc:20:78:8b:66:1c:04:57:5c:7f:fb:
63:b7:1b:c5:f8:1b:b3:fa:27:41:de:ec:cb:fe:39:
2d:3c:8d:a9:33:dd:c4:bd:63:fb:29:4d:6a:74:ee:
38:48:d5:82:32:f7:8f:78:02:1a:35:5a:fb:84:fa:
6d:77:eb:6d:d0:fb:7a:0b:5c:7b:bb:a7:e6:05:52:
b2:c8:c8:fa:23:10:ad:9a:90:c6:68:0a:17:ad:1c:
da:89:21:9f:7c:41:ab:47:37:42:db:a7:c0:7c:88:
53:15:a7:97:b6:11:09:1f:23:92:dd:04:c3:8b:6f:
39:1a:49:50:d6:74:de:09:2f:2d:dc:05:f2:2e:32:
02:26:fc:74:70:db:71:65:9e:f1:89:f7:65:3a:b0:
09:43:87:4e:9f:98:bd:e0:21:f5:a3:76:95:46:e9:
55:57:d3:a7:72:3d:46:b9:eb:c6:cc:02:c5:68:c4:
52:c8:d1:2c:e9:39:77:31:f5:94:21:fe:d5:e8:f3:
43:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:9D:81:D9:62:05:E3:9A:B0:50:8B:71:80:06:0F:9E:22:35:D6:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/38
Signature Algorithm: sha256WithRSAEncryption
9a:e9:2b:4e:3c:8a:2e:98:4e:74:fc:df:96:a0:36:e4:40:95:
e2:32:02:b9:5d:a6:53:cb:1e:fc:90:ee:29:35:2b:1f:46:c8:
b9:7d:4f:87:70:40:2a:22:9e:17:36:50:f9:23:7d:94:1d:6e:
06:c2:31:1e:21:ac:a3:2b:0f:53:99:7f:61:12:17:5b:4d:26:
b6:8c:a2:19:a4:51:d6:d6:42:0e:f1:43:9e:9d:c1:a4:ac:05:
f5:ff:2d:d3:ff:15:0f:08:9f:95:79:bc:65:86:99:50:aa:f5:
c7:41:63:ef:71:ac:ce:d2:67:b7:8f:26:cf:6c:de:04:dc:89:
15:9a:82:c3:40:71:37:64:3c:af:66:d1:c3:0b:83:ce:5b:0e:
d8:ae:fb:c6:5f:b7:d3:09:a7:41:8d:36:20:5f:cc:61:04:f7:
4f:ee:b3:00:12:67:d8:86:46:a2:2e:87:14:4e:94:b9:dc:f3:
cd:d5:f6:d3:28:3f:8e:2a:07:0a:1e:39:f2:35:3b:bc:71:cd:
6b:1c:56:fa:a7:02:1e:66:c4:9a:2b:14:f9:47:d9:16:fd:c7:
fa:ca:ed:42:45:ee:26:1d:9b:6e:8d:30:19:67:2f:d5:ef:36:
33:5e:13:ca:c0:5d:c9:e1:35:c4:18:d0:83:b4:ac:bf:fb:e9:
d4:cd:27:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQKNKOo/hJss1KWG5c8Nb00pG6kgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQwMTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxODIzMjUxNDQwMmExYzE5MDJkNWZiNTM4NGNjMzIzYmJjNTEyM2NhZWQ2
MzU1YTI2YWZjMDIzMjllOWVlMjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7XsQ3faEVaQEO0tNMwxP3ypIkdlmY7o9JohAF96tdkxibI8EEQQU35dYQA
8JUEVHoun7EwfDN+rtgg0+idYdwgeItmHARXXH/7Y7cbxfgbs/onQd7sy/45LTyN
qTPdxL1j+ylNanTuOEjVgjL3j3gCGjVa+4T6bXfrbdD7egtce7un5gVSssjI+iMQ
rZqQxmgKF60c2okhn3xBq0c3QtunwHyIUxWnl7YRCR8jkt0Ew4tvORpJUNZ03gkv
LdwF8i4yAib8dHDbcWWe8Yn3ZTqwCUOHTp+YveAh9aN2lUbpVVfTp3I9RrnrxswC
xWjEUsjRLOk5dzH1lCH+1ejzQ7cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT9nYHZ
YgXjmrBQi3GABg+eIjXWGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzViYjBkYTUtMGEyZC00YjgwLWFhZmUtYWY3ZTc0Y2Y1ODY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQCa6StOPIoumE50/N+WoDbkQJXiMgK5XaZTyx78
kO4pNSsfRsi5fU+HcEAqIp4XNlD5I32UHW4GwjEeIayjKw9TmX9hEhdbTSa2jKIZ
pFHW1kIO8UOencGkrAX1/y3T/xUPCJ+VebxlhplQqvXHQWPvcazO0me3jybPbN4E
3IkVmoLDQHE3ZDyvZtHDC4POWw7YrvvGX7fTCadBjTYgX8xhBPdP7rMAEmfYhkai
LocUTpS53PPN1fbTKD+OKgcKHjnyNTu8cc1rHFb6pwIeZsSaKxT5R9kW/cf6yu1C
Re4mHZtujTAZZy/V7zYzXhPKwF3J4TXEGNCDtKy/++nUzScE
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:33:45 2025 by rpki-client