Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dfc02bb-5baf-420b-af1f-f4b8acdce23b.roa
File: 3dfc02bb-5baf-420b-af1f-f4b8acdce23b.roa (raw, json)
Hash identifier: AkO4IIfBvvdhjBd7acv/ghJSMX8AGKRc5IJqsNriiuU=
Subject key identifier: 0B:D9:7A:88:50:C5:ED:26:48:E8:78:C5:C4:77:66:87:50:D3:25:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 483F409BB09C1571AD10F1C5D92F26633B353DCA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dfc02bb-5baf-420b-af1f-f4b8acdce23b.roa
Signing time: Fri 11 Jul 2025 20:00:16 +0000
ROA not before: Fri 11 Jul 2025 20:00:16 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:b080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:3f:40:9b:b0:9c:15:71:ad:10:f1:c5:d9:2f:26:63:3b:35:3d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:00:16 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=83855ad46887c289ae719a327c7f93d6753bf525734d4e6714a55eb21ec73e25, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:38:b5:1b:d2:0d:76:f9:5e:0a:fd:ec:99:bf:
41:de:2d:61:af:0a:9d:76:bf:bb:a2:84:ea:74:64:
61:82:ed:b5:eb:53:48:94:8d:03:ee:6d:13:86:64:
52:26:ae:34:a0:4f:41:e5:ba:3f:9f:7b:fd:e5:79:
d3:61:60:ff:9a:79:5a:af:33:df:2e:1b:a5:2b:f2:
1a:59:c4:a4:21:ae:fa:96:5a:72:dc:db:fd:85:2a:
14:66:96:48:03:61:b5:db:ab:c7:c7:2a:43:c7:45:
6a:3b:c8:bd:5c:3b:90:63:d0:2e:f1:3a:6d:72:93:
96:d8:b5:2d:2f:3b:ea:f7:71:d0:91:5c:7a:2d:1a:
4f:e7:f0:2f:a0:93:5b:7e:a8:cf:b1:15:26:2c:1c:
04:dc:3d:d9:93:cc:dc:a6:4f:74:51:a9:39:87:06:
68:5a:81:f8:8a:0e:a3:3f:82:df:03:f9:ee:de:7a:
10:57:fc:23:72:5c:ee:95:f7:dc:94:ab:6b:d2:43:
88:1a:f9:17:d1:b6:1e:c9:0d:55:ed:1a:52:71:43:
91:9a:00:71:5f:4a:2d:29:a2:61:b9:7c:a4:25:ee:
b7:26:33:83:99:b5:3b:7a:2c:e7:c0:09:e3:2d:0c:
cf:9f:d8:0c:29:0c:ca:c1:55:f6:db:16:93:da:d8:
fd:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:D9:7A:88:50:C5:ED:26:48:E8:78:C5:C4:77:66:87:50:D3:25:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dfc02bb-5baf-420b-af1f-f4b8acdce23b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:b080::/46
Signature Algorithm: sha256WithRSAEncryption
a0:54:55:d2:d4:6a:19:d7:51:fb:42:48:d9:d4:4d:03:95:3d:
33:0d:4e:62:16:92:e0:a1:b8:1e:6b:b7:60:7d:43:c2:82:4e:
fb:7c:98:70:24:f1:5f:9f:0d:33:27:b2:81:3c:dd:8d:72:d3:
58:fc:fb:40:2a:85:2c:e7:e7:66:7f:3e:99:c0:a6:b6:65:0b:
55:10:cc:66:1e:c9:61:f0:53:ca:33:b7:27:9d:62:9f:00:b4:
8b:35:21:e2:b7:0b:2d:23:6e:04:25:dc:74:f3:88:12:ab:b4:
89:39:d7:49:14:95:55:3e:84:1a:b9:98:62:d7:35:13:15:51:
88:2e:bb:82:f3:9f:a2:a8:7e:1c:a3:e4:83:f5:c1:dd:70:73:
fc:60:57:d3:53:24:bb:42:40:1c:48:ef:4f:ae:18:c7:d7:4c:
b0:08:8e:d2:dc:9d:86:cb:ca:3a:88:58:7e:93:43:fc:51:9a:
03:06:7e:37:57:3d:ef:48:7d:d4:02:bd:dd:55:9d:10:23:08:
1f:40:f5:62:e6:0a:c6:61:44:9d:e4:26:ef:f4:9b:bb:de:4d:
e1:cf:a6:2c:bd:0d:08:0a:10:3d:d5:68:8a:55:89:9b:42:7b:
57:5a:42:57:b4:22:ac:93:6f:2d:43:a8:1d:8b:63:58:df:0a:
f4:95:f0:a7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSD9Am7CcFXGtEPHF2S8mYzs1PcowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAwMTZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzODU1YWQ0Njg4N2MyODlhZTcxOWEzMjdjN2Y5M2Q2NzUzYmY1MjU3MzRk
NGU2NzE0YTU1ZWIyMWVjNzNlMjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALI4tRvSDXb5Xgr97Jm/Qd4tYa8KnXa/u6KE6nRkYYLttetTSJSNA+5tE4Zk
UiauNKBPQeW6P597/eV502Fg/5p5Wq8z3y4bpSvyGlnEpCGu+pZactzb/YUqFGaW
SANhtdurx8cqQ8dFajvIvVw7kGPQLvE6bXKTlti1LS876vdx0JFcei0aT+fwL6CT
W36oz7EVJiwcBNw92ZPM3KZPdFGpOYcGaFqB+IoOoz+C3wP57t56EFf8I3Jc7pX3
3JSra9JDiBr5F9G2HskNVe0aUnFDkZoAcV9KLSmiYbl8pCXutyYzg5m1O3os58AJ
4y0Mz5/YDCkMysFV9tsWk9rY/ZECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQL2XqI
UMXtJkjoeMXEd2aHUNMlGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2RmYzAyYmItNWJhZi00MjBiLWFmMWYtZjRiOGFjZGNlMjNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Huw
gDANBgkqhkiG9w0BAQsFAAOCAQEAoFRV0tRqGddR+0JI2dRNA5U9Mw1OYhaS4KG4
Hmu3YH1DwoJO+3yYcCTxX58NMyeygTzdjXLTWPz7QCqFLOfnZn8+mcCmtmULVRDM
Zh7JYfBTyjO3J51inwC0izUh4rcLLSNuBCXcdPOIEqu0iTnXSRSVVT6EGrmYYtc1
ExVRiC67gvOfoqh+HKPkg/XB3XBz/GBX01Mku0JAHEjvT64Yx9dMsAiO0tydhsvK
OohYfpND/FGaAwZ+N1c970h91AK93VWdECMIH0D1YuYKxmFEneQm7/Sbu95N4c+m
LL0NCAoQPdVoilWJm0J7V1pCV7QirJNvLUOoHYtjWN8K9JXwpw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:14 2025 by rpki-client