Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
File: 4304a130-e9d1-47a4-8ecf-5d755740a478.roa (raw, json)
Hash identifier: b9x6+d3bJFEcQ0HJEvMXk/IdWbWex7VZ+vDUGMlW7Uw=
Subject key identifier: A9:9F:33:DD:1A:AA:F4:24:DE:00:C3:E2:3D:59:71:AC:77:02:32:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1019445B00109E41C056CDD292F5E2C25BBD024C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
Signing time: Fri 11 Jul 2025 19:11:37 +0000
ROA not before: Fri 11 Jul 2025 19:11:37 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:19:44:5b:00:10:9e:41:c0:56:cd:d2:92:f5:e2:c2:5b:bd:02:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:11:37 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=0a6dbb6439220e080d131d5a6b364cb095aa44ba767378a2e4d0de9e7aeacc49, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1d:3e:8e:2a:82:7a:fb:10:ee:cb:47:5d:50:
e3:94:af:04:1b:a4:27:17:e1:c1:74:a6:84:8e:8f:
db:39:0a:8d:c4:b5:f4:0e:32:a4:c0:c7:0e:b5:27:
0a:61:5e:ae:89:df:ab:90:a2:31:10:94:e9:a3:3e:
b0:7d:61:84:10:a9:5e:2f:f6:71:d1:31:e6:90:4d:
6e:d7:11:77:b3:4a:94:bd:61:35:a4:e5:60:ac:ca:
34:28:dd:96:1b:4a:8c:bf:1d:8c:36:da:11:cf:d1:
8b:e6:da:c5:3b:20:c4:73:5e:3a:b7:eb:23:5b:b4:
cc:a2:68:46:e2:5f:50:fc:60:26:e5:df:3e:fa:f2:
9b:0e:56:69:3e:62:75:46:47:25:bf:44:69:41:9c:
e4:d5:90:6a:74:4d:1d:94:92:75:1d:77:9e:78:3e:
15:a5:06:ce:5e:bd:7d:f7:23:c3:6b:6a:4b:86:57:
4f:3f:f1:03:d8:fb:ba:8b:18:93:66:64:20:dd:5f:
e0:e8:a3:fb:2e:8c:47:4f:fc:90:7c:01:3d:78:40:
a5:59:b3:a6:25:02:a9:de:7a:ee:d2:3b:4b:5e:a0:
80:80:d0:f2:fa:5d:91:4b:45:82:ed:43:4b:87:aa:
e1:66:42:b4:6b:b7:b2:bd:25:65:9d:a4:2e:0c:79:
d7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:9F:33:DD:1A:AA:F4:24:DE:00:C3:E2:3D:59:71:AC:77:02:32:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80e0::/48
Signature Algorithm: sha256WithRSAEncryption
5d:d7:b9:c9:4d:4d:d3:67:b3:e1:97:79:54:11:d3:ea:38:d3:
db:83:cd:f1:03:3f:0d:0c:a3:b3:a0:97:f0:0b:3b:c7:a2:50:
8e:23:65:84:fb:6e:a7:aa:13:a1:31:71:a1:83:5e:b9:2f:ea:
82:bf:ff:0e:60:47:cf:a5:08:a1:86:e9:26:9d:53:bd:13:14:
d9:bb:f1:04:02:ed:2b:61:a5:0c:ad:ff:d1:96:17:29:ce:20:
4d:dd:38:ca:2d:33:27:71:35:e7:3f:dc:bb:c3:bc:a4:73:44:
ab:72:0e:2d:5f:af:69:80:3f:66:58:85:97:d1:84:01:eb:c0:
c4:e3:d7:80:cd:0c:c4:68:12:38:8d:6c:5e:af:79:ef:47:04:
45:2b:5d:a9:6e:dc:51:90:c4:6a:e7:8f:01:7f:95:93:dd:5b:
46:13:fb:94:53:27:66:c7:77:17:6c:aa:b2:fd:89:cd:d9:3d:
fe:98:fe:06:2a:0f:28:7a:6b:8f:44:24:9e:68:fd:97:59:c2:
1e:dd:97:83:e6:3f:c5:bb:4c:15:2d:ad:73:5c:15:20:04:af:
62:9e:4e:6c:2e:1f:a2:15:3b:46:f4:82:50:57:75:44:2c:97:
4a:9d:12:d1:47:73:e7:3f:df:36:6c:56:7a:1f:0b:1e:e8:2e:
6b:de:a5:09
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEBlEWwAQnkHAVs3SkvXiwlu9AkwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTExMzdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhNmRiYjY0MzkyMjBlMDgwZDEzMWQ1YTZiMzY0Y2IwOTVhYTQ0YmE3Njcz
NzhhMmU0ZDBkZTllN2FlYWNjNDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUdPo4qgnr7EO7LR11Q45SvBBukJxfhwXSmhI6P2zkKjcS19A4ypMDHDrUn
CmFeronfq5CiMRCU6aM+sH1hhBCpXi/2cdEx5pBNbtcRd7NKlL1hNaTlYKzKNCjd
lhtKjL8djDbaEc/Ri+baxTsgxHNeOrfrI1u0zKJoRuJfUPxgJuXfPvrymw5WaT5i
dUZHJb9EaUGc5NWQanRNHZSSdR13nng+FaUGzl69ffcjw2tqS4ZXTz/xA9j7uosY
k2ZkIN1f4Oij+y6MR0/8kHwBPXhApVmzpiUCqd567tI7S16ggIDQ8vpdkUtFgu1D
S4eq4WZCtGu3sr0lZZ2kLgx514MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSpnzPd
Gqr0JN4Aw+I9WXGsdwIy2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDMwNGExMzAtZTlkMS00N2E0LThlY2YtNWQ3NTU3NDBhNDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
4DANBgkqhkiG9w0BAQsFAAOCAQEAXde5yU1N02ez4Zd5VBHT6jjT24PN8QM/DQyj
s6CX8As7x6JQjiNlhPtup6oToTFxoYNeuS/qgr//DmBHz6UIoYbpJp1TvRMU2bvx
BALtK2GlDK3/0ZYXKc4gTd04yi0zJ3E15z/cu8O8pHNEq3IOLV+vaYA/ZliFl9GE
AevAxOPXgM0MxGgSOI1sXq9570cERStdqW7cUZDEauePAX+Vk91bRhP7lFMnZsd3
F2yqsv2Jzdk9/pj+BioPKHprj0Qknmj9l1nCHt2Xg+Y/xbtMFS2tc1wVIASvYp5O
bC4fohU7RvSCUFd1RCyXSp0S0Udz5z/fNmxWeh8LHugua96lCQ==
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:55:39 2025 by rpki-client