Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4471b4d2-62e1-4876-baf7-b5951493a774.roa
File: 4471b4d2-62e1-4876-baf7-b5951493a774.roa (raw, json)
Hash identifier: ecAfEA3VmN+9CbMph3D2AzEsBV9bjZ2aW7mz+fTW6xY=
Subject key identifier: 85:0C:A2:CA:09:E6:CD:D5:D2:C0:81:D2:7C:A7:96:7B:EF:51:C1:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F6689D0491E4C049E0B4687B283C9B30D27B2E1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4471b4d2-62e1-4876-baf7-b5951493a774.roa
Signing time: Fri 11 Jul 2025 19:50:34 +0000
ROA not before: Fri 11 Jul 2025 19:50:34 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:60c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:66:89:d0:49:1e:4c:04:9e:0b:46:87:b2:83:c9:b3:0d:27:b2:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:50:34 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=0336c672edb64ad6fea0ef3c74f6756d906514b0fe9bbcd0b7f9380057853a02, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0c:73:48:53:98:c9:7b:12:54:14:8e:8f:e2:
66:ca:4f:c6:d3:da:12:d9:d6:28:ec:5f:5f:61:29:
4f:e2:57:74:e6:10:ce:80:64:68:9f:29:a5:a6:3d:
48:6f:bc:3b:ef:51:d4:60:79:b0:c6:2d:75:16:00:
d1:7f:10:6b:05:4c:e7:cd:c1:36:aa:72:ab:f1:e7:
27:b0:dd:97:b5:6d:c8:2d:bb:00:ba:84:65:b9:0a:
30:f6:b4:8f:19:9f:92:9d:a0:a3:4c:73:d3:f7:e4:
da:09:4f:cd:41:4a:c8:f2:63:8a:d2:c4:2f:c2:e2:
e2:66:04:12:bc:08:4c:aa:7e:48:82:54:3e:73:b9:
82:20:05:92:52:52:28:50:ab:57:75:ec:c7:1f:6b:
07:98:84:cd:83:89:88:84:90:49:49:e3:8b:58:79:
57:7b:73:16:8a:48:50:f8:39:71:f6:f8:a3:1b:2f:
84:f6:9d:46:45:f7:cb:67:4e:aa:f1:e4:18:47:2f:
69:06:d4:e2:fa:57:ec:90:91:0e:f9:40:01:bf:9a:
b7:b1:f7:78:76:5d:90:72:72:9e:6e:0d:3a:75:a6:
b6:47:b0:4d:e3:d6:ee:40:99:b4:e7:14:db:6e:4d:
52:3b:6d:ad:97:fb:e7:53:52:fa:f8:b3:30:9d:56:
e4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:0C:A2:CA:09:E6:CD:D5:D2:C0:81:D2:7C:A7:96:7B:EF:51:C1:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4471b4d2-62e1-4876-baf7-b5951493a774.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
7b:f8:91:43:34:77:20:ec:09:e7:38:73:8e:41:45:a9:66:9e:
d5:1e:fb:16:01:94:a1:0c:80:01:b9:cd:8e:32:16:fe:45:19:
81:fc:d8:84:5f:8c:3c:8a:18:bd:65:ad:9e:94:ae:20:11:bd:
b4:cf:27:17:d0:15:c6:61:42:d3:f1:c9:90:9e:26:d9:34:46:
e0:34:85:5d:05:85:32:77:c4:29:ba:3d:07:b2:24:0c:de:9b:
96:4d:20:71:87:f6:7c:57:d8:3f:7c:fd:a2:67:6a:f2:a4:84:
e0:d7:14:25:55:a9:0e:1d:66:a1:97:9f:19:ee:f9:2a:50:fc:
fe:a0:f6:f4:cc:cf:5d:73:00:07:4a:22:39:f4:c2:22:b1:0c:
61:f5:f6:41:65:da:8b:05:0c:c3:2f:fb:ae:16:38:c9:88:dc:
f1:b1:c5:dc:88:c1:bc:de:86:25:2b:dc:08:c6:c7:c2:78:39:
06:5e:6f:8f:02:50:18:f2:f7:d5:94:4f:91:16:ab:5b:ad:c6:
d1:66:00:ef:cb:e4:ea:be:18:8e:d4:0e:75:05:d2:45:58:ea:
25:bb:7c:0b:23:8a:55:41:ed:e5:63:02:99:e8:5e:bc:40:51:
9f:da:56:df:8c:f0:d3:d6:88:f2:df:1c:a4:a4:a5:66:bc:bb:
ee:4b:a3:cd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUb2aJ0EkeTASeC0aHsoPJsw0nsuEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUwMzRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzMzZjNjcyZWRiNjRhZDZmZWEwZWYzYzc0ZjY3NTZkOTA2NTE0YjBmZTli
YmNkMGI3ZjkzODAwNTc4NTNhMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIMc0hTmMl7ElQUjo/iZspPxtPaEtnWKOxfX2EpT+JXdOYQzoBkaJ8ppaY9
SG+8O+9R1GB5sMYtdRYA0X8QawVM583BNqpyq/HnJ7Ddl7VtyC27ALqEZbkKMPa0
jxmfkp2go0xz0/fk2glPzUFKyPJjitLEL8Li4mYEErwITKp+SIJUPnO5giAFklJS
KFCrV3Xsxx9rB5iEzYOJiISQSUnji1h5V3tzFopIUPg5cfb4oxsvhPadRkX3y2dO
qvHkGEcvaQbU4vpX7JCRDvlAAb+at7H3eHZdkHJynm4NOnWmtkewTePW7kCZtOcU
225NUjttrZf751NS+vizMJ1W5HsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSFDKLK
CebN1dLAgdJ8p5Z771HB5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQ3MWI0ZDItNjJlMS00ODc2LWJhZjctYjU5NTE0OTNhNzc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVg
wDANBgkqhkiG9w0BAQsFAAOCAQEAe/iRQzR3IOwJ5zhzjkFFqWae1R77FgGUoQyA
AbnNjjIW/kUZgfzYhF+MPIoYvWWtnpSuIBG9tM8nF9AVxmFC0/HJkJ4m2TRG4DSF
XQWFMnfEKbo9B7IkDN6blk0gcYf2fFfYP3z9omdq8qSE4NcUJVWpDh1moZefGe75
KlD8/qD29MzPXXMAB0oiOfTCIrEMYfX2QWXaiwUMwy/7rhY4yYjc8bHF3IjBvN6G
JSvcCMbHwng5Bl5vjwJQGPL31ZRPkRarW63G0WYA78vk6r4YjtQOdQXSRVjqJbt8
CyOKVUHt5WMCmehevEBRn9pW34zw09aI8t8cpKSlZry77kujzQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:11 2025 by rpki-client