Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
File: 4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa (raw, json)
Hash identifier: XJ2G9BrHoM4zfzgm2aF1K4eSeDdNDa7OqIoA38FDzHM=
Subject key identifier: 8E:36:89:BB:94:74:FE:89:80:3D:28:82:85:78:5C:E7:F1:BF:99:77
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F1967FE2ED9D5D222D40586962E95156774E794
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
Signing time: Fri 11 Jul 2025 20:40:51 +0000
ROA not before: Fri 11 Jul 2025 20:40:51 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:19:67:fe:2e:d9:d5:d2:22:d4:05:86:96:2e:95:15:67:74:e7:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:40:51 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b3b234e4c1484157abd12abc190143748d25600abdc009ef30ad841280841458, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:cf:a0:bb:53:a0:90:ac:4a:82:85:32:b1:e5:
72:1d:d9:85:b4:b7:63:8c:b1:42:c9:00:1f:fb:d7:
9d:7a:fd:fe:77:eb:27:14:2f:6e:ce:ad:6b:d4:26:
06:37:1c:e7:2a:23:f8:37:6e:59:d0:e0:35:72:e2:
e1:e7:c7:bb:3d:df:8a:56:ab:bd:92:2b:7b:1c:08:
23:5b:e7:89:aa:f7:52:df:4f:2a:ae:0a:43:9a:8e:
9d:8d:42:47:b5:67:6f:a7:46:6b:ff:a8:ee:7b:05:
56:43:c8:dc:ce:7d:eb:9b:19:48:5c:b6:ab:37:9b:
af:08:ef:64:00:2a:24:9c:2c:5c:60:48:b4:28:be:
03:d3:4f:b5:e9:96:09:de:53:70:e1:a1:b7:48:14:
f0:d8:84:e0:88:d7:93:ad:e2:ca:b2:9f:68:38:1e:
97:d7:c4:88:af:40:ea:b6:ab:25:5c:c9:f7:f4:41:
fc:30:4e:70:87:f4:8f:f4:18:c5:31:2d:6b:ed:3f:
b9:5d:49:1b:cd:a9:ff:1b:b9:fc:e4:71:69:d9:68:
2e:a7:bc:24:9c:f1:3f:82:e0:69:a4:84:19:1a:9e:
24:8b:d1:45:2f:48:61:a4:bb:e2:18:bf:70:2d:be:
e7:d4:68:73:77:6f:99:0c:17:1b:23:df:cf:1a:b8:
be:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:36:89:BB:94:74:FE:89:80:3D:28:82:85:78:5C:E7:F1:BF:99:77
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:400::/38
Signature Algorithm: sha256WithRSAEncryption
17:b1:dc:cb:78:c2:a6:bf:b4:c1:30:83:99:93:89:f0:d4:d9:
b8:6c:4b:8a:0b:81:e2:12:08:bb:5d:b1:58:c6:3a:98:85:ff:
9c:57:be:bd:e5:e2:bc:74:16:09:5e:db:d9:05:36:dd:94:d1:
72:bf:bb:d0:b9:42:53:b1:f9:b2:6d:9a:20:99:c2:68:01:71:
78:0f:00:fe:fb:27:36:b1:2c:c0:ea:ad:95:d8:15:9d:8f:1d:
9f:83:fd:9b:f3:20:4c:ac:c9:b6:66:23:5a:97:fa:a8:c7:e1:
46:7c:6a:5b:7b:c5:07:bc:6b:14:00:e6:14:50:3f:38:01:e8:
7b:2f:b1:ca:d7:d1:79:13:3e:cd:61:52:ce:b9:91:72:8c:72:
a1:e6:70:1a:79:71:8c:24:b6:d0:cd:99:f6:64:c2:0b:82:f9:
d3:fe:47:d2:0f:2f:c3:5a:27:d4:81:73:7f:d2:92:ba:eb:47:
80:52:da:c3:19:d0:ea:42:d0:6b:c9:76:a1:86:24:80:50:ac:
0a:ae:79:21:f9:f9:2c:39:cc:71:ee:ca:4f:c5:7a:c6:9e:1d:
f0:c7:d8:bb:8b:0a:18:20:ac:41:62:0a:b3:26:d6:5f:f1:48:
27:f7:3c:9c:2d:39:c7:7d:44:b6:5b:7c:31:22:48:17:12:fd:
01:a1:94:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfxln/i7Z1dIi1AWGli6VFWd055QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQwNTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzYjIzNGU0YzE0ODQxNTdhYmQxMmFiYzE5MDE0Mzc0OGQyNTYwMGFiZGMw
MDllZjMwYWQ4NDEyODA4NDE0NTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAObPoLtToJCsSoKFMrHlch3ZhbS3Y4yxQskAH/vXnXr9/nfrJxQvbs6ta9Qm
Bjcc5yoj+DduWdDgNXLi4efHuz3filarvZIrexwII1vniar3Ut9PKq4KQ5qOnY1C
R7Vnb6dGa/+o7nsFVkPI3M5965sZSFy2qzebrwjvZAAqJJwsXGBItCi+A9NPtemW
Cd5TcOGht0gU8NiE4IjXk63iyrKfaDgel9fEiK9A6rarJVzJ9/RB/DBOcIf0j/QY
xTEta+0/uV1JG82p/xu5/ORxadloLqe8JJzxP4LgaaSEGRqeJIvRRS9IYaS74hi/
cC2+59Roc3dvmQwXGyPfzxq4vssCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSONom7
lHT+iYA9KIKFeFzn8b+ZdzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGEwNzc2OTktNDhjYi00MmExLTlmMWItMWU3YzlhM2FlODA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQE
MA0GCSqGSIb3DQEBCwUAA4IBAQAXsdzLeMKmv7TBMIOZk4nw1Nm4bEuKC4HiEgi7
XbFYxjqYhf+cV7695eK8dBYJXtvZBTbdlNFyv7vQuUJTsfmybZogmcJoAXF4DwD+
+yc2sSzA6q2V2BWdjx2fg/2b8yBMrMm2ZiNal/qox+FGfGpbe8UHvGsUAOYUUD84
Aeh7L7HK19F5Ez7NYVLOuZFyjHKh5nAaeXGMJLbQzZn2ZMILgvnT/kfSDy/DWifU
gXN/0pK660eAUtrDGdDqQtBryXahhiSAUKwKrnkh+fksOcxx7spPxXrGnh3wx9i7
iwoYIKxBYgqzJtZf8Ugn9zycLTnHfUS2W3wxIkgXEv0BoZTX
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:17 2025 by rpki-client