Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
File: 55ba2d71-c4db-41f1-a648-b39b354abfa6.roa (raw, json)
Hash identifier: H6kcs7hbnDz4kTVGIlWK2N7/gcEQKGLyhHbKlT0+5SU=
Subject key identifier: 60:BF:41:1D:98:6B:0C:B8:EC:B6:B0:02:6A:AC:F8:91:42:BD:48:D1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74131AB36EB9E4A4FFF674CF22DA59FDA0ADB258
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
Signing time: Fri 11 Jul 2025 20:10:20 +0000
ROA not before: Fri 11 Jul 2025 20:10:20 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:13:1a:b3:6e:b9:e4:a4:ff:f6:74:cf:22:da:59:fd:a0:ad:b2:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:10:20 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=c66201ff449aef28973a74313641a8f0ba9c41e010f061b5474880879aff9c4c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5a:2a:ff:1f:bc:4d:b9:24:d5:e6:05:4c:f4:
36:4b:0e:58:5d:4f:92:e6:47:13:6d:3d:92:60:cc:
e1:f8:5c:b2:34:3f:e0:54:4b:f1:25:f2:63:54:8e:
99:35:dd:38:bc:6f:52:83:58:fc:81:47:a1:64:36:
de:af:b8:40:a6:35:50:14:a4:5c:7d:21:28:29:bc:
3e:f4:f3:0c:67:2b:28:34:f0:ba:6e:a8:bb:6b:b7:
be:dd:5d:19:0e:d3:8f:5b:b4:95:96:9e:bc:54:70:
25:ae:f4:15:3e:53:2e:8b:1b:ab:e0:4a:d6:7e:76:
d9:b7:e1:b1:ef:d9:34:ab:bc:12:07:ab:10:08:8a:
2a:96:5b:34:9a:0d:2f:ab:97:f7:da:16:fe:31:4e:
60:c9:61:a2:af:f3:b3:e1:e6:76:3a:5a:db:7b:a1:
c8:b0:b4:33:bb:98:88:96:61:cc:0d:c1:05:74:95:
04:23:54:3b:56:af:cc:c5:3a:1b:a5:95:0e:e4:e9:
4d:8c:5b:62:28:0b:ac:7d:47:7e:a6:62:b1:56:11:
82:d1:3b:91:51:12:6a:00:79:2f:4a:fe:34:25:b5:
12:45:9a:cc:77:86:54:81:41:2c:83:b0:70:84:dd:
10:2c:76:6a:d0:25:5a:cf:17:73:20:7d:64:52:cd:
79:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:BF:41:1D:98:6B:0C:B8:EC:B6:B0:02:6A:AC:F8:91:42:BD:48:D1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:8000::/40
Signature Algorithm: sha256WithRSAEncryption
57:1b:ae:5a:fe:ae:ce:40:dc:74:bf:9f:1b:df:54:92:29:c9:
ce:fa:9d:b1:68:e2:da:a1:c6:e7:ea:af:ed:34:b5:f5:40:df:
63:a4:61:b3:cc:80:d5:c0:c8:4d:86:58:f6:c3:62:aa:34:af:
6e:d0:ad:06:13:69:96:3b:35:54:28:13:99:53:8c:fd:9d:df:
c1:e0:c0:9a:b3:fe:f9:f3:d9:82:ba:ce:b0:74:25:89:21:0d:
88:7a:55:0d:48:fb:43:f9:df:4a:99:b6:cf:ae:5e:f9:95:61:
d5:14:d0:4f:ce:9c:86:82:09:f3:f4:42:98:f1:ab:61:1c:3e:
83:db:db:f7:86:5e:bc:b3:89:3c:a6:dd:48:3e:b5:aa:76:2d:
3f:b2:ff:62:42:d6:89:89:ea:81:be:3f:35:0d:af:cb:08:28:
f6:97:92:19:37:68:ff:9c:53:e4:f5:6a:db:e9:f5:eb:db:9f:
d3:15:d7:0e:5e:ea:94:27:c9:36:8c:96:0d:d9:db:93:47:ec:
6e:7a:25:0d:7e:13:cf:8c:b3:16:6d:58:6a:34:a4:b4:dd:80:
b5:6b:bd:45:fb:e5:79:ac:f4:2b:0e:d7:60:53:e0:4c:3e:50:
c6:79:76:b2:a3:de:23:ee:12:fa:43:2d:d2:8d:40:fa:55:e6:
61:2a:04:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdBMas2655KT/9nTPItpZ/aCtslgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDEwMjBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2NjIwMWZmNDQ5YWVmMjg5NzNhNzQzMTM2NDFhOGYwYmE5YzQxZTAxMGYw
NjFiNTQ3NDg4MDg3OWFmZjljNGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMtaKv8fvE25JNXmBUz0NksOWF1PkuZHE209kmDM4fhcsjQ/4FRL8SXyY1SO
mTXdOLxvUoNY/IFHoWQ23q+4QKY1UBSkXH0hKCm8PvTzDGcrKDTwum6ou2u3vt1d
GQ7Tj1u0lZaevFRwJa70FT5TLosbq+BK1n522bfhse/ZNKu8EgerEAiKKpZbNJoN
L6uX99oW/jFOYMlhoq/zs+Hmdjpa23uhyLC0M7uYiJZhzA3BBXSVBCNUO1avzMU6
G6WVDuTpTYxbYigLrH1HfqZisVYRgtE7kVESagB5L0r+NCW1EkWazHeGVIFBLIOw
cITdECx2atAlWs8XcyB9ZFLNeYECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRgv0Ed
mGsMuOy2sAJqrPiRQr1I0TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTViYTJkNzEtYzRkYi00MWYxLWE2NDgtYjM5YjM1NGFiZmE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FiA
MA0GCSqGSIb3DQEBCwUAA4IBAQBXG65a/q7OQNx0v58b31SSKcnO+p2xaOLaocbn
6q/tNLX1QN9jpGGzzIDVwMhNhlj2w2KqNK9u0K0GE2mWOzVUKBOZU4z9nd/B4MCa
s/7589mCus6wdCWJIQ2IelUNSPtD+d9KmbbPrl75lWHVFNBPzpyGggnz9EKY8ath
HD6D29v3hl68s4k8pt1IPrWqdi0/sv9iQtaJieqBvj81Da/LCCj2l5IZN2j/nFPk
9Wrb6fXr25/TFdcOXuqUJ8k2jJYN2duTR+xueiUNfhPPjLMWbVhqNKS03YC1a71F
++V5rPQrDtdgU+BMPlDGeXayo94j7hL6Qy3SjUD6VeZhKgRe
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:20:09 2025 by rpki-client