Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a56b250-ea3b-4b36-bc05-9e25e6cabb2c.roa
File: 5a56b250-ea3b-4b36-bc05-9e25e6cabb2c.roa (raw, json)
Hash identifier: JjiDDiaPCGGcy0GWM6PQetWviK9ZsVPF7BTdVPdI2Do=
Subject key identifier: 0E:ED:1F:10:71:B0:A4:60:C6:EE:2C:EE:91:CF:5D:36:E4:29:DC:72
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 64F12A478301860B67242D5BF5253F121E7192CE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a56b250-ea3b-4b36-bc05-9e25e6cabb2c.roa
Signing time: Fri 11 Jul 2025 20:00:07 +0000
ROA not before: Fri 11 Jul 2025 20:00:07 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:f1:2a:47:83:01:86:0b:67:24:2d:5b:f5:25:3f:12:1e:71:92:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:00:07 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=79d26de35a4e930e000041f99c1ec2f6064d40023a1b832c55b69aab9452d2a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a7:4f:bc:c9:74:30:d5:b1:1e:95:34:41:e5:
c6:02:27:22:c8:9b:b2:9f:4b:72:e1:57:96:1a:10:
6c:4b:11:bb:dd:2a:96:72:ce:4e:40:6f:d2:56:5f:
68:89:29:06:43:d4:81:9c:01:79:64:54:f8:9e:18:
16:6c:29:84:56:be:df:9e:c7:ea:1e:b5:7b:c8:de:
a7:a2:e5:be:b3:56:1f:27:a9:29:a8:f1:53:d7:2e:
89:82:a8:ab:a5:44:0a:48:98:15:a6:7d:d2:f0:5b:
b1:96:2b:c1:a1:be:07:4a:9a:5a:8a:cc:c7:8d:f2:
32:ff:6b:42:37:d1:9b:6c:17:3a:8d:b8:d9:e7:e6:
98:d9:b5:1d:ac:41:a7:57:25:14:2f:67:9b:37:7f:
4e:ab:8a:4d:cc:2d:57:56:74:ec:a0:1e:db:1b:99:
5b:ca:7d:9d:57:5b:eb:c5:5e:82:c5:80:2a:b2:62:
bb:09:41:bb:2a:7a:e8:6f:3e:e2:49:46:c8:eb:f0:
d9:fe:9e:7b:bc:95:ea:f9:03:b2:8d:ef:f2:f4:7d:
74:bc:29:49:ef:3a:7e:3e:d3:24:45:3f:0d:c6:64:
66:e1:d2:ba:42:70:07:76:ea:e6:17:fb:60:e0:27:
e4:cf:15:46:49:26:83:44:b4:2d:f5:57:32:eb:ae:
1d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:ED:1F:10:71:B0:A4:60:C6:EE:2C:EE:91:CF:5D:36:E4:29:DC:72
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a56b250-ea3b-4b36-bc05-9e25e6cabb2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:9000::/40
Signature Algorithm: sha256WithRSAEncryption
32:da:70:93:c9:89:37:da:6f:d3:74:71:4f:3a:2e:a0:d5:5d:
f2:80:7b:d2:4f:a4:f7:95:72:08:e3:56:19:d5:e4:88:29:ca:
89:93:da:ed:eb:36:f9:1d:09:4f:f7:72:35:17:2b:29:11:8a:
cc:eb:15:1f:f5:93:e3:3b:f4:3a:71:d9:7b:a2:9b:88:be:ee:
c6:67:fe:e5:28:d3:5c:c0:14:ce:b4:c2:61:0d:ca:25:14:91:
d2:a8:72:90:c6:62:21:18:26:07:66:c9:52:6d:fd:52:88:41:
b3:14:2f:08:24:86:b0:0f:eb:46:82:07:62:88:dc:67:a8:80:
50:1f:c9:47:92:c6:54:e3:0e:c3:88:3e:26:44:8b:e3:4a:13:
a0:63:b6:64:8a:d8:82:b1:1d:85:01:27:d7:29:f8:a7:d5:b1:
32:c2:e6:b8:41:31:8e:c4:af:39:19:19:eb:19:b2:30:81:5a:
4c:e9:e8:e7:fd:da:52:12:5f:ed:4a:ca:8e:7f:69:18:60:58:
f5:97:06:ef:e0:87:65:5d:79:34:b3:b2:2d:9a:fa:5b:80:38:
f0:7a:b9:d0:96:02:15:ce:0d:5d:33:b3:79:88:ea:d5:44:36:
e6:92:7c:e3:44:5f:b4:03:3b:28:3d:97:15:22:3e:f7:6e:7d:
89:f6:f0:85
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZPEqR4MBhgtnJC1b9SU/Eh5xks4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAwMDdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5ZDI2ZGUzNWE0ZTkzMGUwMDAwNDFmOTljMWVjMmY2MDY0ZDQwMDIzYTFi
ODMyYzU1YjY5YWFiOTQ1MmQyYTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKenT7zJdDDVsR6VNEHlxgInIsibsp9LcuFXlhoQbEsRu90qlnLOTkBv0lZf
aIkpBkPUgZwBeWRU+J4YFmwphFa+357H6h61e8jep6LlvrNWHyepKajxU9cuiYKo
q6VECkiYFaZ90vBbsZYrwaG+B0qaWorMx43yMv9rQjfRm2wXOo242efmmNm1HaxB
p1clFC9nmzd/TquKTcwtV1Z07KAe2xuZW8p9nVdb68VegsWAKrJiuwlBuyp66G8+
4klGyOvw2f6ee7yV6vkDso3v8vR9dLwpSe86fj7TJEU/DcZkZuHSukJwB3bq5hf7
YOAn5M8VRkkmg0S0LfVXMuuuHesCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQO7R8Q
cbCkYMbuLO6Rz1025CnccjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWE1NmIyNTAtZWEzYi00YjM2LWJjMDUtOWUyNWU2Y2FiYjJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAy2nCTyYk32m/TdHFPOi6g1V3ygHvST6T3lXII
41YZ1eSIKcqJk9rt6zb5HQlP93I1FyspEYrM6xUf9ZPjO/Q6cdl7opuIvu7GZ/7l
KNNcwBTOtMJhDcolFJHSqHKQxmIhGCYHZslSbf1SiEGzFC8IJIawD+tGggdiiNxn
qIBQH8lHksZU4w7DiD4mRIvjShOgY7ZkitiCsR2FASfXKfin1bEywua4QTGOxK85
GRnrGbIwgVpM6ejn/dpSEl/tSsqOf2kYYFj1lwbv4IdlXXk0s7ItmvpbgDjwernQ
lgIVzg1dM7N5iOrVRDbmknzjRF+0AzsoPZcVIj73bn2J9vCF
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:36:26 2025 by rpki-client