Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
File: 5c829516-8640-4a9a-a2b3-cfababf09faa.roa (raw, json)
Hash identifier: wY/H/pDKlLFflW/se+yVznTQKO3f6GLomSSI6eGPKxw=
Subject key identifier: 9C:44:E7:51:90:E1:F2:C7:6C:C9:18:F8:E2:E7:ED:45:AA:9A:6C:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B69496B2E0ED38D0A8EE2A566BD561151BC724F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
Signing time: Fri 11 Jul 2025 19:21:29 +0000
ROA not before: Fri 11 Jul 2025 19:21:29 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:69:49:6b:2e:0e:d3:8d:0a:8e:e2:a5:66:bd:56:11:51:bc:72:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:21:29 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f15e3feca49be1a99cbf329b0fb643e64f39b629abbf6f1329924c6d94ec88de, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a6:01:c0:3d:6b:89:6f:ac:31:9f:2a:71:62:
15:53:1c:6e:25:4b:31:cb:cd:23:79:25:ec:69:a3:
d2:b6:fd:64:b6:cc:0b:83:94:92:e6:49:1d:d8:4b:
ca:5d:3a:8d:47:4c:9b:a1:b9:cf:cc:4a:80:a3:fd:
18:11:ab:d7:88:5c:56:aa:a4:95:13:ce:a1:da:96:
d8:9f:4b:a1:69:f7:90:4f:28:c9:f9:e3:c4:87:cd:
e2:b0:f4:81:12:4a:cb:13:43:d4:76:79:af:cd:b1:
ba:76:3e:a8:f6:9e:24:fe:86:b2:bb:b5:e7:af:32:
e8:52:16:20:9f:84:fe:19:ec:6a:eb:01:e5:19:58:
28:f0:b9:46:86:93:e1:70:be:b8:91:6e:f3:59:6d:
9a:62:3b:34:c4:44:7e:ee:e6:a8:00:7c:67:95:a5:
7d:71:72:53:b0:8f:dc:c2:1d:b1:23:28:ee:7a:16:
bd:f3:ad:06:c8:7e:16:7a:37:13:33:e3:b8:8f:60:
56:27:eb:fe:74:8b:0a:c0:82:35:ae:ae:bf:73:65:
69:1d:18:bb:94:e0:cb:af:9e:df:f7:5e:e0:87:4b:
5e:fc:a3:dc:09:74:85:e3:f0:f4:e4:ab:7e:8d:34:
92:8b:35:6c:85:12:6b:50:1f:96:5d:59:8b:6f:3e:
a7:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:44:E7:51:90:E1:F2:C7:6C:C9:18:F8:E2:E7:ED:45:AA:9A:6C:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e080::/48
Signature Algorithm: sha256WithRSAEncryption
53:d8:eb:43:58:0c:94:b8:4d:cc:ab:bd:3c:71:e8:b2:2f:7b:
c6:df:ea:f8:90:ad:83:7a:57:f2:9f:92:5f:b8:81:84:17:49:
a6:0d:e8:4a:62:6f:5c:4f:90:a5:86:67:79:e6:ba:25:ce:92:
ee:86:ec:80:ee:94:b6:7a:06:60:81:6a:6b:39:6d:dd:38:d8:
7d:7c:01:69:90:86:7a:95:d4:ed:b9:bc:da:ff:b2:d1:a0:20:
68:2a:f8:f2:16:25:b3:90:24:ce:46:2c:b7:cb:1d:5d:5f:ce:
4a:b7:a2:88:03:ad:c4:8c:a1:dd:a9:33:14:18:dd:ad:be:67:
b2:73:64:66:43:6f:77:f4:73:9d:c8:ed:52:50:0d:0b:91:48:
58:5b:86:02:ad:4b:6e:69:6b:86:dd:96:45:41:92:54:9f:e2:
8f:95:94:ac:7e:48:b2:5c:28:6f:55:b8:c6:e2:22:2a:ca:20:
83:b1:13:5d:8f:6f:c6:9f:17:34:b5:fb:86:f5:d5:c8:74:be:
7a:d3:c6:bf:a6:dd:65:cc:58:f0:78:1a:a6:0d:a9:97:94:d9:
82:b0:ac:49:e9:03:71:33:8b:58:5a:6e:e0:f0:44:27:34:e0:
57:53:1a:18:bf:11:99:9d:44:80:4d:a9:86:13:87:e6:9e:c8:
67:bb:52:f3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUK2lJay4O040KjuKlZr1WEVG8ck8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIxMjlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxNWUzZmVjYTQ5YmUxYTk5Y2JmMzI5YjBmYjY0M2U2NGYzOWI2MjlhYmJm
NmYxMzI5OTI0YzZkOTRlYzg4ZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSmAcA9a4lvrDGfKnFiFVMcbiVLMcvNI3kl7Gmj0rb9ZLbMC4OUkuZJHdhL
yl06jUdMm6G5z8xKgKP9GBGr14hcVqqklRPOodqW2J9LoWn3kE8oyfnjxIfN4rD0
gRJKyxND1HZ5r82xunY+qPaeJP6Gsru1568y6FIWIJ+E/hnsausB5RlYKPC5RoaT
4XC+uJFu81ltmmI7NMREfu7mqAB8Z5WlfXFyU7CP3MIdsSMo7noWvfOtBsh+Fno3
EzPjuI9gVifr/nSLCsCCNa6uv3NlaR0Yu5Tgy6+e3/de4IdLXvyj3Al0hePw9OSr
fo00kos1bIUSa1Afll1Zi28+p5cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBScROdR
kOHyx2zJGPji5+1FqppsTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM4Mjk1MTYtODY0MC00YTlhLWEyYjMtY2ZhYmFiZjA5ZmFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg
gDANBgkqhkiG9w0BAQsFAAOCAQEAU9jrQ1gMlLhNzKu9PHHosi97xt/q+JCtg3pX
8p+SX7iBhBdJpg3oSmJvXE+QpYZneea6Jc6S7obsgO6UtnoGYIFqazlt3TjYfXwB
aZCGepXU7bm82v+y0aAgaCr48hYls5AkzkYst8sdXV/OSreiiAOtxIyh3akzFBjd
rb5nsnNkZkNvd/RzncjtUlANC5FIWFuGAq1Lbmlrht2WRUGSVJ/ij5WUrH5Islwo
b1W4xuIiKsogg7ETXY9vxp8XNLX7hvXVyHS+etPGv6bdZcxY8Hgapg2pl5TZgrCs
SekDcTOLWFpu4PBEJzTgV1MaGL8RmZ1EgE2phhOH5p7IZ7tS8w==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:18 2025 by rpki-client