Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
File: 7116ef93-bff5-462e-a725-ae90147ffd39.roa (raw, json)
Hash identifier: ZjnmmI7kfr1tJ8LdX/metKptb1OEpQ0KfeJOQ4xYThU=
Subject key identifier: 1B:B5:17:2B:BD:CA:32:62:1C:89:D9:0F:37:A5:03:71:E1:54:14:77
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77887C36F63B33F2F21AD9BFCC2CCA6E3E398AAD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
Signing time: Fri 11 Jul 2025 19:10:59 +0000
ROA not before: Fri 11 Jul 2025 19:10:59 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:88:7c:36:f6:3b:33:f2:f2:1a:d9:bf:cc:2c:ca:6e:3e:39:8a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:10:59 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=738b08ab1f52ac4ac1544193448bb4eec765eee6bf33a79261eb9c26b8cab0ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:0d:d4:bd:2e:90:e6:b7:94:08:87:62:5a:61:
5e:9a:80:26:db:bd:dd:d2:b6:c0:9b:5e:87:f5:77:
c3:fc:db:c1:b1:b8:2f:95:0a:41:b5:cf:a4:f0:b0:
1e:c0:27:fb:0c:65:d7:f7:aa:1e:d6:b2:53:96:54:
7e:40:fa:66:92:83:35:91:a3:47:54:ba:f5:91:22:
ee:03:9e:eb:bd:96:14:dd:ce:1d:e4:2e:1b:38:69:
b5:3f:ea:a1:7e:72:0f:27:b9:58:80:67:47:17:22:
c7:50:e8:c0:a7:c2:99:58:d9:31:b4:ab:f6:a9:ba:
f4:2d:c3:91:e4:62:d2:0c:77:65:ad:fd:f2:fa:85:
77:6e:03:51:44:df:78:7d:00:80:d3:e6:27:47:5f:
10:e3:85:5d:00:9a:ee:61:7d:fd:05:28:58:cc:ff:
5a:fd:67:e8:e1:ea:4f:db:9d:e7:c3:0c:dc:f8:77:
c8:e1:24:32:c2:49:1d:42:68:13:25:64:fd:19:a8:
f6:98:58:fd:21:5d:1e:0f:a7:b4:74:24:f5:db:5a:
d9:cf:13:78:dd:43:0e:d0:67:52:19:e3:43:85:91:
2b:c5:ab:68:01:8d:6f:1a:56:38:ae:02:bb:51:aa:
7d:8c:e4:4b:7c:6e:1e:c3:a2:9c:4c:4b:3c:5d:55:
34:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:B5:17:2B:BD:CA:32:62:1C:89:D9:0F:37:A5:03:71:E1:54:14:77
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
44:42:89:35:32:28:a4:e4:b6:c0:37:9c:be:28:8e:74:cc:e3:
48:ca:4e:9e:9f:fa:bf:7a:fb:fd:07:d9:a0:ba:fd:b3:7a:4d:
ec:e2:c8:85:94:65:4d:3c:8c:cd:89:7e:63:1a:8b:a9:b5:2f:
94:43:ec:78:f2:27:b0:f3:39:35:5f:e7:2f:21:ec:a0:85:20:
21:60:6d:e4:78:ea:7c:b8:55:60:60:9b:82:71:89:b1:ee:80:
80:f2:c9:f1:c7:58:e8:21:2d:43:4c:9d:4b:31:7f:96:29:18:
47:91:9f:09:f2:1b:a7:3e:e1:43:26:5e:46:ef:5d:9c:cc:09:
25:0a:0b:60:e0:df:e5:74:78:6d:f8:af:32:5c:29:d3:ef:93:
5a:a9:2c:4a:b8:55:49:04:a0:f8:90:89:61:3b:68:d3:36:df:
10:b2:18:d0:e7:66:b8:70:75:ba:42:90:5d:bf:88:9e:53:e2:
84:33:a7:da:96:a9:c8:9c:32:50:e7:58:91:2b:cc:01:57:56:
35:13:d3:92:84:5c:03:1c:00:4b:61:1e:1c:00:92:33:22:49:
30:7c:f3:b7:04:2c:86:8e:a1:a0:e8:da:15:95:8b:a6:f6:25:
51:d6:b5:ec:92:52:31:6e:9d:c4:9c:ad:c1:a0:a4:93:d3:cc:
ae:b9:7b:bb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUd4h8NvY7M/LyGtm/zCzKbj45iq0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTEwNTlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDczOGIwOGFiMWY1MmFjNGFjMTU0NDE5MzQ0OGJiNGVlYzc2NWVlZTZiZjMz
YTc5MjYxZWI5YzI2YjhjYWIwYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOgN1L0ukOa3lAiHYlphXpqAJtu93dK2wJteh/V3w/zbwbG4L5UKQbXPpPCw
HsAn+wxl1/eqHtayU5ZUfkD6ZpKDNZGjR1S69ZEi7gOe672WFN3OHeQuGzhptT/q
oX5yDye5WIBnRxcix1DowKfCmVjZMbSr9qm69C3DkeRi0gx3Za398vqFd24DUUTf
eH0AgNPmJ0dfEOOFXQCa7mF9/QUoWMz/Wv1n6OHqT9ud58MM3Ph3yOEkMsJJHUJo
EyVk/Rmo9phY/SFdHg+ntHQk9dta2c8TeN1DDtBnUhnjQ4WRK8WraAGNbxpWOK4C
u1GqfYzkS3xuHsOinExLPF1VNIUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQbtRcr
vcoyYhyJ2Q83pQNx4VQUdzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzExNmVmOTMtYmZmNS00NjJlLWE3MjUtYWU5MDE0N2ZmZDM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
wDANBgkqhkiG9w0BAQsFAAOCAQEAREKJNTIopOS2wDecviiOdMzjSMpOnp/6v3r7
/QfZoLr9s3pN7OLIhZRlTTyMzYl+YxqLqbUvlEPsePInsPM5NV/nLyHsoIUgIWBt
5HjqfLhVYGCbgnGJse6AgPLJ8cdY6CEtQ0ydSzF/likYR5GfCfIbpz7hQyZeRu9d
nMwJJQoLYODf5XR4bfivMlwp0++TWqksSrhVSQSg+JCJYTto0zbfELIY0OdmuHB1
ukKQXb+InlPihDOn2papyJwyUOdYkSvMAVdWNRPTkoRcAxwAS2EeHACSMyJJMHzz
twQsho6hoOjaFZWLpvYlUda17JJSMW6dxJytwaCkk9PMrrl7uw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:10 2025 by rpki-client