Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
File: 74c7eb62-ad02-4aa2-9be5-024692c6239f.roa (raw, json)
Hash identifier: CJYvEW3Eq+rUqx1QLHx7t9l3EN7cWcJKQMPQDDbc648=
Subject key identifier: C6:A9:45:0E:A8:A9:4F:3B:4C:90:2D:0E:A9:21:E2:1B:9F:D7:CB:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A4B942E811D4E4CC5E5BFBE7281B6138A7C236F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
Signing time: Fri 11 Jul 2025 19:01:29 +0000
ROA not before: Fri 11 Jul 2025 19:01:29 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:4b:94:2e:81:1d:4e:4c:c5:e5:bf:be:72:81:b6:13:8a:7c:23:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:01:29 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=77579e151bd82274293b156edccfcac88191fab97796e6416c954a0c5c698332, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:71:5a:90:f0:91:9c:fb:46:f2:ac:99:42:f4:
aa:f6:47:99:3e:25:94:be:e1:b6:e7:78:06:00:9a:
30:50:af:2b:d5:96:44:c7:18:e1:e5:79:36:fb:59:
24:2e:fc:c1:1f:29:89:12:91:e4:e5:85:f9:70:d1:
37:40:62:b3:d2:b5:40:80:1b:8a:db:4f:95:d7:5e:
ee:cc:fc:59:a8:a6:b1:63:a7:03:83:f0:3e:93:9d:
ad:f9:ef:a5:7d:7b:a3:dc:cd:d5:ab:1d:b6:d2:e0:
d5:29:ff:a5:e3:65:7f:64:5b:f8:d8:34:61:57:79:
9b:4c:6d:c1:e9:83:c1:b4:36:47:f1:0f:76:9d:e7:
43:cf:a0:0b:c5:ac:d9:25:b1:7e:91:e6:a6:27:fc:
b2:5e:9f:b5:69:f9:d0:ff:98:ce:25:c2:86:88:59:
68:7a:5f:d6:20:6a:fd:3d:11:9c:35:b3:6c:dc:1d:
3b:3b:cf:43:1f:41:f3:ad:38:61:19:c0:02:21:8c:
06:86:b6:55:cc:f2:15:d3:fb:5e:4e:1f:06:57:2a:
23:b1:a4:7d:0c:72:8d:e9:8b:33:87:66:fc:27:d6:
62:b3:bb:b3:51:8b:e6:83:01:f6:05:66:df:61:a6:
51:45:61:5f:80:cc:07:78:97:cf:f3:c2:6a:b2:48:
fb:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:A9:45:0E:A8:A9:4F:3B:4C:90:2D:0E:A9:21:E2:1B:9F:D7:CB:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2000::/40
Signature Algorithm: sha256WithRSAEncryption
c6:e5:06:1c:40:eb:bc:a3:b1:c4:5d:a1:5a:42:23:29:07:2d:
9d:c6:24:83:4a:0f:6e:f3:bb:6d:f7:fa:72:2b:35:01:9b:4d:
f0:5c:d6:f5:2d:89:25:df:4b:a2:85:e8:7a:c3:31:e9:29:39:
3e:e2:ab:6c:f8:0b:dc:be:5e:8c:71:74:8b:aa:05:b2:23:cb:
e6:3f:9f:6d:fd:90:5a:b4:f5:3b:e5:d2:cf:b0:af:da:9d:86:
18:42:b8:69:31:67:21:72:92:92:54:23:fe:c4:9e:cd:0c:4b:
9d:1a:2a:9f:29:3c:46:67:c4:7a:e3:68:96:cb:66:74:61:8d:
f5:64:41:33:56:22:3e:02:e4:96:8c:4a:c0:ba:0c:61:13:0c:
84:b2:eb:c1:7e:ef:34:1c:96:a0:a4:9f:e7:71:80:cf:41:8f:
dc:4f:30:34:5a:24:01:6f:53:0e:ca:12:50:1c:58:42:a3:24:
a3:66:2e:5b:34:d2:f5:74:9e:7f:43:46:c2:b3:1c:6a:53:97:
53:b6:30:dc:af:16:5f:00:94:88:54:a7:36:0e:45:2f:aa:41:
b4:61:d3:70:25:da:7f:f1:98:d0:a2:db:9a:c1:61:b8:31:45:
72:11:92:ca:d0:d3:6d:37:79:17:89:6f:e1:dc:f3:1a:fd:2c:
dc:34:7a:28
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUakuULoEdTkzF5b++coG2E4p8I28wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTAxMjlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3NTc5ZTE1MWJkODIyNzQyOTNiMTU2ZWRjY2ZjYWM4ODE5MWZhYjk3Nzk2
ZTY0MTZjOTU0YTBjNWM2OTgzMzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlxWpDwkZz7RvKsmUL0qvZHmT4llL7htud4BgCaMFCvK9WWRMcY4eV5NvtZ
JC78wR8piRKR5OWF+XDRN0Bis9K1QIAbittPldde7sz8WaimsWOnA4PwPpOdrfnv
pX17o9zN1asdttLg1Sn/peNlf2Rb+Ng0YVd5m0xtwemDwbQ2R/EPdp3nQ8+gC8Ws
2SWxfpHmpif8sl6ftWn50P+YziXChohZaHpf1iBq/T0RnDWzbNwdOzvPQx9B8604
YRnAAiGMBoa2VczyFdP7Xk4fBlcqI7GkfQxyjemLM4dm/CfWYrO7s1GL5oMB9gVm
32GmUUVhX4DMB3iXz/PCarJI+7cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTGqUUO
qKlPO0yQLQ6pIeIbn9fLXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzRjN2ViNjItYWQwMi00YWEyLTliZTUtMDI0NjkyYzYyMzlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAg
MA0GCSqGSIb3DQEBCwUAA4IBAQDG5QYcQOu8o7HEXaFaQiMpBy2dxiSDSg9u87tt
9/pyKzUBm03wXNb1LYkl30uiheh6wzHpKTk+4qts+Avcvl6McXSLqgWyI8vmP59t
/ZBatPU75dLPsK/anYYYQrhpMWchcpKSVCP+xJ7NDEudGiqfKTxGZ8R642iWy2Z0
YY31ZEEzViI+AuSWjErAugxhEwyEsuvBfu80HJagpJ/ncYDPQY/cTzA0WiQBb1MO
yhJQHFhCoySjZi5bNNL1dJ5/Q0bCsxxqU5dTtjDcrxZfAJSIVKc2DkUvqkG0YdNw
Jdp/8ZjQotuawWG4MUVyEZLK0NNtN3kXiW/h3PMa/SzcNHoo
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:17 2025 by rpki-client