Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5bbe6e-da67-4af0-af12-c86f93a16721.roa
File: 7d5bbe6e-da67-4af0-af12-c86f93a16721.roa (raw, json)
Hash identifier: 36xbJjxJ91pYAcBAKIynDBI+fCtdUEfmGBqP6GyEp8k=
Subject key identifier: DF:59:B0:05:6E:94:E2:79:D8:CD:8B:C9:02:3E:04:DD:11:24:F8:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E8C19C28CCE80318A1AF8E4A25C8FCFB711DAA8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5bbe6e-da67-4af0-af12-c86f93a16721.roa
Signing time: Sat 12 Jul 2025 00:50:07 +0000
ROA not before: Sat 12 Jul 2025 00:50:07 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:8c:19:c2:8c:ce:80:31:8a:1a:f8:e4:a2:5c:8f:cf:b7:11:da:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:50:07 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=a859935721ad46f80028b31eb0cac755ee983fc85594d0f21825e8a86172522a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e6:19:31:57:0b:b0:1f:69:1a:73:34:7e:21:
9c:81:d0:08:59:67:9c:76:00:a4:59:19:03:f3:4a:
63:8d:27:3d:34:7b:8c:36:c2:0b:5d:dd:1c:35:a1:
fb:8b:11:ed:3c:28:1a:d7:ce:cc:67:ad:25:e3:8a:
2a:2f:5c:79:23:03:b3:fb:31:69:2f:61:a9:bf:e4:
b6:ce:2c:1a:48:df:fe:3c:00:de:7e:9f:c9:84:54:
de:6c:29:75:0e:85:e7:81:9d:78:9f:8c:af:b9:df:
ff:28:8d:bd:66:0e:70:50:31:d3:4e:a1:74:a9:62:
3d:68:b0:ff:0c:20:53:92:eb:0b:a3:2b:5a:54:b2:
70:44:19:d1:dc:ea:fc:c1:80:e0:89:08:f1:50:30:
cd:3d:1b:f4:a6:6c:82:e4:42:5d:81:85:c1:bf:8f:
e5:d1:f5:c0:75:3a:5e:35:bf:55:c4:5d:43:2a:bc:
80:80:34:59:6e:ae:6d:4e:cb:72:77:3c:e8:46:3a:
bd:68:70:f8:3f:78:9c:46:89:91:d6:9c:b6:3e:60:
ac:f3:ad:bc:aa:48:c5:d2:94:95:be:73:07:24:13:
2e:73:51:b3:37:90:e1:54:34:a8:3a:ed:36:d0:19:
71:69:a0:7a:71:0e:07:a4:a6:9e:5a:4f:ef:36:5d:
2a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:59:B0:05:6E:94:E2:79:D8:CD:8B:C9:02:3E:04:DD:11:24:F8:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5bbe6e-da67-4af0-af12-c86f93a16721.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:6000::/40
Signature Algorithm: sha256WithRSAEncryption
95:6e:8b:4e:1c:df:39:92:6e:46:88:be:d5:41:a7:73:99:7d:
1d:a9:41:00:2d:fe:80:ff:71:10:ab:18:bd:43:c9:ac:33:83:
78:7b:55:44:7f:28:c9:e9:f8:45:b6:0b:ea:20:9e:2e:f4:f6:
cf:49:e2:fd:9d:01:6a:11:4f:1f:b0:f0:0a:28:56:57:53:c1:
c5:38:99:c5:93:a6:24:1a:64:1a:58:90:e0:5f:73:23:45:ad:
ab:6f:e7:cd:3f:55:78:e5:28:e1:38:9a:b3:33:19:d8:41:96:
dc:1c:6e:5e:3f:65:0a:4a:24:bf:ec:06:91:50:d0:4c:72:a0:
25:cc:d2:7f:a1:1e:01:17:79:37:cb:76:cd:08:18:82:34:f7:
df:66:53:80:68:14:dc:c0:8c:4e:9a:22:11:d1:4d:dc:d9:1c:
19:ee:d9:eb:0e:32:3c:57:7e:1a:48:e1:56:0c:2b:f9:3b:14:
4d:02:7b:9a:30:22:ea:00:cc:a1:7b:1e:68:1e:4a:6c:2f:8f:
3a:70:62:70:a3:e1:bb:3c:2e:90:b0:0c:09:d0:18:ca:b2:c1:
35:cf:c4:2f:2e:78:2e:78:e9:1a:01:9c:b2:8c:cc:a0:fe:e9:
77:c2:4e:77:63:1d:10:ec:0d:22:08:6f:a3:1b:b5:3d:5c:ad:
9f:f6:4a:4d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbowZwozOgDGKGvjkolyPz7cR2qgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUwMDdaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4NTk5MzU3MjFhZDQ2ZjgwMDI4YjMxZWIwY2FjNzU1ZWU5ODNmYzg1NTk0
ZDBmMjE4MjVlOGE4NjE3MjUyMmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPmGTFXC7AfaRpzNH4hnIHQCFlnnHYApFkZA/NKY40nPTR7jDbCC13dHDWh
+4sR7TwoGtfOzGetJeOKKi9ceSMDs/sxaS9hqb/kts4sGkjf/jwA3n6fyYRU3mwp
dQ6F54GdeJ+Mr7nf/yiNvWYOcFAx006hdKliPWiw/wwgU5LrC6MrWlSycEQZ0dzq
/MGA4IkI8VAwzT0b9KZsguRCXYGFwb+P5dH1wHU6XjW/VcRdQyq8gIA0WW6ubU7L
cnc86EY6vWhw+D94nEaJkdactj5grPOtvKpIxdKUlb5zByQTLnNRszeQ4VQ0qDrt
NtAZcWmgenEOB6SmnlpP7zZdKkECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTfWbAF
bpTiedjNi8kCPgTdEST4NDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2Q1YmJlNmUtZGE2Ny00YWYwLWFmMTItYzg2ZjkzYTE2NzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9g
MA0GCSqGSIb3DQEBCwUAA4IBAQCVbotOHN85km5GiL7VQadzmX0dqUEALf6A/3EQ
qxi9Q8msM4N4e1VEfyjJ6fhFtgvqIJ4u9PbPSeL9nQFqEU8fsPAKKFZXU8HFOJnF
k6YkGmQaWJDgX3MjRa2rb+fNP1V45SjhOJqzMxnYQZbcHG5eP2UKSiS/7AaRUNBM
cqAlzNJ/oR4BF3k3y3bNCBiCNPffZlOAaBTcwIxOmiIR0U3c2RwZ7tnrDjI8V34a
SOFWDCv5OxRNAnuaMCLqAMyhex5oHkpsL486cGJwo+G7PC6QsAwJ0BjKssE1z8Qv
LngueOkaAZyyjMyg/ul3wk53Yx0Q7A0iCG+jG7U9XK2f9kpN
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:16 2025 by rpki-client