Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81574dff-feff-4992-98e4-f8b95431a28d.roa
File: 81574dff-feff-4992-98e4-f8b95431a28d.roa (raw, json)
Hash identifier: a0ACKlSnO9HQlAxg2q+h0G0zvMO6Tymok0mnecYmNqo=
Subject key identifier: 84:DE:2F:90:CF:BE:79:A5:D6:A7:19:2B:E0:69:43:BB:F1:51:36:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B85D3AB5A8D1E784173726C35A1DB7A4FFD99A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81574dff-feff-4992-98e4-f8b95431a28d.roa
Signing time: Fri 11 Jul 2025 19:50:37 +0000
ROA not before: Fri 11 Jul 2025 19:50:37 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:9040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:85:d3:ab:5a:8d:1e:78:41:73:72:6c:35:a1:db:7a:4f:fd:99:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:50:37 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=98ddb03e75668e6a7d145f3be7f33d9c0cd572171cb8c9a730b6c840e94058e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:9e:8e:2d:1a:1b:b6:a4:45:5b:46:23:9b:5f:
21:b5:ce:55:86:47:d0:d9:0a:00:3c:27:a4:37:f8:
d7:2a:52:a6:02:e3:28:82:63:f1:cd:53:96:73:75:
69:c5:b9:6a:23:be:52:5b:18:28:91:f2:ad:5b:fd:
c3:6d:0f:ab:aa:24:19:bc:87:6e:b9:80:55:5f:cc:
9f:71:dd:70:33:06:9a:36:d4:1a:cd:9a:c3:b4:fe:
9a:31:b7:14:2f:85:d3:82:54:96:53:31:a2:e4:5e:
55:df:9a:df:bd:c5:6c:e4:6d:44:d8:2f:da:e7:57:
f8:af:35:77:60:59:f1:39:8d:98:c6:8b:0d:9a:24:
50:3a:7f:db:e7:7b:9c:a5:cd:fb:14:84:06:f6:52:
07:32:4e:90:7a:a4:ff:c4:d1:0a:09:7d:61:20:dc:
ac:5a:d0:b1:d2:83:78:62:ba:fd:3b:8f:a1:a0:04:
1a:8a:57:9a:2a:00:3c:75:fd:8f:32:d7:06:7b:44:
c8:da:21:5a:f5:6d:10:01:00:15:76:22:9a:a0:58:
c6:16:45:88:f6:70:13:40:d0:ef:63:0c:91:9a:da:
2a:97:4d:8b:69:1b:19:39:1b:19:e5:d7:0f:68:08:
82:3d:7c:3f:46:91:04:7a:f3:5d:9b:69:9a:55:90:
ad:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DE:2F:90:CF:BE:79:A5:D6:A7:19:2B:E0:69:43:BB:F1:51:36:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81574dff-feff-4992-98e4-f8b95431a28d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:9040::/46
Signature Algorithm: sha256WithRSAEncryption
23:fe:44:45:41:4c:53:0c:47:08:e0:4a:d9:d6:4d:dd:63:7b:
80:26:d9:7f:8e:2a:d5:c3:9c:b0:af:35:5d:46:a4:a8:ec:10:
5e:83:19:59:16:aa:3f:24:63:be:63:7e:1f:d5:d5:b3:5c:ad:
7d:b0:ff:8b:81:1a:f7:46:5c:78:9d:ad:b6:d9:c0:8b:25:27:
23:bd:f2:5a:ce:b6:06:3d:3c:60:26:b4:66:36:9e:5f:79:c1:
1e:39:81:d8:a7:93:70:de:9e:e1:53:c1:24:30:43:82:7f:5d:
31:c3:ca:7e:8b:45:d3:c4:2e:b5:fa:e4:ba:86:cf:13:de:45:
cb:2f:f4:4b:7a:da:97:1f:f5:70:c9:7f:38:9e:13:18:81:93:
ff:aa:11:1c:4a:c5:80:fd:4c:c9:56:98:65:19:94:90:42:78:
28:81:69:4b:f1:6f:ef:66:24:be:dc:33:e4:80:88:18:31:54:
d5:74:ab:7b:d1:d7:9c:41:f2:30:b9:17:7b:d3:29:5d:2d:2f:
af:7e:84:a4:13:e5:14:60:0f:02:75:45:4e:bd:9e:36:ec:1e:
f1:78:d1:9a:d2:25:de:59:b4:e9:5c:70:0a:8b:71:27:fe:77:
2e:25:ab:da:8a:46:89:00:ab:f4:cd:bf:92:ff:c5:88:72:ad:
87:43:fe:74
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUa4XTq1qNHnhBc3JsNaHbek/9maAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUwMzdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4ZGRiMDNlNzU2NjhlNmE3ZDE0NWYzYmU3ZjMzZDljMGNkNTcyMTcxY2I4
YzlhNzMwYjZjODQwZTk0MDU4ZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJKeji0aG7akRVtGI5tfIbXOVYZH0NkKADwnpDf41ypSpgLjKIJj8c1TlnN1
acW5aiO+UlsYKJHyrVv9w20Pq6okGbyHbrmAVV/Mn3HdcDMGmjbUGs2aw7T+mjG3
FC+F04JUllMxouReVd+a373FbORtRNgv2udX+K81d2BZ8TmNmMaLDZokUDp/2+d7
nKXN+xSEBvZSBzJOkHqk/8TRCgl9YSDcrFrQsdKDeGK6/TuPoaAEGopXmioAPHX9
jzLXBntEyNohWvVtEAEAFXYimqBYxhZFiPZwE0DQ72MMkZraKpdNi2kbGTkbGeXX
D2gIgj18P0aRBHrzXZtpmlWQrWsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSE3i+Q
z755pdanGSvgaUO78VE2KzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODE1NzRkZmYtZmVmZi00OTkyLTk4ZTQtZjhiOTU0MzFhMjhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAI/5ERUFMUwxHCOBK2dZN3WN7gCbZf44q1cOc
sK81XUakqOwQXoMZWRaqPyRjvmN+H9XVs1ytfbD/i4Ea90ZceJ2tttnAiyUnI73y
Ws62Bj08YCa0ZjaeX3nBHjmB2KeTcN6e4VPBJDBDgn9dMcPKfotF08QutfrkuobP
E95Fyy/0S3ralx/1cMl/OJ4TGIGT/6oRHErFgP1MyVaYZRmUkEJ4KIFpS/Fv72Yk
vtwz5ICIGDFU1XSre9HXnEHyMLkXe9MpXS0vr36EpBPlFGAPAnVFTr2eNuwe8XjR
mtIl3lm06VxwCotxJ/53LiWr2opGiQCr9M2/kv/FiHKth0P+dA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:04 2025 by rpki-client