Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
File: 9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa (raw, json)
Hash identifier: tblig99OUOrKr2OpHTab7MK6AyIVuJ0kffvr7WZxKaU=
Subject key identifier: 8F:27:70:FA:20:67:A9:73:07:F4:9B:61:3C:55:82:B0:77:2A:9B:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 171E41F2A280B14C8AE1A4046038C0B570F5FDD6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
Signing time: Fri 11 Jul 2025 19:31:13 +0000
ROA not before: Fri 11 Jul 2025 19:31:13 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:1e:41:f2:a2:80:b1:4c:8a:e1:a4:04:60:38:c0:b5:70:f5:fd:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:31:13 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=3f49c880895329c9abe9a3ca7a1c26d838a2f57548d7bd77fcd557d5f54cdb7c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:df:77:dd:1d:47:6f:70:bc:d5:0c:88:7a:21:
1a:3b:28:f0:42:e8:d7:ea:ed:40:f0:51:8b:fa:bc:
4e:05:0b:d7:71:e4:f1:a5:0d:bb:54:b1:e1:6e:bd:
cf:7f:f1:2a:f9:2a:76:57:59:07:12:e6:cd:85:c9:
55:bb:94:3a:d2:57:0c:02:bb:0a:e1:aa:66:fa:90:
65:66:2a:d2:03:ef:fa:9c:c4:5b:bd:ff:ca:e8:20:
b4:99:27:18:af:90:37:82:ff:a0:35:2b:94:88:8c:
c7:91:48:7f:b0:e6:8f:8f:66:19:17:2d:b3:79:d6:
10:f0:15:ad:7d:83:43:47:c0:9e:d7:62:c2:e9:cb:
55:dd:4d:30:56:ea:72:d6:3a:1f:00:b0:63:49:41:
16:44:63:41:2c:14:c6:b7:b2:48:6f:b3:48:9d:f8:
dc:6d:a6:e6:18:e0:9a:20:dc:61:ec:29:7e:a3:85:
d2:40:f1:0a:b1:e2:f3:4c:81:7c:ca:08:42:16:6d:
c8:96:58:d7:66:36:50:a4:14:f1:20:2b:ae:8b:ef:
b6:0f:51:6c:44:9e:22:a6:2c:bb:17:35:87:a7:65:
09:18:53:eb:01:94:a8:68:8c:0c:cf:fb:78:d6:86:
23:17:b4:30:eb:08:5c:b2:0a:55:ac:a5:25:21:67:
2c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:27:70:FA:20:67:A9:73:07:F4:9B:61:3C:55:82:B0:77:2A:9B:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:9040::/48
Signature Algorithm: sha256WithRSAEncryption
aa:9f:33:46:d7:14:4a:f7:35:a5:93:b2:69:3f:ed:94:ae:30:
4d:23:b1:7e:2b:12:4b:d0:00:8b:ba:a8:54:e9:a2:5d:9c:2c:
42:f3:65:c5:6d:16:b0:3f:2b:26:30:86:85:06:12:33:77:f1:
fa:d8:02:69:1c:ff:d3:2a:a3:68:3d:29:20:3e:0a:87:a1:21:
be:99:4c:46:54:cf:e3:e1:5f:6e:fa:b2:b1:6d:26:ac:b9:d5:
e9:76:ce:64:eb:4f:c4:b4:93:a0:1a:41:a5:f4:68:ed:9e:71:
ef:4f:00:22:ca:b9:c0:fd:cb:ba:66:a9:dc:11:e2:27:31:23:
20:95:14:56:8e:ef:61:5c:40:70:1c:43:2a:ad:de:61:eb:90:
ab:99:43:24:f7:a0:d6:f8:7c:a4:2a:63:4e:68:18:a5:38:d1:
63:2f:5d:5b:72:9f:63:13:65:61:fa:b4:a5:fa:b5:c6:fa:75:
12:7d:04:2b:6b:40:b2:ea:7e:07:4a:d3:55:d1:38:90:4d:14:
40:57:01:2d:db:46:ac:73:5c:ab:3d:98:c7:ed:51:e2:49:90:
37:db:af:f6:a2:a3:1d:41:fb:36:c7:8f:85:73:f8:c5:93:5e:
f8:aa:5d:0d:10:c3:3c:32:07:30:23:f7:d3:c3:d3:3f:c1:30:
04:c8:2b:0d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFx5B8qKAsUyK4aQEYDjAtXD1/dYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMxMTNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmNDljODgwODk1MzI5YzlhYmU5YTNjYTdhMWMyNmQ4MzhhMmY1NzU0OGQ3
YmQ3N2ZjZDU1N2Q1ZjU0Y2RiN2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM3fd90dR29wvNUMiHohGjso8ELo1+rtQPBRi/q8TgUL13Hk8aUNu1Sx4W69
z3/xKvkqdldZBxLmzYXJVbuUOtJXDAK7CuGqZvqQZWYq0gPv+pzEW73/yuggtJkn
GK+QN4L/oDUrlIiMx5FIf7Dmj49mGRcts3nWEPAVrX2DQ0fAntdiwunLVd1NMFbq
ctY6HwCwY0lBFkRjQSwUxreySG+zSJ343G2m5hjgmiDcYewpfqOF0kDxCrHi80yB
fMoIQhZtyJZY12Y2UKQU8SArrovvtg9RbESeIqYsuxc1h6dlCRhT6wGUqGiMDM/7
eNaGIxe0MOsIXLIKVaylJSFnLF8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSPJ3D6
IGepcwf0m2E8VYKwdyqb/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTIwNzU5NWUtM2JiYy00NWY3LThmMGEtODEzZTFiMDFmOWExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAqp8zRtcUSvc1pZOyaT/tlK4wTSOxfisSS9AA
i7qoVOmiXZwsQvNlxW0WsD8rJjCGhQYSM3fx+tgCaRz/0yqjaD0pID4Kh6EhvplM
RlTP4+FfbvqysW0mrLnV6XbOZOtPxLSToBpBpfRo7Z5x708AIsq5wP3Lumap3BHi
JzEjIJUUVo7vYVxAcBxDKq3eYeuQq5lDJPeg1vh8pCpjTmgYpTjRYy9dW3KfYxNl
Yfq0pfq1xvp1En0EK2tAsup+B0rTVdE4kE0UQFcBLdtGrHNcqz2Yx+1R4kmQN9uv
9qKjHUH7NsePhXP4xZNe+KpdDRDDPDIHMCP308PTP8EwBMgrDQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:41:32 2025 by rpki-client