Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
File: 97535b7f-b66d-439d-9398-8336783c9ea4.roa (raw, json)
Hash identifier: ADsmuCPY+V/AqqqaN9GfrJeCSNR0jA8QcdIT/9XkEOM=
Subject key identifier: 32:40:01:6E:D6:B4:14:E8:A9:49:F6:30:68:AB:85:FB:48:FC:AE:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65BA8CA9314A69C3AC8060051C66BEDCFDF23103
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
Signing time: Fri 11 Jul 2025 18:40:37 +0000
ROA not before: Fri 11 Jul 2025 18:40:37 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:ba:8c:a9:31:4a:69:c3:ac:80:60:05:1c:66:be:dc:fd:f2:31:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:40:37 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=17919e5863d14c01edfac15f276f597fde31c9d6c86acb83def6dbda69f754dd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:fd:53:9b:5a:54:87:7a:fe:ab:7a:50:38:3b:
45:32:f5:7f:48:6b:62:f7:49:fa:f9:80:16:ed:b9:
0b:eb:a9:2c:44:bc:80:20:8f:0f:37:4e:23:0b:6a:
29:1b:ac:b0:03:84:9c:53:fd:90:58:27:e0:12:a9:
84:1b:7c:14:c1:d1:72:b2:69:74:56:df:53:b0:c2:
88:29:7b:1e:d7:21:e1:b1:e0:f6:e6:d7:27:05:e5:
91:97:33:ed:16:89:bf:0e:a4:30:e8:c8:fc:53:94:
ed:26:b6:51:fc:ae:fc:4f:93:ad:ce:ee:5d:52:0b:
f5:c6:88:67:64:16:9f:11:54:45:df:e2:ad:79:4c:
26:66:0e:39:1d:76:e3:07:e6:70:94:4c:89:77:7b:
eb:c6:ee:f0:46:67:25:cd:96:f7:d4:5a:a9:30:82:
1a:dc:3a:89:05:16:ea:aa:ef:b4:a5:bb:4b:71:51:
e0:6d:f7:ae:d6:d4:a1:40:7b:ab:17:e9:d3:9c:69:
63:c3:c8:02:0d:d8:a8:12:b2:08:2e:ce:4f:2f:b2:
40:52:99:a3:01:4a:d3:02:3d:4f:c1:d1:4b:2c:af:
03:3c:f7:38:b3:cc:09:e6:d7:54:93:04:22:d1:20:
58:a8:eb:db:7e:8b:09:f9:d4:66:b5:00:eb:a0:14:
fc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:40:01:6E:D6:B4:14:E8:A9:49:F6:30:68:AB:85:FB:48:FC:AE:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5040::/48
Signature Algorithm: sha256WithRSAEncryption
33:46:a0:c3:05:86:9f:51:81:76:7a:03:f8:f6:dc:67:33:4c:
46:70:d3:8b:39:86:cf:c8:af:48:25:96:04:ff:24:3d:13:3e:
8c:af:5f:d7:e7:e0:b9:64:7e:19:6d:e6:c0:4c:9e:bb:6d:b7:
9a:bf:6a:f6:f0:a3:7f:c7:6d:90:70:a5:16:19:2a:40:c5:ad:
ca:c7:ff:14:c5:64:0a:c1:9a:0d:8d:ec:42:b5:80:8f:a3:1d:
11:98:60:db:61:ff:ee:6c:d5:36:f7:40:59:17:b4:75:1b:b7:
11:24:c9:8a:05:26:20:2c:e9:a6:f4:36:58:8a:37:0d:90:05:
3d:97:a0:17:94:9a:8e:b8:7b:2a:c9:5e:6f:ef:ca:73:f4:43:
3a:ec:89:44:dd:c1:78:6c:79:8d:89:d2:8e:64:97:5a:80:17:
c6:ae:16:dc:e0:a5:c5:6a:5f:59:93:a4:d6:3a:e7:54:9d:44:
f6:09:88:9a:75:32:d6:fd:ec:8b:25:04:71:b6:96:33:e5:96:
f7:25:51:5c:c8:f3:7a:41:7c:5b:b4:b0:59:23:4d:ad:39:8b:
9e:cc:f1:05:70:71:cd:e9:8c:c7:d5:34:1b:cc:43:55:5c:b1:
fe:00:26:86:41:39:73:49:f4:64:4f:68:95:a6:fe:e6:fb:13:
57:8d:47:85
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZbqMqTFKacOsgGAFHGa+3P3yMQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQwMzdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3OTE5ZTU4NjNkMTRjMDFlZGZhYzE1ZjI3NmY1OTdmZGUzMWM5ZDZjODZh
Y2I4M2RlZjZkYmRhNjlmNzU0ZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJv9U5taVId6/qt6UDg7RTL1f0hrYvdJ+vmAFu25C+upLES8gCCPDzdOIwtq
KRussAOEnFP9kFgn4BKphBt8FMHRcrJpdFbfU7DCiCl7Htch4bHg9ubXJwXlkZcz
7RaJvw6kMOjI/FOU7Sa2Ufyu/E+Trc7uXVIL9caIZ2QWnxFURd/irXlMJmYOOR12
4wfmcJRMiXd768bu8EZnJc2W99RaqTCCGtw6iQUW6qrvtKW7S3FR4G33rtbUoUB7
qxfp05xpY8PIAg3YqBKyCC7OTy+yQFKZowFK0wI9T8HRSyyvAzz3OLPMCebXVJME
ItEgWKjr236LCfnUZrUA66AU/JECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQyQAFu
1rQU6KlJ9jBoq4X7SPyumjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc1MzViN2YtYjY2ZC00MzlkLTkzOTgtODMzNjc4M2M5ZWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAM0agwwWGn1GBdnoD+PbcZzNMRnDTizmGz8iv
SCWWBP8kPRM+jK9f1+fguWR+GW3mwEyeu223mr9q9vCjf8dtkHClFhkqQMWtysf/
FMVkCsGaDY3sQrWAj6MdEZhg22H/7mzVNvdAWRe0dRu3ESTJigUmICzppvQ2WIo3
DZAFPZegF5Sajrh7Ksleb+/Kc/RDOuyJRN3BeGx5jYnSjmSXWoAXxq4W3OClxWpf
WZOk1jrnVJ1E9gmImnUy1v3siyUEcbaWM+WW9yVRXMjzekF8W7SwWSNNrTmLnszx
BXBxzemMx9U0G8xDVVyx/gAmhkE5c0n0ZE9olab+5vsTV41HhQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:13 2025 by rpki-client