Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
File: a37b3e49-cec5-4def-b3ef-5356277d82ab.roa (raw, json)
Hash identifier: tgFQdTAFaWVCFoabIwvZZRDj07JbKbGwF3RPnbfzMm8=
Subject key identifier: FE:26:33:3E:C0:B0:FF:0B:09:D0:0C:CF:E4:77:DB:0A:DD:A6:50:4F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39F98FC2A4E19BFB88CA3188F401E9251563C261
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
Signing time: Sat 12 Jul 2025 00:51:33 +0000
ROA not before: Sat 12 Jul 2025 00:51:33 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:f9:8f:c2:a4:e1:9b:fb:88:ca:31:88:f4:01:e9:25:15:63:c2:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:51:33 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=7087889119d77aad790871b50c7b9b62574f9cbc71f25785e0422acacd34a252, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:38:42:e3:40:82:97:d7:a1:80:14:08:2b:fb:
8a:5f:63:62:64:86:3e:73:ee:36:25:f1:5d:31:f2:
4a:c8:d8:52:90:e0:cd:e5:9e:b2:13:7f:eb:c3:41:
a4:f3:f2:38:23:d2:1c:87:b4:f4:b9:cc:c4:8e:73:
53:9b:32:85:18:20:d0:26:05:50:34:47:c2:a3:ef:
a8:bd:94:c6:3b:80:06:18:46:29:03:5c:13:11:7f:
76:0f:9b:bc:86:9c:f9:21:83:fe:5b:1e:79:d1:c6:
73:24:ab:79:b2:99:5c:72:ed:9f:49:6f:31:dd:4d:
72:8c:33:f6:f2:e2:65:1c:61:1a:03:12:4f:30:3e:
47:2f:2e:db:df:59:41:c8:9c:05:5d:a7:5f:db:f6:
52:eb:07:1a:ab:fb:12:aa:52:cd:1a:af:0e:7b:a6:
d6:44:55:e2:37:af:4c:f1:61:40:02:4d:f8:73:17:
a1:41:5c:b4:4e:08:7d:68:82:f1:43:e1:92:e3:e2:
26:5b:4f:a2:8b:74:db:9f:58:0d:92:2d:61:af:f4:
ae:ca:4b:f0:dc:09:2b:8a:9d:ae:7c:17:7d:6c:0b:
a6:58:af:30:04:a3:f6:72:9f:0f:f8:0f:4e:ab:e4:
1d:7b:5c:cc:ce:1e:17:61:71:c3:47:4a:ba:90:33:
69:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:26:33:3E:C0:B0:FF:0B:09:D0:0C:CF:E4:77:DB:0A:DD:A6:50:4F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:1000::/40
Signature Algorithm: sha256WithRSAEncryption
05:70:be:8c:e7:b2:14:8c:76:df:5c:51:7e:c2:93:76:ff:d0:
58:9e:37:17:00:df:f5:d7:c1:e2:8a:bd:c3:f9:72:9b:61:88:
9f:fd:15:b7:4a:74:62:64:42:00:b4:a5:15:c6:eb:f5:4c:32:
9b:bf:d9:c6:94:f8:27:21:57:95:0f:be:bf:a2:77:f0:b6:72:
c1:7c:fe:80:ae:1b:5d:13:cb:9a:14:e5:ae:84:21:9c:2f:0e:
c6:27:6b:c6:52:b3:02:57:9f:72:21:60:31:23:62:88:a1:84:
10:25:0c:1b:2a:66:52:69:08:d2:81:c1:b1:f6:a0:32:0d:51:
6a:91:6b:ce:11:c2:8a:c4:2f:7f:89:aa:67:c6:77:4e:33:fa:
7a:fb:8a:46:93:2e:46:da:ad:52:3b:c7:95:cb:2d:c0:92:98:
ab:23:bc:62:8b:4f:88:12:4d:97:ad:5a:fd:70:fc:f3:52:71:
10:ce:86:86:1f:4d:dc:69:09:f2:7b:5b:80:59:a8:f1:6a:91:
6c:6c:52:9a:69:ac:61:b5:5e:24:4f:0f:1a:3c:dd:48:08:fa:
58:45:d9:55:2b:3c:86:23:33:ed:a0:b0:af:a4:88:4d:1b:be:
24:fe:54:9c:13:2e:33:b1:77:6c:dd:d5:d4:c6:d6:ad:0b:b1:
9e:52:80:67
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOfmPwqThm/uIyjGI9AHpJRVjwmEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUxMzNaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwODc4ODkxMTlkNzdhYWQ3OTA4NzFiNTBjN2I5YjYyNTc0ZjljYmM3MWYy
NTc4NWUwNDIyYWNhY2QzNGEyNTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK04QuNAgpfXoYAUCCv7il9jYmSGPnPuNiXxXTHySsjYUpDgzeWeshN/68NB
pPPyOCPSHIe09LnMxI5zU5syhRgg0CYFUDRHwqPvqL2UxjuABhhGKQNcExF/dg+b
vIac+SGD/lseedHGcySrebKZXHLtn0lvMd1Ncowz9vLiZRxhGgMSTzA+Ry8u299Z
QcicBV2nX9v2UusHGqv7EqpSzRqvDnum1kRV4jevTPFhQAJN+HMXoUFctE4IfWiC
8UPhkuPiJltPoot0259YDZItYa/0rspL8NwJK4qdrnwXfWwLplivMASj9nKfD/gP
TqvkHXtczM4eF2Fxw0dKupAzaUECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT+JjM+
wLD/CwnQDM/kd9sK3aZQTzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTM3YjNlNDktY2VjNS00ZGVmLWIzZWYtNTM1NjI3N2Q4MmFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAFcL6M57IUjHbfXFF+wpN2/9BYnjcXAN/118Hi
ir3D+XKbYYif/RW3SnRiZEIAtKUVxuv1TDKbv9nGlPgnIVeVD76/onfwtnLBfP6A
rhtdE8uaFOWuhCGcLw7GJ2vGUrMCV59yIWAxI2KIoYQQJQwbKmZSaQjSgcGx9qAy
DVFqkWvOEcKKxC9/iapnxndOM/p6+4pGky5G2q1SO8eVyy3AkpirI7xii0+IEk2X
rVr9cPzzUnEQzoaGH03caQnye1uAWajxapFsbFKaaaxhtV4kTw8aPN1ICPpYRdlV
KzyGIzPtoLCvpIhNG74k/lScEy4zsXds3dXUxtatC7GeUoBn
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:15 2025 by rpki-client