Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a51d6038-bb41-47b2-a883-07e17ac04d63.roa
File: a51d6038-bb41-47b2-a883-07e17ac04d63.roa (raw, json)
Hash identifier: cZu2e/NnErtw/89b65RYI2VRsWM9w9fMe5Ob+c7QwIE=
Subject key identifier: 2E:B5:AE:AF:8C:53:D2:E3:AF:81:07:55:F1:99:94:03:F8:32:31:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D857082D317DB1893C3D6F2396B26C93326034B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a51d6038-bb41-47b2-a883-07e17ac04d63.roa
Signing time: Fri 11 Jul 2025 19:40:18 +0000
ROA not before: Fri 11 Jul 2025 19:40:18 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:2040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:85:70:82:d3:17:db:18:93:c3:d6:f2:39:6b:26:c9:33:26:03:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:40:18 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=dbffa2bd488317326b4a4a356eb4d7b0e2fcf27151e0ba5b1d1bd45cba1e2eb7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fd:93:0b:06:dc:db:fa:aa:55:b4:c0:09:e9:
f4:93:9a:dd:16:dc:2a:5e:3e:c2:aa:28:3e:65:04:
b8:5f:08:42:2d:03:07:82:68:97:45:c9:46:89:53:
6d:d4:54:0f:fc:14:22:13:68:b4:4f:46:6f:8b:f6:
fc:1a:9c:e8:a7:a1:15:fd:24:1e:83:69:63:9e:ae:
26:74:07:d2:ab:e6:2f:0e:8c:59:6a:d6:27:de:18:
fd:d1:d9:52:66:56:e7:65:42:0c:b3:99:7b:09:74:
41:94:ce:33:19:5f:9d:ca:04:4f:91:ef:8e:09:c5:
7e:56:d3:b3:73:3a:cb:65:ff:2f:3c:a3:7d:30:f6:
62:77:d2:44:8e:ed:e5:6b:b9:db:0a:bb:1a:62:e6:
47:f7:8c:ca:8e:ce:34:81:1e:bd:79:7f:81:2f:8d:
24:6f:55:0c:78:e2:84:48:db:8e:b2:a4:31:48:95:
f2:94:80:a7:b4:7b:96:c1:14:9c:48:48:45:8d:65:
2f:d0:5f:16:02:10:6c:27:df:6b:38:15:cd:6e:bc:
2e:27:af:14:69:28:95:0a:87:6b:57:85:64:90:ac:
6a:d3:fd:7f:da:38:55:d5:aa:40:cc:d8:e3:65:ce:
84:6a:3b:b5:30:36:29:91:b5:c1:bd:2b:57:ca:c3:
fc:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B5:AE:AF:8C:53:D2:E3:AF:81:07:55:F1:99:94:03:F8:32:31:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a51d6038-bb41-47b2-a883-07e17ac04d63.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:2040::/46
Signature Algorithm: sha256WithRSAEncryption
45:6d:9f:d5:41:e2:b5:5e:27:70:f0:07:8b:1b:32:a4:a2:6c:
1b:90:ab:c6:6f:17:cd:2b:d0:4c:c5:39:4b:c4:fd:16:86:07:
5c:d2:99:68:e4:2b:c9:74:ba:de:9c:f5:30:10:8e:d8:40:22:
85:4e:a5:e1:4b:cf:aa:e1:51:69:e7:39:bd:82:c2:18:d2:64:
ee:cd:b3:9c:a3:a5:25:e9:a6:74:21:db:6f:13:26:f4:a3:91:
41:4b:c1:39:80:26:62:8b:81:d2:56:cd:85:9b:76:1c:9d:69:
1b:81:5a:11:15:65:2d:aa:a0:af:63:4b:71:f5:fe:73:00:78:
c1:c0:e6:e5:26:8c:6c:cf:fb:6d:61:d7:20:ad:28:b4:3c:7d:
d4:68:4d:30:80:27:53:f4:89:32:a6:93:ad:04:c1:84:06:fc:
07:55:ac:69:dd:84:7a:8e:67:84:68:3e:cd:46:a1:b8:d2:4c:
28:6c:42:0d:63:88:7e:39:0d:ca:54:e5:4d:9b:ed:fc:10:56:
32:75:a9:c9:b0:bd:f5:65:4f:55:27:75:28:2b:d2:eb:55:26:
37:60:06:d0:15:21:ea:1b:95:39:d8:65:c4:94:94:e4:f9:ff:
63:6d:6d:1d:11:97:08:0a:ed:a3:b5:a1:c0:47:c3:fe:87:a2:
3c:0a:35:9c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbYVwgtMX2xiTw9byOWsmyTMmA0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTQwMThaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiZmZhMmJkNDg4MzE3MzI2YjRhNGEzNTZlYjRkN2IwZTJmY2YyNzE1MWUw
YmE1YjFkMWJkNDVjYmExZTJlYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJn9kwsG3Nv6qlW0wAnp9JOa3RbcKl4+wqooPmUEuF8IQi0DB4Jol0XJRolT
bdRUD/wUIhNotE9Gb4v2/Bqc6KehFf0kHoNpY56uJnQH0qvmLw6MWWrWJ94Y/dHZ
UmZW52VCDLOZewl0QZTOMxlfncoET5HvjgnFflbTs3M6y2X/LzyjfTD2YnfSRI7t
5Wu52wq7GmLmR/eMyo7ONIEevXl/gS+NJG9VDHjihEjbjrKkMUiV8pSAp7R7lsEU
nEhIRY1lL9BfFgIQbCffazgVzW68LievFGkolQqHa1eFZJCsatP9f9o4VdWqQMzY
42XOhGo7tTA2KZG1wb0rV8rD/DsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQuta6v
jFPS46+BB1XxmZQD+DIxzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTUxZDYwMzgtYmI0MS00N2IyLWE4ODMtMDdlMTdhYzA0ZDYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hcg
QDANBgkqhkiG9w0BAQsFAAOCAQEARW2f1UHitV4ncPAHixsypKJsG5Crxm8XzSvQ
TMU5S8T9FoYHXNKZaOQryXS63pz1MBCO2EAihU6l4UvPquFRaec5vYLCGNJk7s2z
nKOlJemmdCHbbxMm9KORQUvBOYAmYouB0lbNhZt2HJ1pG4FaERVlLaqgr2NLcfX+
cwB4wcDm5SaMbM/7bWHXIK0otDx91GhNMIAnU/SJMqaTrQTBhAb8B1Wsad2Eeo5n
hGg+zUahuNJMKGxCDWOIfjkNylTlTZvt/BBWMnWpybC99WVPVSd1KCvS61UmN2AG
0BUh6huVOdhlxJSU5Pn/Y21tHRGXCArto7WhwEfD/oeiPAo1nA==
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:49:29 2025 by rpki-client