Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0b5c8de-482f-4cb1-ae74-9fec0025fd05.roa
File: b0b5c8de-482f-4cb1-ae74-9fec0025fd05.roa (raw, json)
Hash identifier: pU9uB8u+yj5/+Mqnr/feJ4ZjvcQMi6z5dVKpYBFBfOU=
Subject key identifier: 68:A3:53:40:E9:11:59:28:96:02:6B:BA:EA:00:B0:1B:C7:BC:43:F9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2BD92E99CB4114D74182534CE9D1C019833A8166
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0b5c8de-482f-4cb1-ae74-9fec0025fd05.roa
Signing time: Fri 11 Jul 2025 19:50:11 +0000
ROA not before: Fri 11 Jul 2025 19:50:11 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:50c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:d9:2e:99:cb:41:14:d7:41:82:53:4c:e9:d1:c0:19:83:3a:81:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:50:11 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=122633f0656b9051bb007b1aa2e85d3758b81d28bf02c2ead17889bbe49f5606, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:01:29:41:ce:d8:5b:88:ca:18:14:97:4d:ca:
5c:33:97:b8:50:5d:fb:95:0a:13:1b:cf:42:33:cf:
31:f2:41:50:04:28:e2:c0:c0:d4:f7:f5:7a:0c:8b:
eb:56:d3:81:4c:ee:bf:e1:d5:cb:5c:4f:51:b6:7d:
62:d4:da:58:93:84:5c:e6:10:a0:37:5e:17:57:62:
07:4a:60:00:3f:22:d6:54:c7:52:e7:72:44:3b:e4:
8d:a3:5b:cb:61:1c:7a:8b:80:88:d0:4f:69:01:e2:
07:aa:44:24:19:8e:04:83:a6:61:a0:cf:43:f3:7e:
57:e1:74:62:12:af:f8:aa:32:17:ca:77:18:0a:ae:
fe:15:4d:fa:ba:f4:3a:ef:91:55:9b:eb:ac:60:8b:
9f:49:02:22:4d:f0:60:32:04:ae:3e:14:14:13:6f:
f8:f9:62:15:02:53:87:17:d3:f8:8e:f0:9b:0e:77:
17:fc:61:5b:17:b6:da:db:f0:23:8c:9c:09:b1:9b:
f7:12:e4:2d:ea:e3:76:ad:0c:07:d8:77:d5:8d:b4:
84:4d:0d:15:b6:6d:d7:e7:e8:31:43:06:d1:d9:ab:
50:48:a5:f0:10:76:c9:f5:87:76:72:8c:d7:e6:1d:
31:a6:10:a3:33:9d:3c:8d:2d:51:10:ff:c9:56:51:
c3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A3:53:40:E9:11:59:28:96:02:6B:BA:EA:00:B0:1B:C7:BC:43:F9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0b5c8de-482f-4cb1-ae74-9fec0025fd05.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:50c0::/46
Signature Algorithm: sha256WithRSAEncryption
94:ce:82:83:7a:0b:1b:3f:04:57:04:c8:d4:0e:28:59:56:29:
69:f5:b8:35:04:fa:89:02:21:5f:47:d2:77:be:24:eb:29:eb:
7c:fe:4f:28:40:a7:ec:d0:e3:f7:94:05:e2:04:83:e7:ff:52:
46:8b:94:8d:bb:8d:7e:bd:68:23:46:9b:b7:b3:ea:23:6e:6e:
45:e3:19:80:62:33:18:76:61:d1:fd:d4:3f:f2:0e:86:7c:f9:
24:25:f3:2d:75:e9:11:7e:41:05:4e:4d:0b:54:a3:e7:72:25:
d4:59:29:62:7f:f5:5d:83:62:7b:fd:1a:e8:57:45:d0:2e:f8:
ac:9b:1a:11:db:0d:0f:93:5e:1e:e2:98:54:32:26:fd:17:21:
a7:cc:0a:86:79:f4:ef:86:97:43:ab:3b:b6:82:a3:cc:21:2c:
bb:d5:c4:c7:6c:a3:94:11:b8:81:ed:05:08:b2:1b:7d:47:7d:
6e:fd:f7:ab:f8:99:28:7c:a3:df:0b:a3:5f:ac:80:af:d9:21:
0e:91:6c:d3:f7:f2:cd:cc:51:1d:5d:01:c1:2d:ae:b2:d6:28:
ac:8d:7e:57:77:fd:f0:74:42:d4:6c:75:2b:70:13:9f:7a:86:
12:07:22:57:88:27:27:5d:f0:32:8c:6b:ce:18:1f:f2:9a:3d:
10:fc:e6:e9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUK9kumctBFNdBglNM6dHAGYM6gWYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUwMTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyMjYzM2YwNjU2YjkwNTFiYjAwN2IxYWEyZTg1ZDM3NThiODFkMjhiZjAy
YzJlYWQxNzg4OWJiZTQ5ZjU2MDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYBKUHO2FuIyhgUl03KXDOXuFBd+5UKExvPQjPPMfJBUAQo4sDA1Pf1egyL
61bTgUzuv+HVy1xPUbZ9YtTaWJOEXOYQoDdeF1diB0pgAD8i1lTHUudyRDvkjaNb
y2EceouAiNBPaQHiB6pEJBmOBIOmYaDPQ/N+V+F0YhKv+KoyF8p3GAqu/hVN+rr0
Ou+RVZvrrGCLn0kCIk3wYDIErj4UFBNv+PliFQJThxfT+I7wmw53F/xhWxe22tvw
I4ycCbGb9xLkLerjdq0MB9h31Y20hE0NFbZt1+foMUMG0dmrUEil8BB2yfWHdnKM
1+YdMaYQozOdPI0tURD/yVZRw8UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRoo1NA
6RFZKJYCa7rqALAbx7xD+TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBiNWM4ZGUtNDgyZi00Y2IxLWFlNzQtOWZlYzAwMjVmZDA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HtQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAlM6Cg3oLGz8EVwTI1A4oWVYpafW4NQT6iQIh
X0fSd74k6ynrfP5PKECn7NDj95QF4gSD5/9SRouUjbuNfr1oI0abt7PqI25uReMZ
gGIzGHZh0f3UP/IOhnz5JCXzLXXpEX5BBU5NC1Sj53Il1FkpYn/1XYNie/0a6FdF
0C74rJsaEdsND5NeHuKYVDIm/Rchp8wKhnn074aXQ6s7toKjzCEsu9XEx2yjlBG4
ge0FCLIbfUd9bv33q/iZKHyj3wujX6yAr9khDpFs0/fyzcxRHV0BwS2ustYorI1+
V3f98HRC1Gx1K3ATn3qGEgciV4gnJ13wMoxrzhgf8po9EPzm6Q==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:26 2025 by rpki-client