Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3515426-a058-439f-a8fc-e68eaafc8806.roa
File: b3515426-a058-439f-a8fc-e68eaafc8806.roa (raw, json)
Hash identifier: HxfMW6HZN0OPYaDPEXgPxWkByxicND+P56SA8Kg3wRg=
Subject key identifier: 66:9E:0E:AC:E2:0D:19:EC:D4:D1:2A:7A:C8:57:F2:B6:F0:2F:73:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76711FF622BD6875BD518B689D614D63188BD181
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3515426-a058-439f-a8fc-e68eaafc8806.roa
Signing time: Sat 12 Jul 2025 00:51:30 +0000
ROA not before: Sat 12 Jul 2025 00:51:30 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:71:1f:f6:22:bd:68:75:bd:51:8b:68:9d:61:4d:63:18:8b:d1:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:51:30 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=0cd6c9630d4ab9b83246b8b34910c1431059c69eff86b095d47445163c1694d6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3a:b4:10:45:26:44:e7:74:a2:0c:c7:52:a2:
3d:d1:1b:22:a4:ec:c7:1d:dc:94:1e:51:bc:3f:d6:
39:95:e6:75:4d:8d:47:d1:8c:e5:f0:14:4a:e2:cc:
79:ba:b0:80:5e:a0:b7:5c:91:ab:43:15:c7:b2:29:
e2:22:13:31:50:b8:0d:4e:86:35:71:99:30:db:b2:
a8:35:45:35:ae:fa:18:0d:aa:d2:f7:79:b7:81:4a:
d5:c5:62:9d:48:16:d6:19:ff:09:e7:e7:ac:41:53:
34:db:45:06:1d:35:f5:29:b8:60:34:44:17:06:bd:
70:c5:f3:90:19:fb:53:fa:a6:f4:5b:7e:53:74:b4:
a3:b9:26:32:db:a1:98:66:42:e8:88:c0:04:1a:0b:
6a:ca:d6:71:18:d1:78:60:b8:10:03:8b:07:ef:d1:
35:85:5d:b0:ed:c8:f7:5a:99:06:12:ce:a3:56:3f:
c7:ee:14:cb:51:fb:53:b1:08:69:fc:95:1c:09:55:
95:0c:98:36:8e:62:4e:17:f7:38:c2:25:97:51:d4:
47:ac:e8:03:7c:c9:da:a5:7c:5c:87:f7:be:e9:cc:
a0:ab:15:ac:3e:e8:e4:fb:4b:d1:c3:45:93:74:39:
79:f6:e6:45:ca:98:ba:71:82:94:b5:1d:95:87:72:
0a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:9E:0E:AC:E2:0D:19:EC:D4:D1:2A:7A:C8:57:F2:B6:F0:2F:73:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3515426-a058-439f-a8fc-e68eaafc8806.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:8000::/40
Signature Algorithm: sha256WithRSAEncryption
9a:90:4c:2a:cd:b8:f2:d7:6a:49:7d:1f:0f:fc:b3:67:95:94:
b1:20:07:00:19:4d:af:65:22:e6:4c:64:99:16:81:3d:8c:62:
4f:4a:20:fa:f2:bd:15:6f:84:97:9e:38:59:10:30:4c:f9:0d:
d6:c0:fb:44:4d:77:e7:ff:77:7d:05:db:10:72:5a:a4:6d:3a:
57:21:05:46:b5:5d:15:81:70:32:ed:b6:4a:9b:2e:82:d0:e6:
e1:85:2e:d7:eb:80:fa:46:ff:33:ee:09:f4:74:4a:dc:ea:17:
b7:cc:a8:0f:92:05:04:9b:10:10:4a:92:6b:6b:f2:74:5a:b2:
68:6d:d6:28:cd:69:83:d8:91:eb:37:da:47:45:4f:08:2a:ae:
e9:fe:95:28:f3:55:a3:3e:ac:5f:23:83:4b:78:a2:2f:00:2d:
77:01:94:55:6a:10:a4:a2:70:72:76:4d:84:ec:84:fe:55:5d:
85:d1:00:b6:62:62:2e:e8:76:15:aa:bf:92:ee:c3:d6:63:0f:
b6:f2:2f:4f:fa:16:54:8a:2a:40:91:35:ea:62:b3:21:1f:ca:
ea:46:0a:eb:77:ce:bf:f8:1c:d5:4f:2d:5c:10:7e:a5:bd:08:
b1:a5:63:6a:f0:df:48:0e:3f:5d:f6:88:72:e0:42:f4:ba:d4:
42:6a:61:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdnEf9iK9aHW9UYtonWFNYxiL0YEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUxMzBaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjZDZjOTYzMGQ0YWI5YjgzMjQ2YjhiMzQ5MTBjMTQzMTA1OWM2OWVmZjg2
YjA5NWQ0NzQ0NTE2M2MxNjk0ZDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANg6tBBFJkTndKIMx1KiPdEbIqTsxx3clB5RvD/WOZXmdU2NR9GM5fAUSuLM
ebqwgF6gt1yRq0MVx7Ip4iITMVC4DU6GNXGZMNuyqDVFNa76GA2q0vd5t4FK1cVi
nUgW1hn/CefnrEFTNNtFBh019Sm4YDREFwa9cMXzkBn7U/qm9Ft+U3S0o7kmMtuh
mGZC6IjABBoLasrWcRjReGC4EAOLB+/RNYVdsO3I91qZBhLOo1Y/x+4Uy1H7U7EI
afyVHAlVlQyYNo5iThf3OMIll1HUR6zoA3zJ2qV8XIf3vunMoKsVrD7o5PtL0cNF
k3Q5efbmRcqYunGClLUdlYdyCk0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRmng6s
4g0Z7NTRKnrIV/K28C9zkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjM1MTU0MjYtYTA1OC00MzlmLWE4ZmMtZTY4ZWFhZmM4ODA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+A
MA0GCSqGSIb3DQEBCwUAA4IBAQCakEwqzbjy12pJfR8P/LNnlZSxIAcAGU2vZSLm
TGSZFoE9jGJPSiD68r0Vb4SXnjhZEDBM+Q3WwPtETXfn/3d9BdsQclqkbTpXIQVG
tV0VgXAy7bZKmy6C0ObhhS7X64D6Rv8z7gn0dErc6he3zKgPkgUEmxAQSpJra/J0
WrJobdYozWmD2JHrN9pHRU8IKq7p/pUo81WjPqxfI4NLeKIvAC13AZRVahCkonBy
dk2E7IT+VV2F0QC2YmIu6HYVqr+S7sPWYw+28i9P+hZUiipAkTXqYrMhH8rqRgrr
d86/+BzVTy1cEH6lvQixpWNq8N9IDj9d9ohy4EL0utRCamGO
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:32:49 2025 by rpki-client