Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
File: b83c6ff3-492f-409c-86bf-cb90ca64f452.roa (raw, json)
Hash identifier: TQVdGNiMNE+lYIZqDUAB0+K6hEIZ1+4DZcGnm+4ReIs=
Subject key identifier: DD:83:57:E8:47:46:1D:48:BA:2B:26:BB:34:61:30:C7:31:90:C3:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CBEA6EBCF4B0860E935D0EADE1BD325EAE15FEE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
Signing time: Mon 14 Jul 2025 16:54:13 +0000
ROA not before: Mon 14 Jul 2025 16:54:13 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:be:a6:eb:cf:4b:08:60:e9:35:d0:ea:de:1b:d3:25:ea:e1:5f:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 14 16:54:13 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=0922c498ca180540af21e5611e5d35dbbb743e479340cc862a5f7debe6ee6d52, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bb:e7:fb:e7:11:3c:bf:c3:53:8b:3c:51:ae:
5e:d7:53:a1:db:17:d5:ea:b9:46:0c:58:fe:2a:df:
63:ef:6e:ed:2b:2a:16:61:78:62:4c:39:4e:2a:6e:
d5:8e:64:e3:42:d0:f7:9b:54:4c:1c:7f:e9:b6:78:
a1:c7:8a:09:da:6e:f1:51:a1:2a:d1:36:45:3f:09:
de:3b:99:d1:27:73:60:c4:d2:ea:cd:0a:90:ce:5d:
b8:69:bc:e6:30:1a:9d:e3:20:4d:3d:18:83:d2:ae:
c8:48:30:63:d3:fe:08:f7:27:cc:03:2d:7c:6e:4f:
1e:88:da:05:1f:52:04:f2:df:5a:3d:9d:e1:1b:4f:
98:a3:bc:d0:b1:e1:62:34:1c:fc:ae:8f:19:44:55:
75:45:5d:e5:08:9c:b9:9d:57:3b:e6:20:19:73:07:
e0:c6:ff:1f:ca:ad:1d:d9:07:46:d0:08:e7:c2:1d:
a1:df:8a:56:7a:28:c8:fc:7e:75:f9:7e:3f:40:db:
1e:ac:df:94:90:6c:32:37:7f:7f:9b:95:6a:db:8d:
5f:c5:17:0f:e0:4a:79:dc:a2:0b:de:0c:2c:65:2d:
98:fb:b5:bb:d7:c3:63:5a:5b:c8:49:0b:6c:18:18:
a0:70:7b:5a:e4:f0:bf:65:ad:20:22:e5:74:09:d8:
2c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:83:57:E8:47:46:1D:48:BA:2B:26:BB:34:61:30:C7:31:90:C3:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:e000::/40
Signature Algorithm: sha256WithRSAEncryption
58:29:e5:5b:73:82:6c:25:9a:15:ef:be:c5:93:d4:31:75:73:
3e:a4:a1:5a:2b:58:b0:ee:cf:e2:cd:5d:af:29:14:7f:36:2d:
1d:38:2c:77:99:af:7e:76:9e:ca:13:53:f3:87:ca:ad:0a:94:
25:d1:30:bf:d3:11:3a:ae:56:5c:b4:cd:5b:4c:bb:4d:42:aa:
39:f4:d8:6c:fd:f6:83:3b:fb:34:ad:40:f8:f8:2e:e5:ec:8f:
62:65:36:6f:02:d2:36:11:e2:72:15:e9:81:18:d6:36:7d:44:
4b:32:3f:ce:e2:16:85:3b:2f:ba:e2:33:e9:e6:53:1d:d9:d0:
38:ed:53:d4:ad:6a:7a:aa:fb:2e:70:66:0f:9d:75:04:6f:ad:
5e:5e:93:cd:d7:1f:7c:d7:a2:e4:77:2c:2e:1a:7e:c9:09:83:
76:72:a7:0c:a1:2c:e4:66:87:db:ef:c2:b5:ea:cc:9a:c0:e2:
c1:e7:f3:38:7e:64:a3:48:88:88:73:66:11:81:ae:ac:2d:f4:
0c:66:5c:bf:2f:3b:ee:39:4f:38:7a:22:25:e6:e8:f9:e7:63:
bd:11:72:55:8e:c1:20:f1:e5:b1:6e:a8:a2:dd:48:24:13:b1:
32:64:fc:c6:83:0d:78:bc:83:07:f4:29:cd:64:f3:19:e6:41:
38:ab:37:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfL6m689LCGDpNdDq3hvTJerhX+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTQxNjU0MTNaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5MjJjNDk4Y2ExODA1NDBhZjIxZTU2MTFlNWQzNWRiYmI3NDNlNDc5MzQw
Y2M4NjJhNWY3ZGViZTZlZTZkNTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALO75/vnETy/w1OLPFGuXtdTodsX1eq5RgxY/irfY+9u7SsqFmF4Ykw5Tipu
1Y5k40LQ95tUTBx/6bZ4oceKCdpu8VGhKtE2RT8J3juZ0SdzYMTS6s0KkM5duGm8
5jAaneMgTT0Yg9KuyEgwY9P+CPcnzAMtfG5PHojaBR9SBPLfWj2d4RtPmKO80LHh
YjQc/K6PGURVdUVd5QicuZ1XO+YgGXMH4Mb/H8qtHdkHRtAI58Idod+KVnooyPx+
dfl+P0DbHqzflJBsMjd/f5uVatuNX8UXD+BKedyiC94MLGUtmPu1u9fDY1pbyEkL
bBgYoHB7WuTwv2WtICLldAnYLC0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTdg1fo
R0YdSLorJrs0YTDHMZDDSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjgzYzZmZjMtNDkyZi00MDljLTg2YmYtY2I5MGNhNjRmNDUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fng
MA0GCSqGSIb3DQEBCwUAA4IBAQBYKeVbc4JsJZoV777Fk9QxdXM+pKFaK1iw7s/i
zV2vKRR/Ni0dOCx3ma9+dp7KE1Pzh8qtCpQl0TC/0xE6rlZctM1bTLtNQqo59Nhs
/faDO/s0rUD4+C7l7I9iZTZvAtI2EeJyFemBGNY2fURLMj/O4haFOy+64jPp5lMd
2dA47VPUrWp6qvsucGYPnXUEb61eXpPN1x9816LkdywuGn7JCYN2cqcMoSzkZofb
78K16syawOLB5/M4fmSjSIiIc2YRga6sLfQMZly/LzvuOU84eiIl5uj552O9EXJV
jsEg8eWxbqii3UgkE7EyZPzGgw14vIMH9CnNZPMZ5kE4qze/
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:32:21 2025 by rpki-client