Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b92d2073-fe74-4c3d-87a9-37106f766cba.roa
File: b92d2073-fe74-4c3d-87a9-37106f766cba.roa (raw, json)
Hash identifier: EB9pllxoV2dY5097Aendzb6V+0Gl4zKvgRbWyOwj6ZQ=
Subject key identifier: 40:83:5F:A8:3D:8E:43:44:74:07:1C:AF:36:E9:FC:2A:FE:B6:79:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C6B43E8A2545EFA5948139D97A819A8D2F07967
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b92d2073-fe74-4c3d-87a9-37106f766cba.roa
Signing time: Fri 11 Jul 2025 19:01:25 +0000
ROA not before: Fri 11 Jul 2025 19:01:25 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:6b:43:e8:a2:54:5e:fa:59:48:13:9d:97:a8:19:a8:d2:f0:79:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:01:25 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=2b17f9cc65b09eb2ce337eb0689a50d8a7f0f0a0eb256aa98138cba25b04b918, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:98:8e:41:bb:86:a0:88:5b:25:dd:95:47:a3:
34:6b:70:18:da:d5:e3:c9:ac:78:ca:69:b6:cb:49:
4c:44:cc:02:d7:3f:42:35:3d:21:d1:3e:43:59:4f:
48:2b:4d:bf:04:e8:5b:e6:16:05:19:56:81:9a:af:
5b:35:52:ed:a8:66:7d:22:0d:25:46:52:b8:da:f4:
d3:1b:ab:7c:7b:8e:9a:fa:25:32:66:ea:94:bc:69:
71:75:1f:a6:78:76:5c:39:7b:a9:d1:43:eb:c3:cb:
7c:16:34:48:71:e8:cc:cd:89:14:48:0c:62:9d:68:
74:fc:00:57:00:c7:84:8c:ae:06:c1:59:ae:ce:c0:
d6:fb:7d:fc:c4:7e:8a:9c:d1:ae:9b:28:54:18:12:
be:73:0f:9d:01:23:b8:9a:6c:3d:cb:85:00:fa:12:
6e:c7:b1:58:9c:96:8d:d6:c1:34:15:12:37:45:ff:
93:db:54:a5:34:6a:22:d4:fb:84:c1:1f:71:0c:cd:
e2:1e:b0:69:6f:8f:df:09:17:ec:3b:ab:96:f8:da:
69:dd:6a:9a:be:b2:84:23:32:25:e8:cf:ee:91:a1:
fc:5a:78:e0:f0:4f:b3:ef:b9:ac:43:7b:c1:25:7b:
02:80:b1:92:22:7a:fb:2b:bf:cf:b4:fa:5b:09:19:
52:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:83:5F:A8:3D:8E:43:44:74:07:1C:AF:36:E9:FC:2A:FE:B6:79:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b92d2073-fe74-4c3d-87a9-37106f766cba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8060::/48
Signature Algorithm: sha256WithRSAEncryption
8b:a1:87:fe:bb:98:61:fa:e2:4d:1d:c3:9c:6b:84:62:fc:65:
f9:a7:65:c7:b0:5c:8a:36:06:ea:6c:e1:6f:3f:00:1f:82:ef:
7c:e6:15:42:fa:bd:ca:37:e1:77:e1:11:ff:d5:0b:b0:bb:b2:
e7:1d:72:90:a9:32:d2:67:d7:9a:1f:c8:75:de:12:38:99:f9:
9d:eb:46:08:a3:75:02:94:73:36:81:64:fa:33:e0:ee:14:8a:
9f:37:90:1c:ee:d2:35:a6:ec:12:a4:94:5d:f0:16:be:4a:9a:
84:b0:12:c1:98:82:43:78:b0:c0:48:a7:d1:3e:7d:92:9c:40:
3d:e1:a9:de:7e:3a:51:82:53:14:4a:3b:14:7b:f6:96:88:68:
05:e0:4c:46:2f:3a:ba:23:67:83:9c:c6:d3:4c:d2:9d:9a:8e:
72:2f:c4:c4:10:02:cf:bd:89:1b:63:e1:45:35:0a:95:1e:50:
c1:13:e5:90:83:85:4c:44:c2:89:2c:d1:7b:33:f3:95:ed:c8:
46:dd:01:9d:85:28:dc:1e:a4:df:12:19:89:65:35:f8:f7:d3:
11:5e:7f:4b:bd:8a:a8:3c:5c:0f:58:68:11:56:27:c7:fc:81:
fa:5e:2d:d3:71:c4:77:25:15:35:97:9d:22:44:57:b6:50:44:
ff:e2:24:f6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDGtD6KJUXvpZSBOdl6gZqNLweWcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTAxMjVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiMTdmOWNjNjViMDllYjJjZTMzN2ViMDY4OWE1MGQ4YTdmMGYwYTBlYjI1
NmFhOTgxMzhjYmEyNWIwNGI5MTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmYjkG7hqCIWyXdlUejNGtwGNrV48mseMpptstJTETMAtc/QjU9IdE+Q1lP
SCtNvwToW+YWBRlWgZqvWzVS7ahmfSINJUZSuNr00xurfHuOmvolMmbqlLxpcXUf
pnh2XDl7qdFD68PLfBY0SHHozM2JFEgMYp1odPwAVwDHhIyuBsFZrs7A1vt9/MR+
ipzRrpsoVBgSvnMPnQEjuJpsPcuFAPoSbsexWJyWjdbBNBUSN0X/k9tUpTRqItT7
hMEfcQzN4h6waW+P3wkX7Durlvjaad1qmr6yhCMyJejP7pGh/Fp44PBPs++5rEN7
wSV7AoCxkiJ6+yu/z7T6WwkZUrECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRAg1+o
PY5DRHQHHK826fwq/rZ5wzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjkyZDIwNzMtZmU3NC00YzNkLTg3YTktMzcxMDZmNzY2Y2JhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
YDANBgkqhkiG9w0BAQsFAAOCAQEAi6GH/ruYYfriTR3DnGuEYvxl+adlx7BcijYG
6mzhbz8AH4LvfOYVQvq9yjfhd+ER/9ULsLuy5x1ykKky0mfXmh/Idd4SOJn5netG
CKN1ApRzNoFk+jPg7hSKnzeQHO7SNabsEqSUXfAWvkqahLASwZiCQ3iwwEin0T59
kpxAPeGp3n46UYJTFEo7FHv2lohoBeBMRi86uiNng5zG00zSnZqOci/ExBACz72J
G2PhRTUKlR5QwRPlkIOFTETCiSzRezPzle3IRt0BnYUo3B6k3xIZiWU1+PfTEV5/
S72KqDxcD1hoEVYnx/yB+l4t03HEdyUVNZedIkRXtlBE/+Ik9g==
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:16 2025 by rpki-client