Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
File: c153f994-19fd-4682-b6f7-f4e92e6144ea.roa (raw, json)
Hash identifier: pEx18Jo0kiLJKnCM2kD4KoUfJ99YMKBA+AKXGag3bA4=
Subject key identifier: 38:9E:8A:37:8C:86:D7:23:2D:B6:E8:1D:03:FA:31:32:59:C3:3B:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C450C9315C8A4846ABD387F300A45F7072AF7C6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
Signing time: Fri 11 Jul 2025 20:31:06 +0000
ROA not before: Fri 11 Jul 2025 20:31:06 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:45:0c:93:15:c8:a4:84:6a:bd:38:7f:30:0a:45:f7:07:2a:f7:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:31:06 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ea641dfa68d54b7b01dc57b7ad09b2760c6b8ce75469a1bb2883679b04eeb53b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a1:d8:84:3a:05:f2:ea:a7:02:12:cf:f8:03:
95:62:57:c2:b2:a8:54:93:98:dc:92:58:f7:e7:f1:
c7:7d:4c:7e:b6:06:c1:79:cd:1d:a0:1b:3c:f5:05:
d3:b0:67:49:48:96:8a:21:9d:4e:88:56:34:82:2a:
a9:05:86:1e:e8:7e:8b:aa:26:5c:1c:4c:bf:12:18:
ed:95:9a:e3:1e:59:08:1c:70:78:60:ae:6e:71:e7:
c0:2f:d3:91:52:2e:78:b1:22:a0:91:1a:27:74:9f:
c3:48:e1:c4:ba:57:0c:7b:d8:25:69:87:9c:2a:e0:
3f:26:fa:8b:a1:7a:8c:ac:44:69:f2:88:68:19:2d:
f0:6f:c4:d5:80:3e:d0:d4:72:86:88:88:17:5c:d1:
97:21:b9:ba:9e:91:92:b3:de:30:b8:55:a7:01:fb:
8f:4f:71:bd:27:4b:cd:a9:72:cd:ac:67:f7:41:6e:
fb:de:b4:60:35:a9:06:22:4a:06:6b:f1:88:59:6e:
e3:fc:73:68:02:48:a8:a2:3d:b1:03:57:9a:5c:0f:
31:8e:93:e4:a2:21:c2:38:e2:a8:50:64:d8:60:4d:
67:91:d7:84:ea:ee:70:3e:73:1b:83:e2:2b:93:8a:
0b:37:27:3c:26:1b:4a:bd:1c:f5:dc:76:5d:72:5e:
24:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:9E:8A:37:8C:86:D7:23:2D:B6:E8:1D:03:FA:31:32:59:C3:3B:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:c00::/38
Signature Algorithm: sha256WithRSAEncryption
79:67:5f:9f:eb:1e:5a:4f:70:92:59:ec:ba:ea:0d:d2:72:37:
83:0a:a5:74:9c:b9:7f:59:01:10:50:6f:b1:b9:ab:1d:21:13:
17:c1:f5:3b:cc:1e:8d:b0:c7:9d:1f:d9:24:5f:8b:86:db:5a:
a9:97:74:4b:d0:af:b1:93:96:c6:1a:4c:22:2d:f6:1e:c0:61:
20:5b:71:57:93:1e:c8:7f:86:05:00:18:f6:30:53:b4:76:6c:
a7:42:67:0e:46:af:ab:e9:05:47:b5:0e:a8:f8:f7:0b:6c:d3:
7a:dd:c0:5b:87:f9:26:37:32:3f:44:86:1c:0c:70:ec:47:96:
34:bb:cf:c6:3b:7c:fe:44:75:ad:25:88:fd:54:7a:34:ba:1a:
30:01:18:51:9e:a8:50:f2:7b:07:fd:09:75:1d:60:9c:9e:57:
9a:47:a7:ad:01:26:7a:43:92:83:eb:3c:d4:1b:4f:46:0d:71:
01:32:bb:03:fd:3b:dc:d8:ba:d6:25:b0:1d:27:71:0e:98:c5:
c5:34:4f:99:17:f2:31:ab:a7:da:32:ae:df:36:f5:63:cc:93:
c3:de:78:21:9e:74:ca:87:0f:9c:c9:cb:b9:d3:fb:5a:14:3b:
41:70:ba:2f:ec:a2:67:d6:55:8a:2f:1c:2a:5e:7b:7d:9f:0d:
16:b9:22:e7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPEUMkxXIpIRqvTh/MApF9wcq98YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMxMDZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhNjQxZGZhNjhkNTRiN2IwMWRjNTdiN2FkMDliMjc2MGM2YjhjZTc1NDY5
YTFiYjI4ODM2NzliMDRlZWI1M2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOGh2IQ6BfLqpwISz/gDlWJXwrKoVJOY3JJY9+fxx31MfrYGwXnNHaAbPPUF
07BnSUiWiiGdTohWNIIqqQWGHuh+i6omXBxMvxIY7ZWa4x5ZCBxweGCubnHnwC/T
kVIueLEioJEaJ3Sfw0jhxLpXDHvYJWmHnCrgPyb6i6F6jKxEafKIaBkt8G/E1YA+
0NRyhoiIF1zRlyG5up6RkrPeMLhVpwH7j09xvSdLzalyzaxn90Fu+960YDWpBiJK
BmvxiFlu4/xzaAJIqKI9sQNXmlwPMY6T5KIhwjjiqFBk2GBNZ5HXhOrucD5zG4Pi
K5OKCzcnPCYbSr0c9dx2XXJeJPkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ4noo3
jIbXIy226B0D+jEyWcM7fzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzE1M2Y5OTQtMTlmZC00NjgyLWI2ZjctZjRlOTJlNjE0NGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwM
MA0GCSqGSIb3DQEBCwUAA4IBAQB5Z1+f6x5aT3CSWey66g3ScjeDCqV0nLl/WQEQ
UG+xuasdIRMXwfU7zB6NsMedH9kkX4uG21qpl3RL0K+xk5bGGkwiLfYewGEgW3FX
kx7If4YFABj2MFO0dmynQmcORq+r6QVHtQ6o+PcLbNN63cBbh/kmNzI/RIYcDHDs
R5Y0u8/GO3z+RHWtJYj9VHo0uhowARhRnqhQ8nsH/Ql1HWCcnleaR6etASZ6Q5KD
6zzUG09GDXEBMrsD/Tvc2LrWJbAdJ3EOmMXFNE+ZF/Ixq6faMq7fNvVjzJPD3ngh
nnTKhw+cycu50/taFDtBcLov7KJn1lWKLxwqXnt9nw0WuSLn
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:49:33 2025 by rpki-client