Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
File: c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa (raw, json)
Hash identifier: GNvt6zfUWbXdeHHLl+qkvbhcznGtU5/0hnDozQdFasY=
Subject key identifier: 8A:78:09:B2:37:16:00:5F:2A:F2:49:16:3D:25:15:13:41:7B:0B:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79253E36BA9FDF7C257E1292418343019A7298
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
Signing time: Fri 11 Jul 2025 19:31:16 +0000
ROA not before: Fri 11 Jul 2025 19:31:16 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:25:3e:36:ba:9f:df:7c:25:7e:12:92:41:83:43:01:9a:72:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:31:16 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ee111acf28e06954f74ff3101298c3106f9249ed2f7e82f05aad12f6a168e1ad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:90:43:0c:8c:76:60:b4:bf:e9:f7:94:64:fd:
e4:d1:a7:15:ef:42:78:7f:a5:81:ba:ee:4f:b3:cd:
fd:d5:b8:fe:6a:26:71:07:9a:8d:0f:11:a2:53:6e:
76:0a:6f:13:9e:1f:e6:34:12:e2:c8:69:7b:33:63:
a5:95:c6:48:aa:19:71:60:1f:f2:71:f3:bf:89:90:
6d:d3:a5:df:71:2f:d4:77:74:11:89:57:56:f8:b6:
99:e9:1d:14:34:84:2e:7b:43:ef:88:e9:ff:56:29:
f4:47:fb:2f:79:fc:bd:d2:0a:0c:f2:83:14:a0:7f:
b3:0a:0f:05:cb:f2:02:bb:d7:f3:38:3e:71:44:e8:
5a:03:e4:11:9a:29:fd:e3:11:7b:ba:7f:f0:9e:31:
44:b9:0c:0b:2f:15:48:0e:ab:4b:2c:dc:3c:6c:d4:
64:f6:27:eb:2b:87:42:2e:d9:9c:46:42:79:58:7b:
22:6e:8a:a4:66:ce:87:cd:c8:90:3a:7e:8f:4a:5b:
cf:48:5c:bb:4a:65:03:8d:51:01:ad:ee:1a:c0:8d:
98:2b:f7:ee:5f:fb:92:68:8c:98:93:e5:38:04:9c:
55:f8:d6:78:d8:93:4d:96:e2:f6:49:1c:57:24:ec:
48:4d:1e:f7:f4:36:f3:e9:cb:f4:de:76:d0:18:18:
f0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:78:09:B2:37:16:00:5F:2A:F2:49:16:3D:25:15:13:41:7B:0B:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2000::/40
Signature Algorithm: sha256WithRSAEncryption
4d:9f:75:92:db:9b:18:27:cc:a9:3a:e4:ad:04:9f:14:1e:5e:
aa:2c:ca:dd:1c:0b:25:d4:24:32:fd:c7:18:16:5a:2c:e8:2c:
09:1f:71:e3:17:1c:7d:b6:07:a6:81:87:b5:c2:36:79:b5:89:
90:24:71:b9:01:62:6e:8a:4c:d7:cc:c2:af:45:8c:32:cf:18:
9d:ac:83:8c:68:c8:ae:96:fd:23:05:8e:00:f9:7f:cc:52:b2:
91:a5:ea:b3:9e:a1:0c:7d:68:04:95:94:c5:bb:dd:cb:46:07:
05:f9:72:fb:b9:95:f6:34:14:13:79:15:a5:5e:2e:51:eb:29:
88:61:5f:09:8d:fc:d7:bd:19:30:4e:63:5b:5e:ff:a8:41:8f:
13:3c:c7:17:44:0a:ed:5c:a1:56:f3:d9:8c:a2:22:22:02:ed:
d4:ec:e4:dd:7c:7a:76:42:38:1b:a8:40:f9:bb:ca:18:db:5a:
94:6f:3a:77:c0:66:b0:d0:85:55:2c:3e:24:bf:1b:2d:a1:ec:
a6:f1:8a:24:ca:99:b3:4b:46:72:68:07:b8:b0:be:e9:13:af:
d4:5c:09:d2:c0:90:11:29:f6:01:d0:8d:7f:02:52:26:09:56:
09:c4:59:de:26:1a:93:b5:28:c0:5a:6c:bf:4e:72:f5:07:2e:
27:f8:ef:ba
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgITeSU+Nrqf33wlfhKSQYNDAZpymDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDcxMTE5MzExNloXDTI1MDgxNTIzNTk1OVowejFJMEcGA1UE
BRNAZWUxMTFhY2YyOGUwNjk1NGY3NGZmMzEwMTI5OGMzMTA2ZjkyNDllZDJmN2U4
MmYwNWFhZDEyZjZhMTY4ZTFhZDEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAhJBDDIx2YLS/6feUZP3k0acV70J4f6WBuu5Ps8391bj+aiZxB5qNDxGiU252
Cm8Tnh/mNBLiyGl7M2OllcZIqhlxYB/ycfO/iZBt06XfcS/Ud3QRiVdW+LaZ6R0U
NIQue0PviOn/Vin0R/svefy90goM8oMUoH+zCg8Fy/ICu9fzOD5xROhaA+QRmin9
4xF7un/wnjFEuQwLLxVIDqtLLNw8bNRk9ifrK4dCLtmcRkJ5WHsiboqkZs6HzciQ
On6PSlvPSFy7SmUDjVEBre4awI2YK/fuX/uSaIyYk+U4BJxV+NZ42JNNluL2SRxX
JOxITR739Dbz6cv03nbQGBjwowIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFIp4CbI3
FgBfKvJJFj0lFRNBewuuMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC9j
M2Y0YjBlMC1kZjZkLTQ4MWEtOGQ3NS03NzA5ZTU0NWQxZTgucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQciAw
DQYJKoZIhvcNAQELBQADggEBAE2fdZLbmxgnzKk65K0EnxQeXqosyt0cCyXUJDL9
xxgWWizoLAkfceMXHH22B6aBh7XCNnm1iZAkcbkBYm6KTNfMwq9FjDLPGJ2sg4xo
yK6W/SMFjgD5f8xSspGl6rOeoQx9aASVlMW73ctGBwX5cvu5lfY0FBN5FaVeLlHr
KYhhXwmN/Ne9GTBOY1te/6hBjxM8xxdECu1coVbz2YyiIiIC7dTs5N18enZCOBuo
QPm7yhjbWpRvOnfAZrDQhVUsPiS/Gy2h7KbxiiTKmbNLRnJoB7iwvukTr9RcCdLA
kBEp9gHQjX8CUiYJVgnEWd4mGpO1KMBabL9OcvUHLif477o=
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:17 2025 by rpki-client