Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
File: cb352ba2-1c61-4993-802d-895dc73880c2.roa (raw, json)
Hash identifier: PwugSlI9eqMWuTJrj3N2GWxH1epMH8JSsac724OaSso=
Subject key identifier: B0:14:44:05:98:B6:80:32:D6:24:54:F5:2F:5A:BE:D1:32:3C:28:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F1B6B1670FFEFADE82F81826EA2072462F6A5EB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
Signing time: Mon 07 Jul 2025 18:21:09 +0000
ROA not before: Mon 07 Jul 2025 18:21:09 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:1b:6b:16:70:ff:ef:ad:e8:2f:81:82:6e:a2:07:24:62:f6:a5:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:21:09 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=69a08efb89387ca1da003029da37a75ea1d2fe5cdb9ab671b588bc5bef73515e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a9:b1:ec:a1:dd:6e:f4:da:63:f0:3b:b1:ea:
49:62:aa:9f:72:dc:57:7b:2e:b8:ba:a2:1b:f4:63:
62:44:bd:32:58:fa:4a:4b:b3:33:61:aa:84:d1:34:
67:8b:ec:bd:54:37:a3:8a:dc:41:77:20:de:c0:71:
8c:a9:0a:6d:2e:f9:82:f5:6e:bb:1c:d7:e1:4f:01:
6d:a9:d9:45:a0:6b:1c:61:bb:36:7d:0d:4c:e3:a2:
aa:8e:24:6b:04:c8:99:b6:20:63:38:89:f1:73:cf:
c3:a4:f0:84:c3:95:ef:0b:f4:25:85:0f:b0:84:b2:
cc:6f:ca:8a:6f:9a:2d:1a:6c:40:d4:c9:39:5d:57:
fe:5f:78:12:b5:64:8d:65:b0:02:62:c9:c8:64:27:
24:2d:c4:f3:9b:e5:fe:24:e2:06:b5:a8:77:0e:7e:
5c:0d:e2:9f:96:be:15:e3:c8:86:b6:25:02:ae:30:
08:3a:a6:8c:49:90:a1:f4:71:f9:85:97:50:b0:29:
b9:98:b3:af:9d:3f:f0:a8:eb:4a:ee:66:04:00:2a:
e2:59:10:6a:50:43:01:2d:29:ec:36:8e:78:03:99:
ae:d0:11:fe:34:88:a6:3a:2a:5c:ce:61:61:22:9a:
bd:d0:f7:a1:09:5f:83:f3:95:88:7a:95:9e:7a:a0:
0b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:14:44:05:98:B6:80:32:D6:24:54:F5:2F:5A:BE:D1:32:3C:28:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:800::/40
Signature Algorithm: sha256WithRSAEncryption
74:54:40:f8:66:93:50:54:6c:47:a3:c2:2d:c0:2f:29:fb:ad:
59:8f:6a:67:66:2f:8f:c6:11:ad:74:c3:d0:26:aa:84:0f:f3:
74:6d:7e:c5:71:9e:f5:fd:4d:8a:20:c0:4c:c3:47:f9:fe:2b:
a2:36:e5:e9:49:50:2a:55:d2:4b:71:fa:ec:13:90:ae:66:95:
85:4b:da:3f:f9:bb:41:24:09:83:d5:fd:ce:73:42:b7:54:b8:
61:86:9b:3c:4f:46:10:05:ca:7b:6f:f5:ea:f1:86:98:58:0e:
a1:83:b5:9a:be:54:b3:11:d4:49:25:e9:b2:47:f1:f5:ad:fa:
e1:a3:df:bb:f4:76:e2:03:cf:13:e5:0e:5e:9d:dc:2d:c6:5a:
e2:47:d6:03:93:4f:00:f6:61:91:37:7d:6c:ad:83:7f:2b:ad:
71:35:d3:06:57:c6:60:1f:eb:4b:c2:c1:d8:5f:3e:a7:44:7b:
50:f1:53:9e:9a:67:5a:7e:e2:05:82:6b:a9:2d:a2:76:55:15:
86:9e:5c:3a:b1:33:4c:ca:1c:38:31:83:e8:44:c0:92:98:bb:
c8:f5:c8:55:4e:e5:ff:64:df:e4:33:99:6c:bd:87:fa:aa:6a:
7e:e8:d8:4f:e2:34:0d:79:a2:76:cf:40:7e:31:2f:a7:cf:3a:
8d:dd:b5:ab
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXxtrFnD/763oL4GCbqIHJGL2peswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIxMDlaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5YTA4ZWZiODkzODdjYTFkYTAwMzAyOWRhMzdhNzVlYTFkMmZlNWNkYjlh
YjY3MWI1ODhiYzViZWY3MzUxNWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSpseyh3W702mPwO7HqSWKqn3LcV3suuLqiG/RjYkS9Mlj6SkuzM2GqhNE0
Z4vsvVQ3o4rcQXcg3sBxjKkKbS75gvVuuxzX4U8BbanZRaBrHGG7Nn0NTOOiqo4k
awTImbYgYziJ8XPPw6TwhMOV7wv0JYUPsISyzG/Kim+aLRpsQNTJOV1X/l94ErVk
jWWwAmLJyGQnJC3E85vl/iTiBrWodw5+XA3in5a+FePIhrYlAq4wCDqmjEmQofRx
+YWXULApuZizr50/8KjrSu5mBAAq4lkQalBDAS0p7DaOeAOZrtAR/jSIpjoqXM5h
YSKavdD3oQlfg/OViHqVnnqgC7ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSwFEQF
mLaAMtYkVPUvWr7RMjwoVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2IzNTJiYTItMWM2MS00OTkzLTgwMmQtODk1ZGM3Mzg4MGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYI
MA0GCSqGSIb3DQEBCwUAA4IBAQB0VED4ZpNQVGxHo8ItwC8p+61Zj2pnZi+PxhGt
dMPQJqqED/N0bX7FcZ71/U2KIMBMw0f5/iuiNuXpSVAqVdJLcfrsE5CuZpWFS9o/
+btBJAmD1f3Oc0K3VLhhhps8T0YQBcp7b/Xq8YaYWA6hg7WavlSzEdRJJemyR/H1
rfrho9+79HbiA88T5Q5endwtxlriR9YDk08A9mGRN31srYN/K61xNdMGV8ZgH+tL
wsHYXz6nRHtQ8VOemmdafuIFgmupLaJ2VRWGnlw6sTNMyhw4MYPoRMCSmLvI9chV
TuX/ZN/kM5lsvYf6qmp+6NhP4jQNeaJ2z0B+MS+nzzqN3bWr
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:23:10 2025 by rpki-client