Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
File: cda3712d-34a6-428d-a694-19bab377c44e.roa (raw, json)
Hash identifier: TXP1aFAj2C35ZWBEjDxeiL0ARgDR8gTnDEzrVB8dHEs=
Subject key identifier: B1:70:35:85:84:AC:35:20:0D:EC:0D:EB:CA:CB:81:4C:EA:5B:CD:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D02B221702EF8E0F02E4A5EAB93946425840675
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
Signing time: Fri 11 Jul 2025 20:40:17 +0000
ROA not before: Fri 11 Jul 2025 20:40:17 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:02:b2:21:70:2e:f8:e0:f0:2e:4a:5e:ab:93:94:64:25:84:06:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:40:17 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a43aa5370094736db514b4bb38a82a1fdc0a144b0e1d8a6b5f7ecbb6a442b2bc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a6:af:9d:df:85:7a:39:f0:0a:ed:a6:60:a3:
f4:01:92:75:8d:99:96:ee:46:98:94:c0:47:ca:87:
85:3e:30:f9:b3:22:cd:45:f1:38:c3:cf:8d:5f:42:
98:b7:a1:52:00:57:e4:d5:46:d3:6f:3d:fd:3b:1e:
c9:cf:14:a5:ab:38:c8:b6:aa:5e:cc:84:e7:95:52:
6b:8b:e3:cd:5d:50:e1:77:c7:f8:8e:e5:5c:c1:50:
f3:b7:b2:cd:c9:d6:42:19:1b:e5:5c:ee:c6:3a:27:
99:11:37:11:49:db:d0:bd:f0:80:9f:e9:ad:a4:6f:
8a:73:40:c3:46:8a:c5:3e:13:d8:fe:1c:d4:55:8d:
c1:c0:af:70:e7:14:c5:49:40:82:03:9c:6a:97:f1:
5e:48:ec:fe:55:09:18:f9:02:09:28:4f:4a:fb:ec:
d3:0f:c8:36:c7:05:6f:89:26:0b:bc:6a:ab:ae:2d:
b7:86:a0:52:5d:52:b7:8b:8a:64:52:ce:9c:1c:c0:
2f:89:75:f4:e9:a9:93:77:b4:00:e5:0c:96:d0:56:
70:ff:35:be:96:f9:3a:a8:03:90:0b:45:e6:a4:13:
03:c5:2b:ea:25:1a:aa:d3:a4:1e:ad:b3:1e:17:92:
be:83:bb:1e:db:0b:45:a1:03:4a:dd:a1:40:c8:fa:
49:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:70:35:85:84:AC:35:20:0D:EC:0D:EB:CA:CB:81:4C:EA:5B:CD:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/38
Signature Algorithm: sha256WithRSAEncryption
0c:2b:84:81:06:8b:d0:63:ae:08:73:85:0a:09:9a:6d:3d:1c:
0b:dc:4e:62:3f:ae:f4:f6:36:c9:84:15:b3:0d:55:96:50:ed:
05:13:17:ba:46:d4:49:34:5e:a3:1e:ba:0d:45:4f:5e:ae:75:
06:73:1e:4d:35:6e:c6:f0:c3:30:f5:b8:db:56:89:be:3d:cb:
f9:77:4a:34:a1:99:bd:cf:d7:d4:33:d5:8e:b5:6e:d6:ef:01:
75:cb:29:82:6c:f5:83:d5:61:14:ab:fc:57:55:fc:93:2b:d5:
dc:6e:ed:4e:9f:f3:4f:2d:78:32:0e:7a:a2:7b:21:6b:59:4d:
45:0d:34:78:15:a4:55:44:07:19:29:34:74:84:10:71:fb:16:
fe:a0:1b:93:9c:09:ac:70:e1:3c:e1:52:75:9d:dd:66:bf:a3:
f5:86:7b:ae:75:71:2a:c5:19:1c:e3:38:78:17:19:46:0f:8f:
8e:eb:9e:91:4d:1c:9a:b3:8c:ef:f4:57:52:91:67:72:31:61:
e1:a5:15:77:fb:78:b8:ce:a9:14:33:03:33:68:c5:e7:d0:c5:
a7:1a:94:56:dd:9b:c1:8e:9e:25:e3:78:0f:a3:99:ad:77:05:
d2:19:9d:97:78:1b:1c:27:b5:38:dc:4e:57:43:f1:e2:b8:dc:
ca:11:5a:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHQKyIXAu+ODwLkpeq5OUZCWEBnUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQwMTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0M2FhNTM3MDA5NDczNmRiNTE0YjRiYjM4YTgyYTFmZGMwYTE0NGIwZTFk
OGE2YjVmN2VjYmI2YTQ0MmIyYmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmmr53fhXo58ArtpmCj9AGSdY2Zlu5GmJTAR8qHhT4w+bMizUXxOMPPjV9C
mLehUgBX5NVG0289/Tseyc8Upas4yLaqXsyE55VSa4vjzV1Q4XfH+I7lXMFQ87ey
zcnWQhkb5VzuxjonmRE3EUnb0L3wgJ/praRvinNAw0aKxT4T2P4c1FWNwcCvcOcU
xUlAggOcapfxXkjs/lUJGPkCCShPSvvs0w/INscFb4kmC7xqq64tt4agUl1St4uK
ZFLOnBzAL4l19Ompk3e0AOUMltBWcP81vpb5OqgDkAtF5qQTA8Ur6iUaqtOkHq2z
HheSvoO7HtsLRaEDSt2hQMj6SYUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSxcDWF
hKw1IA3sDevKy4FM6lvNXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhMzcxMmQtMzRhNi00MjhkLWE2OTQtMTliYWIzNzdjNDRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQAMK4SBBovQY64Ic4UKCZptPRwL3E5iP6709jbJ
hBWzDVWWUO0FExe6RtRJNF6jHroNRU9ernUGcx5NNW7G8MMw9bjbVom+Pcv5d0o0
oZm9z9fUM9WOtW7W7wF1yymCbPWD1WEUq/xXVfyTK9Xcbu1On/NPLXgyDnqieyFr
WU1FDTR4FaRVRAcZKTR0hBBx+xb+oBuTnAmscOE84VJ1nd1mv6P1hnuudXEqxRkc
4zh4FxlGD4+O656RTRyas4zv9FdSkWdyMWHhpRV3+3i4zqkUMwMzaMXn0MWnGpRW
3ZvBjp4l43gPo5mtdwXSGZ2XeBscJ7U43E5XQ/HiuNzKEVq2
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:18 2025 by rpki-client