Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
File: d84b5798-b167-465e-8272-054986363200.roa (raw, json)
Hash identifier: 2PA9iQ7g8fJcsq6/9j08BhSP5zxfBPkVR0+Jtr9ACPk=
Subject key identifier: ED:6D:8F:1C:05:EC:1D:D3:B7:F6:C6:F4:F0:79:61:10:40:CA:5D:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77EBE108CF3277B4CB9C235CB7CEC1E2D38935F6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
Signing time: Fri 11 Jul 2025 19:20:45 +0000
ROA not before: Fri 11 Jul 2025 19:20:45 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:eb:e1:08:cf:32:77:b4:cb:9c:23:5c:b7:ce:c1:e2:d3:89:35:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:20:45 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f4e6078e10efd35457bbbcb38bcfce4a43d8360132439caa13a3a5ff7e2bcf70, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:80:4a:53:67:e9:dd:2a:0b:73:de:78:5d:6b:
4d:c0:f0:3f:da:9e:f0:da:cd:59:84:7d:17:0b:70:
05:5b:3a:20:f0:e9:6e:a4:87:62:c7:c0:dd:34:2b:
b2:b0:06:a5:59:b6:79:e4:2e:73:84:f3:58:97:4a:
fa:a3:79:7b:47:c2:59:58:68:21:b8:af:c8:aa:68:
33:d4:fd:42:4c:37:d2:ab:6e:a9:15:8a:1b:08:f5:
34:ea:6e:ce:1b:54:4a:24:8d:0d:a3:06:51:ad:59:
43:fb:57:1c:31:6a:ad:8a:85:d6:fe:9a:e0:c5:fe:
c1:c3:39:a6:f5:6a:58:c4:bd:15:75:c5:aa:a6:f9:
40:70:6d:90:4e:a0:6d:5d:ca:cf:b7:30:e6:46:7f:
d9:e9:72:0c:91:32:4f:be:20:93:44:61:f9:f9:5e:
9a:1a:ea:5e:d8:00:a1:14:46:d1:dc:d7:79:01:e9:
0e:11:ba:13:32:3f:e4:de:98:5f:0c:b4:b7:2b:9f:
42:55:0c:c9:6c:38:25:0a:88:78:f9:cc:d0:a7:cf:
b6:76:eb:53:5f:f5:22:65:55:ae:6c:c4:43:54:cc:
fe:a0:e4:34:d1:11:55:00:41:64:fd:14:da:3c:6b:
a5:c5:79:34:f9:64:93:f3:a3:82:53:46:65:59:42:
84:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:6D:8F:1C:05:EC:1D:D3:B7:F6:C6:F4:F0:79:61:10:40:CA:5D:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
82:c5:f9:13:43:ce:1f:9e:af:fc:5e:6c:d8:62:f8:55:fd:10:
53:a7:13:ca:ea:8e:46:f5:ec:5a:5c:fe:1c:96:f7:7d:26:a9:
c4:8b:e3:13:5f:9f:8f:c3:34:14:ab:b0:51:dd:98:09:44:75:
6b:25:22:b8:2e:ed:bd:00:41:79:c8:51:bd:d6:14:83:0e:02:
56:6a:b0:f4:dd:c0:f5:32:d2:98:60:20:22:4e:95:75:f5:dc:
79:e1:da:e8:40:fd:f8:75:07:c7:1f:20:9b:0c:df:85:bb:20:
06:ec:6c:30:6c:c5:21:1b:4c:48:69:9f:5f:6c:ba:e4:4a:9e:
32:b3:c0:c6:83:f2:1a:0d:c8:16:90:99:75:d3:49:a1:1a:ab:
51:c6:ae:a7:71:f9:aa:60:67:50:63:ca:f6:af:7a:16:5f:08:
0d:84:ce:70:40:9e:ef:fd:79:2c:2d:5e:fe:e0:d6:2b:14:d6:
db:e8:1a:22:75:d8:b1:04:08:2f:55:1c:4a:38:ae:73:2a:1e:
8c:55:c9:63:31:04:f2:1c:23:06:42:21:6e:3f:ad:c8:1a:48:
a7:53:0a:f8:05:4e:bc:77:57:8f:49:f8:17:e9:72:c2:89:c9:
d9:f7:f4:f1:91:01:d1:70:3d:b8:0e:0a:13:b2:19:d2:82:28:
79:2e:a6:14
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUd+vhCM8yd7TLnCNct87B4tOJNfYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIwNDVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0ZTYwNzhlMTBlZmQzNTQ1N2JiYmNiMzhiY2ZjZTRhNDNkODM2MDEzMjQz
OWNhYTEzYTNhNWZmN2UyYmNmNzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKASlNn6d0qC3PeeF1rTcDwP9qe8NrNWYR9FwtwBVs6IPDpbqSHYsfA3TQr
srAGpVm2eeQuc4TzWJdK+qN5e0fCWVhoIbivyKpoM9T9Qkw30qtuqRWKGwj1NOpu
zhtUSiSNDaMGUa1ZQ/tXHDFqrYqF1v6a4MX+wcM5pvVqWMS9FXXFqqb5QHBtkE6g
bV3Kz7cw5kZ/2elyDJEyT74gk0Rh+flemhrqXtgAoRRG0dzXeQHpDhG6EzI/5N6Y
Xwy0tyufQlUMyWw4JQqIePnM0KfPtnbrU1/1ImVVrmzEQ1TM/qDkNNERVQBBZP0U
2jxrpcV5NPlkk/OjglNGZVlChL8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTtbY8c
Bewd07f2xvTweWEQQMpdajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDg0YjU3OTgtYjE2Ny00NjVlLTgyNzItMDU0OTg2MzYzMjAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
wDANBgkqhkiG9w0BAQsFAAOCAQEAgsX5E0POH56v/F5s2GL4Vf0QU6cTyuqORvXs
Wlz+HJb3fSapxIvjE1+fj8M0FKuwUd2YCUR1ayUiuC7tvQBBechRvdYUgw4CVmqw
9N3A9TLSmGAgIk6VdfXceeHa6ED9+HUHxx8gmwzfhbsgBuxsMGzFIRtMSGmfX2y6
5EqeMrPAxoPyGg3IFpCZddNJoRqrUcaup3H5qmBnUGPK9q96Fl8IDYTOcECe7/15
LC1e/uDWKxTW2+gaInXYsQQIL1UcSjiucyoejFXJYzEE8hwjBkIhbj+tyBpIp1MK
+AVOvHdXj0n4F+lywonJ2ff08ZEB0XA9uA4KE7IZ0oIoeS6mFA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:40 2025 by rpki-client