Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9709897-68c6-44f9-98f1-1f292cf13bea.roa
File: e9709897-68c6-44f9-98f1-1f292cf13bea.roa (raw, json)
Hash identifier: CV4Qxun1DPL21F/n+BP2pD3R1GwuXoEQbQA0ld2VmYY=
Subject key identifier: 4A:DC:44:95:FB:DA:C4:55:A6:FF:14:98:DA:DA:39:D8:8F:4B:DA:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B40696347CC1895119A69F678F17B93D1769932
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9709897-68c6-44f9-98f1-1f292cf13bea.roa
Signing time: Mon 14 Jul 2025 16:54:17 +0000
ROA not before: Mon 14 Jul 2025 16:54:17 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:40:69:63:47:cc:18:95:11:9a:69:f6:78:f1:7b:93:d1:76:99:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 14 16:54:17 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=b51817b85e9d0fe0848981bd95b1c7eae848a9f423d764af46882ee30f152925, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bc:ce:2b:c2:11:6b:72:84:34:15:b3:a9:45:
2f:e0:16:a9:f9:e7:2a:11:a1:98:dc:71:1a:f6:40:
53:25:66:92:8c:c0:87:e5:81:06:a8:8d:a8:58:e8:
a6:94:d7:32:f5:54:31:8d:44:52:d6:36:02:82:1b:
e6:10:5f:e0:a2:13:5f:cb:18:72:2b:07:d9:e1:a4:
31:ba:43:26:c3:00:b2:94:fa:b7:df:1e:01:72:dc:
e2:91:79:ca:a5:37:79:ef:81:da:15:1e:8a:a1:6b:
09:a3:99:1c:ba:8d:70:d9:3c:1e:8d:d4:7c:17:1c:
0a:77:9c:4a:db:cd:d3:a7:a7:17:63:94:18:75:db:
39:94:aa:6d:a6:f9:5a:87:05:dc:f4:0b:74:81:e0:
d6:08:7a:98:64:62:df:d9:c7:a5:c7:0a:3f:08:11:
7d:96:5e:9d:99:07:b2:cc:89:3d:09:c6:6b:50:d4:
14:8a:83:f7:a2:05:32:4e:68:4a:f3:3d:00:48:87:
24:c6:29:16:d3:55:db:c1:57:a7:2a:18:14:be:32:
a8:2d:92:dc:6a:d4:69:b5:38:02:f4:02:ab:71:88:
2f:93:a2:8a:13:0a:0f:80:31:79:6a:36:71:d0:1b:
30:e0:5a:c5:c4:70:0e:2d:fe:e4:2c:95:70:a8:80:
25:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:DC:44:95:FB:DA:C4:55:A6:FF:14:98:DA:DA:39:D8:8F:4B:DA:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9709897-68c6-44f9-98f1-1f292cf13bea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:6000::/40
Signature Algorithm: sha256WithRSAEncryption
87:7f:ce:9e:90:98:8f:9f:cb:5f:10:d0:86:b0:ed:10:b6:e5:
f4:c2:00:af:a8:d7:fb:88:cf:cd:0d:d6:56:19:a7:ec:2c:38:
fa:07:3f:ea:87:85:fd:d1:98:48:61:ed:8d:42:29:f1:8f:43:
bf:cf:83:2c:3f:1f:2f:d8:91:53:b0:0e:0a:db:aa:ad:5f:34:
9e:39:d0:1b:8f:ac:e8:c3:16:dc:b3:8e:e6:28:cc:98:18:93:
0e:5b:63:c5:35:a6:e8:4b:eb:4b:b1:be:ab:af:ba:af:17:52:
13:53:60:63:0e:de:85:b4:9f:ca:8c:63:f0:86:2e:60:de:47:
eb:22:f1:73:b4:cf:84:5a:7c:60:32:dc:e1:74:55:8d:c0:69:
4c:64:a3:fb:7f:38:52:cb:de:bc:6c:52:82:e8:4d:c4:c3:9b:
08:d8:7b:6e:aa:7c:cc:c7:f8:d1:8a:c7:53:e7:44:82:b9:d4:
43:41:2b:8c:42:50:fb:5a:5a:f5:28:08:77:d3:e1:a5:eb:3a:
fc:d9:46:ae:1e:f7:10:56:54:e3:68:ac:af:3f:e9:16:a0:f5:
82:84:c3:0f:85:65:3d:04:3d:0a:a0:99:ed:d4:2a:91:61:22:
9e:58:ec:63:fd:2a:43:4e:f5:c1:e8:4a:28:b1:60:be:76:cc:
a1:47:51:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUS0BpY0fMGJURmmn2ePF7k9F2mTIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTQxNjU0MTdaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1MTgxN2I4NWU5ZDBmZTA4NDg5ODFiZDk1YjFjN2VhZTg0OGE5ZjQyM2Q3
NjRhZjQ2ODgyZWUzMGYxNTI5MjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK68zivCEWtyhDQVs6lFL+AWqfnnKhGhmNxxGvZAUyVmkozAh+WBBqiNqFjo
ppTXMvVUMY1EUtY2AoIb5hBf4KITX8sYcisH2eGkMbpDJsMAspT6t98eAXLc4pF5
yqU3ee+B2hUeiqFrCaOZHLqNcNk8Ho3UfBccCnecStvN06enF2OUGHXbOZSqbab5
WocF3PQLdIHg1gh6mGRi39nHpccKPwgRfZZenZkHssyJPQnGa1DUFIqD96IFMk5o
SvM9AEiHJMYpFtNV28FXpyoYFL4yqC2S3GrUabU4AvQCq3GIL5OiihMKD4AxeWo2
cdAbMOBaxcRwDi3+5CyVcKiAJRsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRK3ESV
+9rEVab/FJja2jnYj0va3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTk3MDk4OTctNjhjNi00NGY5LTk4ZjEtMWYyOTJjZjEzYmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRg
MA0GCSqGSIb3DQEBCwUAA4IBAQCHf86ekJiPn8tfENCGsO0QtuX0wgCvqNf7iM/N
DdZWGafsLDj6Bz/qh4X90ZhIYe2NQinxj0O/z4MsPx8v2JFTsA4K26qtXzSeOdAb
j6zowxbcs47mKMyYGJMOW2PFNaboS+tLsb6rr7qvF1ITU2BjDt6FtJ/KjGPwhi5g
3kfrIvFztM+EWnxgMtzhdFWNwGlMZKP7fzhSy968bFKC6E3Ew5sI2HtuqnzMx/jR
isdT50SCudRDQSuMQlD7Wlr1KAh30+Gl6zr82UauHvcQVlTjaKyvP+kWoPWChMMP
hWU9BD0KoJnt1CqRYSKeWOxj/SpDTvXB6EoosWC+dsyhR1FZ
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:29 2025 by rpki-client