Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
File: e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa (raw, json)
Hash identifier: bIyXR3LJxkzNCn4tapYkM1a8wnEpbdGo6FGj+tyiCFE=
Subject key identifier: 41:F3:4D:23:08:2F:4F:A2:3D:64:74:9C:BF:26:B0:8E:F0:44:27:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 213F26E314305E41ED7EDB87CEF32CB8F37882F3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
Signing time: Tue 01 Jul 2025 15:10:47 +0000
ROA not before: Tue 01 Jul 2025 15:10:47 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:6000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:3f:26:e3:14:30:5e:41:ed:7e:db:87:ce:f3:2c:b8:f3:78:82:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:10:47 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=c6625131e517b8ee3836f8b75013a6d4ea48b523345c6a740cd094b983b0e293, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8b:91:cf:b0:63:e5:9a:b4:e0:c2:42:ff:81:
ea:96:5b:7e:ee:f5:86:c0:fc:ba:db:30:47:39:47:
ef:b1:e9:65:d0:28:0e:55:cc:ea:7b:46:0a:f0:81:
fe:ee:e7:35:26:96:da:1f:ee:7e:e1:62:e0:63:24:
d4:d0:33:8d:88:59:e9:de:dc:40:30:9f:13:76:9f:
e8:97:d7:c4:d2:30:07:d2:98:0f:ed:ae:09:7d:02:
b6:f2:cf:21:58:a0:f0:9c:d1:a8:16:13:e1:95:f1:
eb:ad:13:2d:1a:e6:49:20:0b:dd:35:46:c0:73:05:
dd:f2:e4:75:eb:bf:65:41:8f:d5:d8:29:3c:ed:d2:
08:b5:2d:36:2f:de:ff:b7:46:c3:50:27:65:80:d8:
2c:07:dc:84:7f:68:20:9a:51:5c:1f:cd:b2:3c:6a:
24:6e:42:10:36:57:e6:70:69:19:df:3e:70:90:73:
47:04:9d:3e:e7:9e:f6:d7:b1:8d:43:bf:88:98:bc:
22:6d:61:f5:97:71:ff:17:ab:ab:3c:4e:ed:40:b1:
05:a3:09:01:60:7a:f9:77:48:a0:b7:d1:35:a6:32:
65:d5:cf:a8:30:06:a8:a1:b2:cf:db:24:07:55:81:
f5:b7:c5:35:eb:99:e5:59:90:ff:ad:02:bc:e3:d6:
aa:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:F3:4D:23:08:2F:4F:A2:3D:64:74:9C:BF:26:B0:8E:F0:44:27:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:6000::/48
Signature Algorithm: sha256WithRSAEncryption
89:49:b5:d2:02:a2:27:39:6f:3a:d3:56:89:9a:db:2a:56:d2:
66:df:3c:6b:b9:2c:3b:c2:7f:68:00:d7:7c:2c:00:b0:e8:19:
7b:95:24:d4:f4:b8:d4:30:ac:d8:aa:ee:a1:fe:cf:4c:5d:0f:
77:e1:7b:2a:c1:1f:4c:02:e0:2b:ee:7a:c5:df:b0:b9:ae:86:
ad:0a:57:64:a1:3f:c5:02:13:2c:ce:ea:a0:ea:16:6a:27:19:
a6:45:cc:3f:41:8a:6e:1a:4d:52:03:b2:5b:b5:e9:3d:5f:cf:
d6:55:41:bb:7d:35:aa:47:97:f3:66:81:2c:ac:45:11:53:97:
c1:ab:af:9c:6d:ce:d0:03:37:b3:5c:79:f0:4d:02:7c:45:cb:
af:8e:1c:d9:17:fb:84:72:db:8a:3c:66:bf:e1:82:fc:bb:e8:
86:81:07:27:e4:0f:56:2d:f5:c5:2b:83:93:a5:d7:da:93:58:
a7:9a:02:b2:15:08:af:85:70:46:68:78:2d:9f:9c:11:ad:43:
40:08:d8:4b:f4:d4:35:2f:04:c3:aa:83:e0:58:c1:79:81:01:
24:a9:0c:0e:16:01:8a:70:d5:b5:3c:8e:5c:d3:c1:39:ab:09:
96:e4:fb:16:88:4d:39:f5:a4:08:25:73:c1:1a:91:0f:83:61:
a2:ad:c3:3e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIT8m4xQwXkHtftuHzvMsuPN4gvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTEwNDdaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2NjI1MTMxZTUxN2I4ZWUzODM2ZjhiNzUwMTNhNmQ0ZWE0OGI1MjMzNDVj
NmE3NDBjZDA5NGI5ODNiMGUyOTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2Lkc+wY+WatODCQv+B6pZbfu71hsD8utswRzlH77HpZdAoDlXM6ntGCvCB
/u7nNSaW2h/ufuFi4GMk1NAzjYhZ6d7cQDCfE3af6JfXxNIwB9KYD+2uCX0CtvLP
IVig8JzRqBYT4ZXx660TLRrmSSAL3TVGwHMF3fLkdeu/ZUGP1dgpPO3SCLUtNi/e
/7dGw1AnZYDYLAfchH9oIJpRXB/NsjxqJG5CEDZX5nBpGd8+cJBzRwSdPuee9tex
jUO/iJi8Im1h9Zdx/xerqzxO7UCxBaMJAWB6+XdIoLfRNaYyZdXPqDAGqKGyz9sk
B1WB9bfFNeuZ5VmQ/60CvOPWqkcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRB800j
CC9Poj1kdJy/JrCO8EQnaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTliMjRhZDEtMDY5Yi00OTE2LTlkMzMtMzFhZDY5MzdmYjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZg
ADANBgkqhkiG9w0BAQsFAAOCAQEAiUm10gKiJzlvOtNWiZrbKlbSZt88a7ksO8J/
aADXfCwAsOgZe5Uk1PS41DCs2Kruof7PTF0Pd+F7KsEfTALgK+56xd+wua6GrQpX
ZKE/xQITLM7qoOoWaicZpkXMP0GKbhpNUgOyW7XpPV/P1lVBu301qkeX82aBLKxF
EVOXwauvnG3O0AM3s1x58E0CfEXLr44c2Rf7hHLbijxmv+GC/LvohoEHJ+QPVi31
xSuDk6XX2pNYp5oCshUIr4VwRmh4LZ+cEa1DQAjYS/TUNS8Ew6qD4FjBeYEBJKkM
DhYBinDVtTyOXNPBOasJluT7FohNOfWkCCVzwRqRD4Nhoq3DPg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:29 2025 by rpki-client