Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb6f24ea-9fe8-46fd-b5b0-f03667b1672a.roa
File: eb6f24ea-9fe8-46fd-b5b0-f03667b1672a.roa (raw, json)
Hash identifier: agL7lFTo+YtlncMx0rCOoGkUJ98qwPVRYjcgeCo2Ki4=
Subject key identifier: 71:1F:E5:DF:14:CC:74:C8:B4:AC:45:8C:F2:11:3C:87:69:94:EB:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1ECFC45226D9609E28C74638E48942B0FEDE5C43
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb6f24ea-9fe8-46fd-b5b0-f03667b1672a.roa
Signing time: Fri 11 Jul 2025 19:41:11 +0000
ROA not before: Fri 11 Jul 2025 19:41:11 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:4040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:cf:c4:52:26:d9:60:9e:28:c7:46:38:e4:89:42:b0:fe:de:5c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:41:11 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=7d260709a49e1769c98a8d78bfad7de28392a830c0aba41a6319b6ea43190834, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:23:70:cd:15:02:82:82:ee:e0:8f:26:d7:d3:
ed:d2:52:50:57:18:40:55:1f:8d:61:11:07:a6:c2:
91:ed:92:26:2a:f0:4c:f8:a5:52:18:2c:fd:fb:27:
c9:79:ef:cf:a9:3f:36:b3:9e:91:bb:e1:66:b5:5f:
54:65:65:22:00:de:aa:a9:63:b9:57:7d:f3:34:aa:
20:7e:0e:ae:2a:d8:06:f6:bb:6e:75:4d:d0:04:04:
1e:7f:02:c8:c5:57:1f:9a:20:48:b5:38:f4:82:f8:
09:2f:a8:f1:27:7f:57:0e:1a:14:97:0b:f0:87:6b:
db:82:a2:f3:c4:3c:b1:5c:97:8d:4b:2b:62:6e:19:
31:a4:34:06:1a:87:ae:e9:8a:6f:3a:56:73:1e:be:
94:bf:3f:c3:66:d1:65:8d:3b:bb:c8:bd:2a:73:c7:
32:e4:1b:c9:50:49:98:78:f8:98:a1:e8:18:37:1a:
e2:52:22:ef:76:66:cb:04:e5:56:c4:a3:1e:17:6a:
39:48:45:88:f1:cb:30:ab:61:c4:39:8f:36:66:db:
68:ba:5f:08:70:07:0f:f6:40:4b:d4:76:91:76:09:
66:d1:98:ae:be:2c:3f:62:46:3c:2b:ee:c4:01:ff:
d9:82:e3:c1:c1:1f:9b:f7:0c:70:d8:e6:26:14:9c:
1d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:1F:E5:DF:14:CC:74:C8:B4:AC:45:8C:F2:11:3C:87:69:94:EB:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb6f24ea-9fe8-46fd-b5b0-f03667b1672a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:4040::/46
Signature Algorithm: sha256WithRSAEncryption
28:f9:ad:7a:f9:3e:b9:60:d1:0d:50:d1:03:ba:4a:8a:70:7d:
32:17:ef:40:35:e8:35:cf:ad:6e:79:56:a6:74:21:93:c6:7e:
13:e1:8c:08:0a:94:4b:a4:b1:40:b5:e6:bd:ee:0f:6c:98:23:
01:42:e3:55:22:3b:2c:d3:82:82:58:f0:28:05:77:18:0d:45:
37:82:48:d9:8a:f9:0b:b1:80:0e:ad:0f:84:33:e1:cc:a8:30:
dd:ab:63:96:26:e1:30:18:1e:d5:40:31:d3:c3:80:05:6e:16:
75:4c:bb:c4:22:38:dd:1a:4b:2d:fa:67:89:a3:2c:cf:fc:01:
8d:34:d8:b5:8d:d1:ce:34:0f:d8:4f:da:bc:88:13:aa:08:fb:
a0:6f:c4:b7:08:72:a8:27:60:92:21:f7:5d:a0:78:4d:02:f8:
1d:46:33:67:ef:05:52:68:21:38:2c:8f:61:8a:31:c6:93:0a:
a1:11:4e:f7:cf:3f:0f:69:66:a5:b8:02:a4:5f:b2:55:d5:5e:
af:93:37:ea:37:ef:14:40:90:78:94:93:1a:d4:03:58:6f:fb:
53:1f:d4:47:74:cc:45:ab:d1:2b:11:b7:2d:56:12:3d:1c:a7:
d5:bc:39:dc:c2:ce:34:85:e0:25:ac:f1:31:b0:8d:32:31:14:
f4:c7:b8:62
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHs/EUibZYJ4ox0Y45IlCsP7eXEMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTQxMTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkMjYwNzA5YTQ5ZTE3NjljOThhOGQ3OGJmYWQ3ZGUyODM5MmE4MzBjMGFi
YTQxYTYzMTliNmVhNDMxOTA4MzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0jcM0VAoKC7uCPJtfT7dJSUFcYQFUfjWERB6bCke2SJirwTPilUhgs/fsn
yXnvz6k/NrOekbvhZrVfVGVlIgDeqqljuVd98zSqIH4OrirYBva7bnVN0AQEHn8C
yMVXH5ogSLU49IL4CS+o8Sd/Vw4aFJcL8Idr24Ki88Q8sVyXjUsrYm4ZMaQ0BhqH
rumKbzpWcx6+lL8/w2bRZY07u8i9KnPHMuQbyVBJmHj4mKHoGDca4lIi73ZmywTl
VsSjHhdqOUhFiPHLMKthxDmPNmbbaLpfCHAHD/ZAS9R2kXYJZtGYrr4sP2JGPCvu
xAH/2YLjwcEfm/cMcNjmJhScHbcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRxH+Xf
FMx0yLSsRYzyETyHaZTrbzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWI2ZjI0ZWEtOWZlOC00NmZkLWI1YjAtZjAzNjY3YjE2NzJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HtA
QDANBgkqhkiG9w0BAQsFAAOCAQEAKPmtevk+uWDRDVDRA7pKinB9MhfvQDXoNc+t
bnlWpnQhk8Z+E+GMCAqUS6SxQLXmve4PbJgjAULjVSI7LNOCgljwKAV3GA1FN4JI
2Yr5C7GADq0PhDPhzKgw3atjlibhMBge1UAx08OABW4WdUy7xCI43RpLLfpniaMs
z/wBjTTYtY3RzjQP2E/avIgTqgj7oG/EtwhyqCdgkiH3XaB4TQL4HUYzZ+8FUmgh
OCyPYYoxxpMKoRFO988/D2lmpbgCpF+yVdVer5M36jfvFECQeJSTGtQDWG/7Ux/U
R3TMRavRKxG3LVYSPRyn1bw53MLONIXgJazxMbCNMjEU9Me4Yg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:34 2025 by rpki-client