Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/edf7f775-4d15-46aa-a77e-d8dd11f7f3e2.roa
File: edf7f775-4d15-46aa-a77e-d8dd11f7f3e2.roa (raw, json)
Hash identifier: 5Ai6NfE6VyyW81cSluFnXyqpFILMKXztLcKAshIsF5U=
Subject key identifier: 49:ED:6F:30:2B:EC:E9:F2:C2:F8:C0:67:53:FE:17:9D:96:4B:C5:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6843AC11585CE6F767AA437419C3A4955343E9C5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/edf7f775-4d15-46aa-a77e-d8dd11f7f3e2.roa
Signing time: Mon 07 Jul 2025 18:20:35 +0000
ROA not before: Mon 07 Jul 2025 18:20:35 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:43:ac:11:58:5c:e6:f7:67:aa:43:74:19:c3:a4:95:53:43:e9:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:20:35 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=8ed2f9909a4f3c536857b663e878e84c69721376570631d375fabb9370713ff5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:2f:bc:67:c2:bf:42:09:6d:3d:2a:54:3c:bf:
56:2c:14:7f:6c:d1:9e:46:e7:f4:ee:21:7b:af:b5:
e6:2d:ba:47:69:99:3a:b0:2f:1e:8d:00:00:44:1f:
b7:20:02:4a:ea:a1:d6:aa:dd:1a:85:a6:63:ea:55:
9b:8e:40:a9:60:06:37:80:29:7b:94:03:b4:ac:26:
1f:ac:9a:70:70:5c:17:d4:da:ad:8b:01:d8:b3:dc:
b3:a4:57:c2:f8:51:76:1c:68:b5:60:8d:7c:c5:b1:
a3:b0:d7:a1:9d:ec:c7:67:5b:c5:0d:a8:cf:40:48:
b9:33:3f:a6:49:cc:e6:76:26:9a:27:cd:5c:f2:9e:
32:98:16:cc:7b:ea:fe:e7:3b:c5:cc:8d:0c:95:0d:
8f:12:3e:ca:b6:ca:18:11:61:8c:d2:73:d3:24:d8:
36:45:b3:42:7a:c3:20:ea:27:08:76:73:19:1e:7b:
01:27:85:60:8e:51:9b:a5:32:6c:0f:75:97:bf:a0:
f2:75:2c:92:36:90:29:27:ee:bc:ad:51:d8:d0:eb:
02:6e:30:fc:4d:18:81:0f:8d:9d:46:9e:01:89:64:
6d:5e:95:f9:3b:79:8a:aa:bc:a2:6a:b7:d2:97:ad:
45:86:cf:ee:96:09:80:51:81:27:f2:16:5c:e1:68:
26:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:ED:6F:30:2B:EC:E9:F2:C2:F8:C0:67:53:FE:17:9D:96:4B:C5:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/edf7f775-4d15-46aa-a77e-d8dd11f7f3e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:880::/48
Signature Algorithm: sha256WithRSAEncryption
87:f7:fd:ba:8c:74:30:39:11:ce:99:78:1a:bf:6e:d0:9e:d5:
1b:38:6a:9d:f5:12:59:9b:c7:bf:10:d5:2b:4a:da:52:0a:8e:
b1:eb:34:ff:75:23:db:97:06:08:a2:17:ac:d0:5e:7c:bc:ac:
2b:60:df:26:9b:1c:c4:a9:2d:20:ee:b7:32:ca:2b:fc:79:83:
2f:10:5e:6a:e2:12:60:45:51:e6:7d:0f:87:8f:c9:35:4e:1f:
85:40:b7:f0:e0:fb:4a:49:7f:cc:62:3a:f9:40:a4:e8:6b:7d:
52:cb:d4:20:0e:0b:51:96:fd:94:94:ea:22:b3:d5:31:13:70:
e5:ea:12:41:c8:32:23:16:c2:18:bb:95:c4:14:91:b5:0d:05:
e9:e7:bd:ec:0b:0f:e1:e3:25:38:fb:ed:3c:d8:ad:55:d2:4e:
16:64:56:cb:ab:e6:4e:6a:14:97:30:fe:1c:07:84:97:cf:58:
0d:a8:92:7b:97:fb:f9:f0:e2:57:de:78:79:85:87:dc:65:b6:
9f:4f:d1:9d:c8:39:cb:4e:78:b2:a7:36:76:d2:2c:5a:6f:b6:
b6:9c:fa:7f:4a:f9:0f:a1:a8:8c:8d:78:88:40:bf:f3:7f:4f:
c4:d2:8e:77:8e:9a:0b:d4:10:2c:f0:21:d6:fc:fa:02:8e:db:
e7:af:50:6b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaEOsEVhc5vdnqkN0GcOklVND6cUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIwMzVaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlZDJmOTkwOWE0ZjNjNTM2ODU3YjY2M2U4NzhlODRjNjk3MjEzNzY1NzA2
MzFkMzc1ZmFiYjkzNzA3MTNmZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN4vvGfCv0IJbT0qVDy/ViwUf2zRnkbn9O4he6+15i26R2mZOrAvHo0AAEQf
tyACSuqh1qrdGoWmY+pVm45AqWAGN4Ape5QDtKwmH6yacHBcF9TarYsB2LPcs6RX
wvhRdhxotWCNfMWxo7DXoZ3sx2dbxQ2oz0BIuTM/pknM5nYmmifNXPKeMpgWzHvq
/uc7xcyNDJUNjxI+yrbKGBFhjNJz0yTYNkWzQnrDIOonCHZzGR57ASeFYI5Rm6Uy
bA91l7+g8nUskjaQKSfuvK1R2NDrAm4w/E0YgQ+NnUaeAYlkbV6V+Tt5iqq8omq3
0petRYbP7pYJgFGBJ/IWXOFoJmsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRJ7W8w
K+zp8sL4wGdT/hedlkvFPTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWRmN2Y3NzUtNGQxNS00NmFhLWE3N2UtZDhkZDExZjdmM2UyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEI
gDANBgkqhkiG9w0BAQsFAAOCAQEAh/f9uox0MDkRzpl4Gr9u0J7VGzhqnfUSWZvH
vxDVK0raUgqOses0/3Uj25cGCKIXrNBefLysK2DfJpscxKktIO63Msor/HmDLxBe
auISYEVR5n0Ph4/JNU4fhUC38OD7Skl/zGI6+UCk6Gt9UsvUIA4LUZb9lJTqIrPV
MRNw5eoSQcgyIxbCGLuVxBSRtQ0F6ee97AsP4eMlOPvtPNitVdJOFmRWy6vmTmoU
lzD+HAeEl89YDaiSe5f7+fDiV954eYWH3GW2n0/Rncg5y054sqc2dtIsWm+2tpz6
f0r5D6GojI14iEC/839PxNKOd46aC9QQLPAh1vz6Ao7b569Qaw==
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:15 2025 by rpki-client