Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0b87948-0066-431b-b731-8030cc7f4eef.roa
File: f0b87948-0066-431b-b731-8030cc7f4eef.roa (raw, json)
Hash identifier: tIuv2X6KHtbtdHQBYGu1q5zWltEgqkzkCPjUFDoDqCE=
Subject key identifier: 55:0C:1F:03:B3:07:A1:9F:F6:F6:B6:44:DF:A7:05:73:33:C9:59:F9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 60A6B00CF15316CBB23CD28CCA7EB5A4D872C017
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0b87948-0066-431b-b731-8030cc7f4eef.roa
Signing time: Fri 11 Jul 2025 19:50:38 +0000
ROA not before: Fri 11 Jul 2025 19:50:38 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:a6:b0:0c:f1:53:16:cb:b2:3c:d2:8c:ca:7e:b5:a4:d8:72:c0:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:50:38 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=c8b2ea6dcd3570fe65cbd46fa8532886d00e8b306e9fd897cd29db8101a725e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:20:eb:f1:64:e4:ff:1c:96:03:8a:44:78:e5:
e0:c5:36:4f:90:18:f1:fd:23:c5:e9:1f:81:08:15:
3a:1e:ee:82:4d:b2:cc:52:b0:82:b2:d4:85:4e:15:
8a:e3:a6:0c:92:a8:a3:b8:20:63:e1:d4:49:d7:68:
b6:24:8e:a8:4b:b8:fa:87:95:82:0a:f7:2f:e0:7f:
89:0c:a4:8c:a5:c8:45:b1:50:40:df:be:8e:33:70:
55:01:44:d1:b3:dc:ed:5e:5c:04:a6:98:9b:6f:9c:
da:c5:41:69:d4:e8:c2:e3:d6:e8:e6:f2:93:b7:1d:
5c:25:91:63:62:bd:1a:c2:4c:9e:fa:c4:60:a0:e5:
39:de:01:93:61:26:77:d5:f0:f9:98:9a:eb:96:20:
05:db:45:57:74:aa:ac:3e:10:0d:d6:c4:05:9c:b0:
5f:b2:d1:a9:21:95:e4:c7:55:fe:de:f6:d5:ed:76:
0f:9b:03:dd:5f:67:b1:af:3c:48:2d:80:44:fb:00:
06:15:24:78:26:d6:bd:cd:9e:8f:d7:2f:11:f7:8e:
42:69:b2:83:a2:1f:e6:07:0b:e1:35:2e:eb:af:1b:
17:d3:f4:9d:4d:2f:15:ef:5e:69:79:d1:c9:3c:32:
e3:80:7f:7e:58:f5:ce:cb:03:cf:a3:eb:a6:8c:2d:
f6:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:0C:1F:03:B3:07:A1:9F:F6:F6:B6:44:DF:A7:05:73:33:C9:59:F9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0b87948-0066-431b-b731-8030cc7f4eef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:9000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:e6:86:b2:ad:2e:ac:f3:90:ba:f1:fe:f7:de:fd:1f:8f:71:
7e:45:29:dd:ae:56:f4:4b:71:fd:36:5c:78:a1:13:00:a2:cb:
2f:e4:09:b0:f6:6e:c2:88:2a:6d:aa:e0:b2:db:0f:9c:16:56:
c1:8b:a7:fa:24:bf:b6:14:b1:e8:9c:8a:d9:d2:8f:f6:fd:c9:
96:37:7e:1b:df:82:d4:f6:b4:8d:7e:54:5b:15:a2:34:2b:5a:
c6:65:c2:a8:95:cc:d9:78:f1:9c:b2:27:6d:9a:64:f3:2d:8c:
23:e2:40:ee:f3:ce:0b:d9:40:62:1f:fa:23:65:70:e2:c7:24:
a2:d6:8e:05:a7:a2:6f:3f:b1:fe:4c:89:46:78:7a:e0:71:87:
5f:61:9b:7a:e1:6c:ee:db:b1:b8:e5:e9:0a:06:18:b2:fc:44:
b8:fe:7c:e3:75:f6:17:0a:95:cf:d4:04:fc:b1:c0:b8:2f:60:
64:dd:d3:ba:0e:1b:ea:93:05:fe:a5:10:e7:0a:17:07:fc:55:
2e:40:1b:e2:49:24:03:1a:53:75:c5:34:79:e4:eb:e8:72:16:
55:68:58:ca:35:ca:a3:8c:bd:32:5b:a0:41:96:e7:b6:d6:6d:
de:af:7a:d3:6f:7c:55:10:4f:59:7e:70:ad:21:7e:97:47:ea:
75:a3:b6:87
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYKawDPFTFsuyPNKMyn61pNhywBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUwMzhaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4YjJlYTZkY2QzNTcwZmU2NWNiZDQ2ZmE4NTMyODg2ZDAwZThiMzA2ZTlm
ZDg5N2NkMjlkYjgxMDFhNzI1ZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMg6/Fk5P8clgOKRHjl4MU2T5AY8f0jxekfgQgVOh7ugk2yzFKwgrLUhU4V
iuOmDJKoo7ggY+HUSddotiSOqEu4+oeVggr3L+B/iQykjKXIRbFQQN++jjNwVQFE
0bPc7V5cBKaYm2+c2sVBadTowuPW6Obyk7cdXCWRY2K9GsJMnvrEYKDlOd4Bk2Em
d9Xw+Zia65YgBdtFV3SqrD4QDdbEBZywX7LRqSGV5MdV/t721e12D5sD3V9nsa88
SC2ARPsABhUkeCbWvc2ej9cvEfeOQmmyg6If5gcL4TUu668bF9P0nU0vFe9eaXnR
yTwy44B/flj1zssDz6Prpowt9s0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRVDB8D
swehn/b2tkTfpwVzM8lZ+TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjBiODc5NDgtMDA2Ni00MzFiLWI3MzEtODAzMGNjN2Y0ZWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HeQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCq5oayrS6s85C68f733v0fj3F+RSndrlb0S3H9
Nlx4oRMAossv5Amw9m7CiCptquCy2w+cFlbBi6f6JL+2FLHonIrZ0o/2/cmWN34b
34LU9rSNflRbFaI0K1rGZcKolczZePGcsidtmmTzLYwj4kDu884L2UBiH/ojZXDi
xySi1o4Fp6JvP7H+TIlGeHrgcYdfYZt64Wzu27G45ekKBhiy/ES4/nzjdfYXCpXP
1AT8scC4L2Bk3dO6DhvqkwX+pRDnChcH/FUuQBviSSQDGlN1xTR55OvochZVaFjK
NcqjjL0yW6BBlue21m3er3rTb3xVEE9ZfnCtIX6XR+p1o7aH
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:45 2025 by rpki-client