Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
File: f7a46ea9-b416-4218-a790-28cf84d702ce.roa (raw, json)
Hash identifier: IpfpbjUHrcDwRsdfgHbjfRwtTbjsWX/pc7ZRv0SOho0=
Subject key identifier: 4D:9E:CA:C3:D6:61:C5:94:6B:0E:6E:88:18:09:58:C9:F5:19:7E:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E6FBBF3D9DFEC63BA1F0ED22F37DC72D810E756
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
Signing time: Fri 11 Jul 2025 20:50:46 +0000
ROA not before: Fri 11 Jul 2025 20:50:46 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d026::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:6f:bb:f3:d9:df:ec:63:ba:1f:0e:d2:2f:37:dc:72:d8:10:e7:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:50:46 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=6dffca213543c18bea0b7b194d370961ea9cdde5b28116595434b46317608b04, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e6:1f:0d:c9:fb:aa:37:73:fc:b0:df:79:17:
45:f7:04:e8:9e:ca:b2:0d:50:18:0a:92:45:81:67:
c4:b2:c9:ff:f4:bd:aa:2f:37:d0:a3:00:9a:65:ef:
b0:e7:e9:1c:c4:77:c8:47:31:37:76:c9:a5:0e:04:
86:27:27:d1:62:af:46:9a:6c:09:a2:be:58:3b:94:
57:40:8c:24:01:e9:a1:f9:ca:32:9e:49:fe:6b:76:
18:2b:97:84:66:e8:bd:5c:cb:bb:f5:88:8b:0e:42:
78:4e:fe:11:04:a9:d4:d7:aa:38:6f:9d:4b:33:d8:
5c:b8:ab:c6:74:d0:d1:d2:d5:74:74:77:37:c7:e1:
67:24:ae:ff:8c:67:2d:39:a6:ae:4f:08:38:c5:e4:
92:34:f7:41:32:14:0c:38:2b:fd:c2:a6:c3:10:31:
3e:d8:d6:03:96:f2:54:25:97:c0:48:c6:12:65:d5:
24:79:7f:4e:ed:14:2b:b5:f9:33:a0:93:9e:16:ee:
32:a9:3e:78:06:9b:59:9d:f8:7d:ba:2b:dd:36:09:
b1:96:da:21:84:ca:8b:87:19:0d:cb:6a:ef:32:23:
1a:58:da:b6:a3:fb:c9:df:58:4f:e6:0c:fc:45:89:
5f:4c:1f:7f:fe:b3:40:0e:b2:b6:ab:09:f8:3d:fd:
ad:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:9E:CA:C3:D6:61:C5:94:6B:0E:6E:88:18:09:58:C9:F5:19:7E:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d026::/36
Signature Algorithm: sha256WithRSAEncryption
bd:cc:62:47:95:dc:5b:44:83:c2:ce:01:71:48:87:03:ab:c0:
ee:02:8c:d1:c4:d6:a5:03:16:5e:56:4e:f9:15:e7:14:f2:d7:
b9:eb:b5:c2:bb:cc:60:72:70:a6:04:98:36:23:e9:dc:bc:80:
5f:15:ee:e8:ea:43:83:02:42:0f:08:da:e8:9e:a7:55:ed:f3:
13:fa:53:c2:ae:3f:1e:0d:46:af:7d:65:7c:c4:87:f4:30:2e:
69:76:84:26:c7:e0:e1:74:01:7a:df:30:03:49:24:13:d5:4b:
89:e2:3c:5c:1f:0e:21:4a:c8:64:7e:60:ff:2c:45:c0:d4:68:
af:b1:65:e6:9b:71:22:1a:70:7d:90:51:6d:fd:6f:6a:97:66:
2e:e1:34:ef:c9:99:94:b4:50:bf:f2:e0:7d:96:27:9d:fb:ca:
60:e5:65:05:26:fa:e7:32:33:2a:87:3c:e2:94:f5:29:56:44:
32:a3:7b:af:3d:6c:86:42:e7:53:63:07:cc:51:82:d0:fd:a0:
f7:f3:ca:15:a5:7e:6f:d4:d4:d2:7d:e0:04:fc:19:03:4f:c8:
49:b7:a4:95:a8:65:3e:e2:2a:69:eb:f3:fe:59:88:c1:c2:67:
0e:33:70:63:0b:ef:d3:07:b6:d4:d8:4f:48:e3:e1:26:cc:ba:
73:f0:a9:1b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDm+789nf7GO6Hw7SLzfcctgQ51YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDUwNDZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkZmZjYTIxMzU0M2MxOGJlYTBiN2IxOTRkMzcwOTYxZWE5Y2RkZTViMjgx
MTY1OTU0MzRiNDYzMTc2MDhiMDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjmHw3J+6o3c/yw33kXRfcE6J7Ksg1QGAqSRYFnxLLJ//S9qi830KMAmmXv
sOfpHMR3yEcxN3bJpQ4Ehicn0WKvRppsCaK+WDuUV0CMJAHpofnKMp5J/mt2GCuX
hGbovVzLu/WIiw5CeE7+EQSp1NeqOG+dSzPYXLirxnTQ0dLVdHR3N8fhZySu/4xn
LTmmrk8IOMXkkjT3QTIUDDgr/cKmwxAxPtjWA5byVCWXwEjGEmXVJHl/Tu0UK7X5
M6CTnhbuMqk+eAabWZ34fbor3TYJsZbaIYTKi4cZDctq7zIjGljatqP7yd9YT+YM
/EWJX0wff/6zQA6ytqsJ+D39rQMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRNnsrD
1mHFlGsObogYCVjJ9Rl+/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdhNDZlYTktYjQxNi00MjE4LWE3OTAtMjhjZjg0ZDcwMmNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CYA
MA0GCSqGSIb3DQEBCwUAA4IBAQC9zGJHldxbRIPCzgFxSIcDq8DuAozRxNalAxZe
Vk75FecU8te567XCu8xgcnCmBJg2I+ncvIBfFe7o6kODAkIPCNronqdV7fMT+lPC
rj8eDUavfWV8xIf0MC5pdoQmx+DhdAF63zADSSQT1UuJ4jxcHw4hSshkfmD/LEXA
1GivsWXmm3EiGnB9kFFt/W9ql2Yu4TTvyZmUtFC/8uB9lied+8pg5WUFJvrnMjMq
hzzilPUpVkQyo3uvPWyGQudTYwfMUYLQ/aD388oVpX5v1NTSfeAE/BkDT8hJt6SV
qGU+4ipp6/P+WYjBwmcOM3BjC+/TB7bU2E9I4+EmzLpz8Kkb
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:33:06 2025 by rpki-client