Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
File: fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa (raw, json)
Hash identifier: /sUw5ItNAknQk+8JY5ov689/qeKpkzcv++7PpzTu+Aw=
Subject key identifier: D8:4A:1E:9D:97:DD:7D:B2:F3:28:1A:AB:BD:29:D8:8F:30:22:64:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E5EE1631B7FAED93E0A696D3EEBBADA0C09753B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
Signing time: Sat 12 Jul 2025 00:50:18 +0000
ROA not before: Sat 12 Jul 2025 00:50:18 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:5e:e1:63:1b:7f:ae:d9:3e:0a:69:6d:3e:eb:ba:da:0c:09:75:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:50:18 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=f5ef28c01c5675b2f7d94037e3a731c6350e2b0d45cbfaa19387463c413e1be8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:86:90:c2:7b:6e:e2:af:b0:48:c0:ae:96:2e:
90:2e:3e:98:23:89:d1:4a:2f:c8:78:c2:b5:64:a4:
c2:ab:aa:62:9a:a5:84:d3:6a:ed:18:8a:eb:71:c2:
ee:a4:6a:23:8b:17:09:91:07:fc:42:e4:96:07:f7:
51:85:5b:f3:8c:d2:b6:57:eb:4f:c2:d2:13:75:5d:
52:85:7d:fe:a4:f9:d1:2c:ca:8d:7c:2f:27:68:02:
4b:d1:d3:b1:32:00:ea:a7:13:66:aa:11:58:4f:ae:
cd:eb:d9:67:8f:15:31:70:5e:0b:6d:1b:4f:57:95:
7a:b1:6f:a5:3d:41:1c:4b:b2:46:cf:39:62:bf:3b:
e8:ca:89:32:09:de:76:a0:9b:3d:c1:b7:99:98:2f:
03:94:1a:60:67:e8:64:d9:59:b7:da:b7:35:88:34:
34:0c:1e:b5:5c:01:6f:b0:dd:cd:89:5b:12:c0:8e:
10:49:c1:f7:87:18:2f:85:fa:a0:d6:35:ed:0c:83:
12:2e:c2:33:50:4d:1f:b8:32:9f:7a:e1:bf:e1:b2:
1a:65:7f:f1:01:7c:fc:bd:21:25:cf:47:01:61:ec:
5e:c2:07:25:1a:5c:c0:65:a0:25:9d:31:89:0e:0d:
24:58:80:37:58:6e:27:39:14:4a:23:1e:6a:ea:5e:
73:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:4A:1E:9D:97:DD:7D:B2:F3:28:1A:AB:BD:29:D8:8F:30:22:64:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
85:4b:68:7a:28:e9:49:da:88:b5:4f:98:fa:a7:a1:63:b4:7a:
fe:bc:6d:29:a9:45:3a:06:07:cb:48:8d:a8:6a:39:db:ca:4b:
43:69:8f:69:84:bc:4d:1f:15:0d:b5:a8:87:ad:b9:26:b5:dd:
83:08:34:a7:7c:8b:58:67:1c:27:78:99:c7:20:2a:a4:db:3f:
79:8f:1e:cc:d2:9a:9a:32:e4:ef:78:f8:5d:1b:89:45:42:2a:
4a:b0:09:3e:94:9f:1e:92:8c:6d:57:c6:d4:f1:95:bf:be:ce:
3f:54:08:95:f7:a5:4d:4f:b9:87:b6:2f:3f:04:13:22:bb:eb:
fc:cc:b6:c8:09:c5:48:7f:fe:44:bc:f1:46:18:ef:2e:af:97:
fa:1e:fd:f0:9b:47:a4:27:eb:11:18:a6:a8:91:67:fb:37:40:
fa:90:0a:19:45:e5:bf:ee:47:70:b6:39:0a:47:b5:78:1d:75:
bc:0d:44:cc:29:55:d8:63:38:7e:0a:6f:3c:32:6d:c9:34:2a:
de:80:24:06:fc:68:e2:d0:21:c2:f7:4a:ac:58:90:17:48:56:
70:99:d8:94:34:cd:2d:da:9a:5d:35:a5:51:94:5a:a9:07:89:
d1:54:f3:70:23:55:d2:ca:2c:38:47:c0:7c:0b:4e:d9:00:0a:
42:d3:96:0e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXl7hYxt/rtk+CmltPuu62gwJdTswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUwMThaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1ZWYyOGMwMWM1Njc1YjJmN2Q5NDAzN2UzYTczMWM2MzUwZTJiMGQ0NWNi
ZmFhMTkzODc0NjNjNDEzZTFiZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKaGkMJ7buKvsEjArpYukC4+mCOJ0UovyHjCtWSkwquqYpqlhNNq7RiK63HC
7qRqI4sXCZEH/ELklgf3UYVb84zStlfrT8LSE3VdUoV9/qT50SzKjXwvJ2gCS9HT
sTIA6qcTZqoRWE+uzevZZ48VMXBeC20bT1eVerFvpT1BHEuyRs85Yr876MqJMgne
dqCbPcG3mZgvA5QaYGfoZNlZt9q3NYg0NAwetVwBb7DdzYlbEsCOEEnB94cYL4X6
oNY17QyDEi7CM1BNH7gyn3rhv+GyGmV/8QF8/L0hJc9HAWHsXsIHJRpcwGWgJZ0x
iQ4NJFiAN1huJzkUSiMeaupec3UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTYSh6d
l919svMoGqu9KdiPMCJkhTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmQzMjlhYjUtYWU1Yy00YjY4LWE0YzYtYjgyZjZlYTI5ZGQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCFS2h6KOlJ2oi1T5j6p6FjtHr+vG0pqUU6BgfL
SI2oajnbyktDaY9phLxNHxUNtaiHrbkmtd2DCDSnfItYZxwneJnHICqk2z95jx7M
0pqaMuTvePhdG4lFQipKsAk+lJ8ekoxtV8bU8ZW/vs4/VAiV96VNT7mHti8/BBMi
u+v8zLbICcVIf/5EvPFGGO8ur5f6Hv3wm0ekJ+sRGKaokWf7N0D6kAoZReW/7kdw
tjkKR7V4HXW8DUTMKVXYYzh+Cm88Mm3JNCregCQG/Gji0CHC90qsWJAXSFZwmdiU
NM0t2ppdNaVRlFqpB4nRVPNwI1XSyiw4R8B8C07ZAApC05YO
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:34:22 2025 by rpki-client