Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa
File: 57cdb107-9a3c-4e41-87e2-149f989f7fae.roa (raw, json)
Hash identifier: tzwATsj4pxTS0zo6ukadSYgGUyfJoGBO0d6WkGFYugs=
Subject key identifier: 55:66:96:0F:CF:49:D4:5D:0C:50:12:E5:CF:7B:C0:96:5D:71:C3:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B6217E84F0235D0F2FCCBA562B5CF96978F8DF3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa
Signing time: Thu 04 Sep 2025 19:52:02 +0000
ROA not before: Thu 04 Sep 2025 19:52:02 +0000
ROA not after: Thu 09 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:60c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:62:17:e8:4f:02:35:d0:f2:fc:cb:a5:62:b5:cf:96:97:8f:8d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 4 19:52:02 2025 GMT
Not After : Oct 9 23:59:59 2025 GMT
Subject: serialNumber=3d9e332fb851f8a652bb1c728db7a99e0c1af60f27a381586792c6a824da0a8b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:34:45:bc:4b:1b:bf:89:e7:17:49:ec:46:f3:
15:07:03:e4:40:ad:be:23:f3:f1:09:1e:bb:a4:ff:
93:6e:af:b0:df:50:6b:a1:c4:cf:9e:b7:89:52:3f:
cd:2d:bc:5d:64:a4:17:98:ca:ac:b8:dc:91:b7:2b:
24:cc:16:2a:71:d3:e0:3b:e7:8a:f7:db:42:46:2c:
61:a0:d1:8a:65:48:c2:38:5c:67:6e:85:d2:b5:3f:
fe:dd:b4:7c:ea:35:dd:07:23:bb:a9:73:bf:fc:69:
2b:af:b8:50:29:dc:e8:d0:96:6e:25:fd:b4:86:11:
b5:09:97:29:ed:75:66:7f:f2:5f:c5:31:d0:c4:b3:
7d:ee:66:ba:36:c9:5e:fd:e0:d8:0c:c6:6c:6f:79:
cc:7f:0e:07:80:70:81:23:b5:e2:99:f9:ac:72:dd:
b6:79:bf:40:fc:9b:b0:ca:03:00:1c:ee:d5:9e:ca:
74:4d:75:3a:08:01:a1:cf:dc:e9:ab:13:06:68:fa:
8b:eb:5c:dc:26:bf:c8:1a:1d:16:b3:df:46:e8:5b:
58:d5:d7:82:2b:c4:57:cd:8b:62:94:ee:c9:d2:02:
63:eb:70:c2:3f:26:83:28:a7:38:a0:33:4a:2d:1d:
b3:82:b1:98:3e:54:a5:f2:46:61:34:1f:d0:b0:85:
29:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:66:96:0F:CF:49:D4:5D:0C:50:12:E5:CF:7B:C0:96:5D:71:C3:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
ac:b1:09:15:5e:99:c3:6c:35:e5:02:b7:be:dd:c5:c2:30:7a:
e8:b0:83:a4:ba:0a:0a:97:4f:1d:4b:db:05:09:4d:50:33:98:
08:70:f0:db:46:fc:d8:37:b0:cc:3c:0e:40:cb:57:30:2e:b8:
01:26:66:01:74:c9:54:15:a4:d2:b7:5c:c2:a7:1e:ee:d2:bb:
cf:c4:7b:b9:ad:04:90:ce:c5:72:ae:6a:b2:6c:2c:44:5a:44:
15:02:6e:a7:88:82:7d:10:75:ab:f8:08:26:10:c3:07:3d:25:
0d:7c:b0:f9:d5:23:99:e6:67:b9:dc:38:04:74:35:68:5c:8b:
a4:da:3e:6c:87:14:79:c2:e1:51:55:06:ca:96:81:b5:90:e7:
21:87:6f:1a:d7:41:71:7f:6b:02:c3:8c:95:b6:c4:fc:8e:83:
34:98:0c:3e:29:e7:4f:c6:c3:cc:85:cf:1e:30:b1:bb:e4:51:
97:18:a2:06:cd:c4:47:5c:c4:72:f1:26:5a:13:0a:7d:8c:93:
42:85:ac:b1:17:12:e6:eb:c4:80:a7:6e:e0:c4:a8:c9:73:2f:
75:05:a6:2e:36:83:54:e8:c8:7b:dc:dc:74:90:f9:94:60:26:
b3:a6:02:e0:5e:d5:d2:59:b3:4a:b4:d5:41:e1:ec:e7:14:c8:
e1:c8:f3:32
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUO2IX6E8CNdDy/MulYrXPlpePjfMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDQxOTUyMDJaFw0yNTEwMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkOWUzMzJmYjg1MWY4YTY1MmJiMWM3MjhkYjdhOTllMGMxYWY2MGYyN2Ez
ODE1ODY3OTJjNmE4MjRkYTBhOGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKE0RbxLG7+J5xdJ7EbzFQcD5ECtviPz8Qkeu6T/k26vsN9Qa6HEz563iVI/
zS28XWSkF5jKrLjckbcrJMwWKnHT4DvnivfbQkYsYaDRimVIwjhcZ26F0rU//t20
fOo13Qcju6lzv/xpK6+4UCnc6NCWbiX9tIYRtQmXKe11Zn/yX8Ux0MSzfe5mujbJ
Xv3g2AzGbG95zH8OB4BwgSO14pn5rHLdtnm/QPybsMoDABzu1Z7KdE11OggBoc/c
6asTBmj6i+tc3Ca/yBodFrPfRuhbWNXXgivEV82LYpTuydICY+twwj8mgyinOKAz
Si0ds4KxmD5UpfJGYTQf0LCFKWcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRVZpYP
z0nUXQxQEuXPe8CWXXHDhzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTdjZGIxMDctOWEzYy00ZTQxLTg3ZTItMTQ5Zjk4OWY3ZmFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
wDANBgkqhkiG9w0BAQsFAAOCAQEArLEJFV6Zw2w15QK3vt3FwjB66LCDpLoKCpdP
HUvbBQlNUDOYCHDw20b82DewzDwOQMtXMC64ASZmAXTJVBWk0rdcwqce7tK7z8R7
ua0EkM7Fcq5qsmwsRFpEFQJup4iCfRB1q/gIJhDDBz0lDXyw+dUjmeZnudw4BHQ1
aFyLpNo+bIcUecLhUVUGypaBtZDnIYdvGtdBcX9rAsOMlbbE/I6DNJgMPinnT8bD
zIXPHjCxu+RRlxiiBs3ER1zEcvEmWhMKfYyTQoWssRcS5uvEgKdu4MSoyXMvdQWm
LjaDVOjIe9zcdJD5lGAms6YC4F7V0lmzSrTVQeHs5xTI4cjzMg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:24 2025 by rpki-client