Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa
File: 8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa (raw, json)
Hash identifier: Cay88Z8sGvc5MsTtx9BrQ4YlUvRS6/q8eLWmPW1qQsg=
Subject key identifier: 4E:77:5D:26:8C:E1:97:D0:39:91:E4:38:8B:E2:9F:9C:FB:B0:0A:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FC515ABA00F0C065DAECB24DA870F6DAEC34A93
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa
Signing time: Mon 01 Sep 2025 21:01:01 +0000
ROA not before: Mon 01 Sep 2025 21:01:01 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:c5:15:ab:a0:0f:0c:06:5d:ae:cb:24:da:87:0f:6d:ae:c3:4a:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:01:01 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=b6f907541bedf7f28acf19912f5fd4db976a0096c7d6aac7a244bf2f96a154c7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8e:6c:68:31:6a:cc:f0:a9:c8:e2:cb:8a:4b:
94:43:b1:83:31:9c:4a:37:1d:6a:03:43:5b:e2:94:
ce:5a:a8:7a:5f:a3:b1:7f:8c:27:22:50:e8:8f:b9:
24:7e:80:40:bd:29:72:70:0f:08:b4:2a:94:70:6e:
9b:45:ad:4c:8d:db:aa:cd:7d:91:a7:04:3f:cb:a4:
f9:8b:ab:69:f8:36:45:ca:f1:9f:a8:4a:9e:30:6b:
80:8a:07:c1:2b:cc:09:ba:62:9f:28:3c:40:b6:3e:
f7:75:4d:d2:db:9a:6b:38:a6:22:08:13:c6:0c:47:
f6:a9:48:f4:e1:e1:8a:56:b4:14:e9:66:73:f5:ab:
f4:06:b3:e0:cc:af:7d:e3:c8:50:0c:4b:d1:bf:51:
b5:ad:0e:95:17:42:14:e6:8a:3c:1a:b5:36:c0:f1:
7a:b0:c7:a8:91:0b:1b:66:ea:26:02:e1:3c:aa:77:
1a:9f:fb:ee:35:e9:11:41:7f:f9:00:a1:fe:77:51:
36:48:62:da:de:05:d6:7d:f3:d5:e9:40:40:c3:34:
fe:4d:af:3b:25:66:70:a9:01:8c:f7:84:13:60:ef:
79:ac:4d:81:7d:3f:68:ff:29:38:72:56:80:18:73:
66:35:84:59:e1:ff:b4:b4:e6:40:1f:1f:cb:6f:e4:
df:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:77:5D:26:8C:E1:97:D0:39:91:E4:38:8B:E2:9F:9C:FB:B0:0A:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:8000::/40
Signature Algorithm: sha256WithRSAEncryption
c6:c2:37:c2:36:e2:1b:b2:09:08:83:a2:03:e5:88:59:5f:6a:
5c:b2:a6:c6:aa:87:fd:b6:0e:6a:24:d7:b3:a6:a1:6c:2e:c9:
33:87:5a:3b:2c:58:37:aa:01:10:39:72:18:80:65:8f:a0:c7:
7f:0d:66:77:7e:d6:f1:18:5e:9a:0f:de:a9:ea:86:01:c1:e7:
d3:ef:da:ad:c5:57:ff:c5:51:f9:e2:7b:48:ba:40:66:5f:30:
47:6a:5e:c8:78:61:18:c5:25:e6:73:44:8e:63:7b:c6:4d:dd:
2e:2e:2c:4d:4f:6d:a1:5d:8e:06:3d:9d:ab:03:64:4b:73:33:
21:d7:10:33:d0:5f:aa:6e:bc:13:3d:81:32:8f:f4:2f:c8:4c:
3f:0a:e6:03:22:fd:ac:f1:1e:95:a2:a1:16:7f:d1:16:45:59:
56:69:c4:42:7a:48:a8:7c:e7:d5:0d:da:02:e5:a1:f2:fe:97:
c2:27:c1:f2:8b:31:bb:e1:09:7a:b7:7f:e8:6c:0d:7b:2d:af:
a1:67:0f:e4:88:d6:a3:57:10:11:f9:48:d4:89:97:f1:20:3e:
ab:00:c2:b6:e6:f8:ab:96:d1:9d:4c:ed:76:a7:d9:0d:cc:7a:
57:6e:e6:4c:b2:bd:f0:16:cd:42:35:67:0e:75:e0:0b:5e:68:
18:6f:1f:c5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT8UVq6APDAZdrssk2ocPba7DSpMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAxMDFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2ZjkwNzU0MWJlZGY3ZjI4YWNmMTk5MTJmNWZkNGRiOTc2YTAwOTZjN2Q2
YWFjN2EyNDRiZjJmOTZhMTU0YzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKuObGgxaszwqcjiy4pLlEOxgzGcSjcdagNDW+KUzlqoel+jsX+MJyJQ6I+5
JH6AQL0pcnAPCLQqlHBum0WtTI3bqs19kacEP8uk+Yurafg2Rcrxn6hKnjBrgIoH
wSvMCbpinyg8QLY+93VN0tuaazimIggTxgxH9qlI9OHhila0FOlmc/Wr9Aaz4Myv
fePIUAxL0b9Rta0OlRdCFOaKPBq1NsDxerDHqJELG2bqJgLhPKp3Gp/77jXpEUF/
+QCh/ndRNkhi2t4F1n3z1elAQMM0/k2vOyVmcKkBjPeEE2DveaxNgX0/aP8pOHJW
gBhzZjWEWeH/tLTmQB8fy2/k3yUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBROd10m
jOGX0DmR5DiL4p+c+7AKWzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGE1N2U5ODItYzZiOC00YWE3LWIzMGEtMzhiZWQ2NGRmYzMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+A
MA0GCSqGSIb3DQEBCwUAA4IBAQDGwjfCNuIbsgkIg6ID5YhZX2pcsqbGqof9tg5q
JNezpqFsLskzh1o7LFg3qgEQOXIYgGWPoMd/DWZ3ftbxGF6aD96p6oYBwefT79qt
xVf/xVH54ntIukBmXzBHal7IeGEYxSXmc0SOY3vGTd0uLixNT22hXY4GPZ2rA2RL
czMh1xAz0F+qbrwTPYEyj/QvyEw/CuYDIv2s8R6VoqEWf9EWRVlWacRCekiofOfV
DdoC5aHy/pfCJ8HyizG74Ql6t3/obA17La+hZw/kiNajVxAR+UjUiZfxID6rAMK2
5virltGdTO12p9kNzHpXbuZMsr3wFs1CNWcOdeALXmgYbx/F
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:47 2025 by rpki-client