Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/904a13d7-baa1-4bc7-b805-601d0b998680.roa
File: 904a13d7-baa1-4bc7-b805-601d0b998680.roa (raw, json)
Hash identifier: c8dNUCtQf8+D5lcdl7ioIaAkfcBj5pkmbAsmTvwl9m8=
Subject key identifier: 15:DB:49:8E:ED:DD:CA:BB:B3:C9:AA:6B:9B:48:CC:59:43:81:AA:CC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51E09202D7FB52509E0731D3CD11B79FA419B709
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/904a13d7-baa1-4bc7-b805-601d0b998680.roa
Signing time: Mon 01 Sep 2025 20:40:58 +0000
ROA not before: Mon 01 Sep 2025 20:40:58 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:e0:92:02:d7:fb:52:50:9e:07:31:d3:cd:11:b7:9f:a4:19:b7:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:40:58 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=4b5ec98453cddd0735bee9d842e4b75ebd84996512bc606cce7a93c2db0873cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:11:d8:b3:57:80:40:6a:78:8e:6e:45:b7:ae:
8f:00:b3:2b:23:0b:7c:8b:87:8e:fd:c9:8e:8d:e4:
f1:8e:24:b9:a6:fe:29:e6:be:99:90:ce:41:47:54:
1d:bf:14:c4:ce:52:99:c3:bc:11:1f:3e:93:db:d5:
f6:c6:f3:15:1d:6d:d0:6c:07:55:e4:ac:10:2b:87:
9d:b6:08:df:bc:03:51:78:27:c4:ec:44:c1:8c:a2:
21:84:99:ab:8c:b1:c4:c4:df:25:10:0b:e9:0a:c2:
fe:6e:69:f9:e6:4d:da:7e:15:30:c0:48:f9:48:60:
10:a9:80:3b:62:23:07:7c:d5:1f:e6:95:9e:12:04:
e3:b1:6b:7b:60:cd:71:7d:76:8f:fb:d0:55:b2:e3:
f7:8e:82:7c:f0:5b:98:99:b5:cb:f2:05:b0:eb:40:
aa:30:61:9d:d6:7e:77:02:69:55:8a:8b:60:f3:b9:
b0:a1:50:8e:5c:f6:22:22:27:58:cb:3d:20:c5:a7:
a2:3f:31:32:08:89:f0:c8:90:bf:24:22:32:f3:70:
1b:03:f0:93:9d:7d:6d:c9:49:74:ce:b3:d5:03:b5:
8a:ee:55:cd:fb:cc:28:3a:e3:73:84:77:44:2a:70:
e6:a8:4f:eb:44:11:63:72:a4:df:b3:b2:a1:b4:1e:
3d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:DB:49:8E:ED:DD:CA:BB:B3:C9:AA:6B:9B:48:CC:59:43:81:AA:CC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/904a13d7-baa1-4bc7-b805-601d0b998680.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:8000::/40
Signature Algorithm: sha256WithRSAEncryption
4c:5b:7d:47:4f:28:4f:45:62:1e:72:8b:76:1b:33:83:3b:a1:
65:5b:f4:f8:eb:b3:0f:9c:8d:af:e4:db:59:19:7c:fb:14:98:
5c:f2:35:ba:05:3f:2a:88:77:34:fc:45:2a:9f:c6:b4:d6:34:
e3:34:76:28:1a:48:96:44:40:56:6b:ed:00:6b:56:10:fa:a2:
20:a5:7e:41:3e:c2:a2:99:29:65:77:c3:f5:30:3e:f8:77:46:
8f:83:bc:dc:37:aa:72:77:16:9d:55:60:93:51:25:44:40:a2:
15:10:52:58:39:8f:a4:9d:4d:b3:ba:3c:82:ef:37:a6:69:ba:
43:64:26:1e:f0:44:af:af:69:49:0e:7c:30:f6:35:15:45:2e:
1c:79:84:ea:02:90:8e:88:15:66:dc:0f:c1:d5:6f:be:ea:87:
b4:a3:7a:f4:37:30:e3:46:b2:22:09:14:84:ae:5d:2a:5e:7f:
ea:b7:b1:dc:e7:ad:e1:ef:2e:d3:b8:36:7b:60:cf:6e:5a:62:
17:4e:81:f2:e3:84:b7:43:72:89:58:d5:aa:3b:05:eb:ab:20:
50:fd:b0:0f:c1:79:af:be:99:41:69:24:1a:0e:fe:8d:49:b9:
f9:44:72:90:54:9c:d4:0b:39:b8:99:d9:91:d2:06:f4:e5:40:
bd:20:3b:66
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUeCSAtf7UlCeBzHTzRG3n6QZtwkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQwNThaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiNWVjOTg0NTNjZGRkMDczNWJlZTlkODQyZTRiNzVlYmQ4NDk5NjUxMmJj
NjA2Y2NlN2E5M2MyZGIwODczY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN8R2LNXgEBqeI5uRbeujwCzKyMLfIuHjv3Jjo3k8Y4kuab+Kea+mZDOQUdU
Hb8UxM5SmcO8ER8+k9vV9sbzFR1t0GwHVeSsECuHnbYI37wDUXgnxOxEwYyiIYSZ
q4yxxMTfJRAL6QrC/m5p+eZN2n4VMMBI+UhgEKmAO2IjB3zVH+aVnhIE47Fre2DN
cX12j/vQVbLj946CfPBbmJm1y/IFsOtAqjBhndZ+dwJpVYqLYPO5sKFQjlz2IiIn
WMs9IMWnoj8xMgiJ8MiQvyQiMvNwGwPwk519bclJdM6z1QO1iu5VzfvMKDrjc4R3
RCpw5qhP60QRY3Kk37OyobQePQUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQV20mO
7d3Ku7PJqmubSMxZQ4GqzDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTA0YTEzZDctYmFhMS00YmM3LWI4MDUtNjAxZDBiOTk4NjgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCA
MA0GCSqGSIb3DQEBCwUAA4IBAQBMW31HTyhPRWIecot2GzODO6FlW/T467MPnI2v
5NtZGXz7FJhc8jW6BT8qiHc0/EUqn8a01jTjNHYoGkiWREBWa+0Aa1YQ+qIgpX5B
PsKimSlld8P1MD74d0aPg7zcN6pydxadVWCTUSVEQKIVEFJYOY+knU2zujyC7zem
abpDZCYe8ESvr2lJDnww9jUVRS4ceYTqApCOiBVm3A/B1W++6oe0o3r0NzDjRrIi
CRSErl0qXn/qt7Hc563h7y7TuDZ7YM9uWmIXToHy44S3Q3KJWNWqOwXrqyBQ/bAP
wXmvvplBaSQaDv6NSbn5RHKQVJzUCzm4mdmR0gb05UC9IDtm
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:09:28 2025 by rpki-client