Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb75e53e-4e44-41b7-95dd-e3d54ff36386.roa
File: cb75e53e-4e44-41b7-95dd-e3d54ff36386.roa (raw, json)
Hash identifier: 3Nts5ZwCUJqwIvhFQFsAnk9Vjl6zNKrP52255CflQwM=
Subject key identifier: CA:53:32:51:0C:64:45:79:FB:5E:5A:73:18:DF:3C:FA:52:2D:85:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E5BC202DD62B1A1F2E0E0B7CE6C746E18A71943
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb75e53e-4e44-41b7-95dd-e3d54ff36386.roa
Signing time: Mon 25 Aug 2025 16:36:56 +0000
ROA not before: Mon 25 Aug 2025 16:36:56 +0000
ROA not after: Mon 29 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:f000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:5b:c2:02:dd:62:b1:a1:f2:e0:e0:b7:ce:6c:74:6e:18:a7:19:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 25 16:36:56 2025 GMT
Not After : Sep 29 23:59:59 2025 GMT
Subject: serialNumber=3c047b1e62ccf8cda6b241fc61111b9e392f7779f0ee8e6f5d63f8ac5dd7d346, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:db:ba:6a:f2:6e:41:c8:cb:27:ef:53:89:a7:
47:b0:95:c4:80:df:b5:24:aa:07:2a:b1:85:9a:ab:
84:a7:dc:0a:50:3b:34:02:04:f4:db:63:1f:9f:08:
e1:d7:4a:67:42:d8:16:c2:41:2d:ce:58:58:ed:67:
52:61:d3:ea:14:0e:e8:38:f7:cd:f0:e2:83:5d:f8:
eb:76:2a:3f:bd:fa:bc:24:fd:50:52:ab:84:c0:c8:
f8:e6:3a:d8:89:29:e8:d8:3f:29:d7:f8:f0:71:13:
cb:8d:30:03:3f:72:63:b2:2f:70:f4:ce:0f:ea:71:
7b:00:17:38:a5:4d:ad:86:2e:91:a7:8f:21:c9:55:
b0:d6:b7:9b:c1:d6:b1:63:15:6c:e9:6e:e4:8c:a3:
63:b6:f2:6d:40:f5:c2:f8:6b:f7:92:ee:92:ef:9b:
6a:80:cc:e5:c5:55:24:0f:94:f7:40:0a:5c:5f:f2:
4d:e1:e1:d1:49:a3:29:8a:09:67:20:d2:a5:d3:a2:
7d:37:c1:35:07:1c:9f:c6:70:fe:46:75:6c:86:70:
4f:66:c6:34:c3:88:dc:26:70:28:1e:ff:99:65:ab:
4a:c4:85:af:70:d9:3f:a1:03:69:ae:df:97:ec:e6:
8d:51:6d:5f:55:d2:f5:cc:a3:19:80:7b:53:79:e8:
e5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:53:32:51:0C:64:45:79:FB:5E:5A:73:18:DF:3C:FA:52:2D:85:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb75e53e-4e44-41b7-95dd-e3d54ff36386.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:f000::/40
Signature Algorithm: sha256WithRSAEncryption
43:44:f3:f5:72:6c:52:ab:33:52:bc:9d:12:f5:e1:fa:e0:3e:
16:fa:57:6b:dc:a8:65:56:b2:b9:d7:db:2c:fe:ae:5d:7a:33:
7d:a0:3a:ed:d8:7f:5d:87:ba:31:93:06:17:20:05:f3:38:70:
3c:3a:41:7a:5c:1c:26:2b:cb:37:63:d8:a4:c6:c3:56:89:f5:
df:18:a2:05:13:ee:ac:fc:79:86:96:56:35:1a:42:63:6b:be:
77:c3:6c:c1:9b:34:ef:3b:1c:79:d7:59:65:01:7b:8e:6b:00:
c4:dd:d0:79:ee:1d:ef:5d:df:86:21:10:53:25:ca:5e:52:dc:
71:e6:bb:74:f5:28:d6:d3:3d:87:91:31:34:20:14:7b:eb:57:
f2:5d:4f:b5:24:64:00:33:d3:a9:15:b6:9d:89:e3:02:1e:3a:
64:3a:b0:3c:bd:0e:dd:ae:6f:b5:57:8e:4e:48:9d:4d:c4:79:
fb:a6:c0:d1:0b:9b:2b:22:7d:00:4f:f7:d6:46:75:c4:d6:19:
6d:6d:1d:ff:07:20:bb:6c:23:79:a5:9f:28:db:ec:22:aa:5b:
8b:20:91:6f:a8:6f:8e:6f:03:fd:29:51:0f:c4:45:a2:e8:33:
b1:3c:5a:69:c8:1e:db:76:39:c9:85:02:91:ca:18:c4:99:7c:
6b:4b:a9:00
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUblvCAt1isaHy4OC3zmx0bhinGUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjUxNjM2NTZaFw0yNTA5MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjMDQ3YjFlNjJjY2Y4Y2RhNmIyNDFmYzYxMTExYjllMzkyZjc3NzlmMGVl
OGU2ZjVkNjNmOGFjNWRkN2QzNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTbumrybkHIyyfvU4mnR7CVxIDftSSqByqxhZqrhKfcClA7NAIE9NtjH58I
4ddKZ0LYFsJBLc5YWO1nUmHT6hQO6Dj3zfDig13463YqP736vCT9UFKrhMDI+OY6
2Ikp6Ng/Kdf48HETy40wAz9yY7IvcPTOD+pxewAXOKVNrYYukaePIclVsNa3m8HW
sWMVbOlu5IyjY7bybUD1wvhr95Luku+baoDM5cVVJA+U90AKXF/yTeHh0UmjKYoJ
ZyDSpdOifTfBNQccn8Zw/kZ1bIZwT2bGNMOI3CZwKB7/mWWrSsSFr3DZP6EDaa7f
l+zmjVFtX1XS9cyjGYB7U3no5bMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKUzJR
DGRFefteWnMY3zz6Ui2F1zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I3NWU1M2UtNGU0NC00MWI3LTk1ZGQtZTNkNTRmZjM2Mzg2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADw
MA0GCSqGSIb3DQEBCwUAA4IBAQBDRPP1cmxSqzNSvJ0S9eH64D4W+ldr3KhlVrK5
19ss/q5dejN9oDrt2H9dh7oxkwYXIAXzOHA8OkF6XBwmK8s3Y9ikxsNWifXfGKIF
E+6s/HmGllY1GkJja753w2zBmzTvOxx511llAXuOawDE3dB57h3vXd+GIRBTJcpe
Utxx5rt09SjW0z2HkTE0IBR761fyXU+1JGQAM9OpFbadieMCHjpkOrA8vQ7drm+1
V45OSJ1NxHn7psDRC5srIn0AT/fWRnXE1hltbR3/ByC7bCN5pZ8o2+wiqluLIJFv
qG+ObwP9KVEPxEWi6DOxPFppyB7bdjnJhQKRyhjEmXxrS6kA
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:02 2025 by rpki-client