Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cceafdf4-c97a-45c6-a4d2-b319afc6f49e.roa
File: cceafdf4-c97a-45c6-a4d2-b319afc6f49e.roa (raw, json)
Hash identifier: lPPQ52WXoDsARxfX9UYstdY5fusK74vbJiDOtP/9KMc=
Subject key identifier: 3A:D0:1F:4E:5C:87:1A:AB:49:59:09:49:94:6C:07:01:7D:01:B7:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49BDC5865B8339F016EB428A383D24AE8E2C3D24
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cceafdf4-c97a-45c6-a4d2-b319afc6f49e.roa
Signing time: Fri 15 Aug 2025 15:41:38 +0000
ROA not before: Fri 15 Aug 2025 15:41:38 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:8040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:bd:c5:86:5b:83:39:f0:16:eb:42:8a:38:3d:24:ae:8e:2c:3d:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:41:38 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=4064e43e53a153108cb985b3ba7035d477f01813d03ec451c333b78f58ddd9dd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9d:b0:6b:ca:08:0d:85:41:c5:48:38:63:a9:
2b:f0:7f:12:4d:8c:bf:3b:be:eb:1c:15:bd:5c:29:
e5:6f:c0:3b:1f:03:98:8c:e3:6d:c3:87:0e:61:f3:
d5:bb:52:13:6e:3b:46:54:0f:ba:87:00:18:ad:e1:
de:2f:a2:ca:4f:f7:73:de:96:89:54:4f:96:8b:66:
7c:c7:4f:e5:ee:5e:bf:08:46:2e:a5:8c:59:80:44:
77:1d:60:ab:2a:c2:ff:92:d7:d8:b6:c1:46:1c:74:
01:f9:09:6c:2b:a6:e2:2f:c7:e4:c5:43:1a:ba:32:
47:1f:53:d6:35:64:3a:af:fb:54:69:94:4a:18:ed:
7d:14:f4:86:43:09:c5:be:ec:d2:78:86:31:82:ed:
f6:f0:e6:5c:08:1d:f4:72:c9:de:66:8e:7e:d1:56:
f0:4a:d6:5a:10:8d:58:2c:7b:bf:c2:a5:0b:98:10:
75:78:99:af:54:62:0a:4a:97:a5:85:b2:aa:d8:89:
97:ed:5b:c8:c8:4b:19:d1:fa:06:31:27:26:1c:3d:
e7:2a:02:34:8f:35:c2:5b:7f:2b:0c:3b:0b:1a:f3:
b2:19:5b:5d:2b:de:6f:b9:8f:a2:37:52:5a:b0:14:
42:65:85:60:cd:2a:be:b8:ef:5e:cd:52:b6:f2:23:
a8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D0:1F:4E:5C:87:1A:AB:49:59:09:49:94:6C:07:01:7D:01:B7:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cceafdf4-c97a-45c6-a4d2-b319afc6f49e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:8040::/46
Signature Algorithm: sha256WithRSAEncryption
86:dd:f1:6b:16:77:07:99:8c:9a:12:b4:9c:37:8c:8d:0b:97:
f6:3f:cc:5c:12:ea:8e:58:d8:5e:9b:f0:a5:50:1b:08:4a:3c:
69:60:39:99:36:09:ff:ec:7a:b4:ae:59:27:ac:25:af:bd:68:
f0:4c:b6:0a:42:21:1c:22:2b:e4:65:3e:bd:aa:01:f1:1f:8d:
b7:40:e4:55:64:70:41:c9:40:68:b1:08:f4:e2:74:a8:91:8a:
a7:02:a8:e7:7b:51:cf:9a:5a:4d:5c:b4:e9:7d:34:14:08:6c:
cf:94:e3:12:f3:f5:36:a1:49:7a:95:1f:8d:19:51:7e:00:0f:
80:bd:c0:7b:70:a9:18:3a:d2:78:91:bc:29:fb:9e:6a:45:57:
7e:f6:e0:a1:b3:34:20:60:16:a3:58:7a:83:c9:ff:86:55:39:
92:3b:0a:c3:67:98:14:e5:9f:0b:47:ed:b9:c2:2b:15:8a:fd:
ff:d9:9d:1b:9d:ce:66:2b:15:a7:28:93:f8:57:97:13:56:5a:
3f:44:ab:91:1d:65:22:78:b2:28:8b:9a:b5:f2:21:c1:73:a4:
e4:77:e6:93:c8:81:45:cc:ce:05:b0:7e:0d:83:97:e2:2a:ea:
a4:6f:ac:dd:a8:f2:ac:96:60:64:ed:94:1b:40:e7:6b:d9:72:
e2:7c:fb:2a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSb3FhluDOfAW60KKOD0kro4sPSQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTQxMzhaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwNjRlNDNlNTNhMTUzMTA4Y2I5ODViM2JhNzAzNWQ0NzdmMDE4MTNkMDNl
YzQ1MWMzMzNiNzhmNThkZGQ5ZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALidsGvKCA2FQcVIOGOpK/B/Ek2Mvzu+6xwVvVwp5W/AOx8DmIzjbcOHDmHz
1btSE247RlQPuocAGK3h3i+iyk/3c96WiVRPlotmfMdP5e5evwhGLqWMWYBEdx1g
qyrC/5LX2LbBRhx0AfkJbCum4i/H5MVDGroyRx9T1jVkOq/7VGmUShjtfRT0hkMJ
xb7s0niGMYLt9vDmXAgd9HLJ3maOftFW8ErWWhCNWCx7v8KlC5gQdXiZr1RiCkqX
pYWyqtiJl+1byMhLGdH6BjEnJhw95yoCNI81wlt/Kww7CxrzshlbXSveb7mPojdS
WrAUQmWFYM0qvrjvXs1StvIjqH0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ60B9O
XIcaq0lZCUmUbAcBfQG3ZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2NlYWZkZjQtYzk3YS00NWM2LWE0ZDItYjMxOWFmYzZmNDllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA
QDANBgkqhkiG9w0BAQsFAAOCAQEAht3xaxZ3B5mMmhK0nDeMjQuX9j/MXBLqjljY
XpvwpVAbCEo8aWA5mTYJ/+x6tK5ZJ6wlr71o8Ey2CkIhHCIr5GU+vaoB8R+Nt0Dk
VWRwQclAaLEI9OJ0qJGKpwKo53tRz5paTVy06X00FAhsz5TjEvP1NqFJepUfjRlR
fgAPgL3Ae3CpGDrSeJG8KfueakVXfvbgobM0IGAWo1h6g8n/hlU5kjsKw2eYFOWf
C0ftucIrFYr9/9mdG53OZisVpyiT+FeXE1ZaP0SrkR1lIniyKIuatfIhwXOk5Hfm
k8iBRczOBbB+DYOX4irqpG+s3ajyrJZgZO2UG0Dna9ly4nz7Kg==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:42 2025 by rpki-client