Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6265269-370a-4e3b-983b-9bec3a5c535a.roa
File: d6265269-370a-4e3b-983b-9bec3a5c535a.roa (raw, json)
Hash identifier: Zx7ekJ+6DunGAi1fU/T49uiAOmdsfG8OQ+FBxxjci0s=
Subject key identifier: 1D:1C:0E:D8:27:AA:93:C7:1A:A4:89:3A:22:DF:CA:7F:E2:8B:F7:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D96AAEDAF62551FBBB11F5D7A45FD9818A12114
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6265269-370a-4e3b-983b-9bec3a5c535a.roa
Signing time: Fri 15 Aug 2025 15:50:51 +0000
ROA not before: Fri 15 Aug 2025 15:50:51 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:96:aa:ed:af:62:55:1f:bb:b1:1f:5d:7a:45:fd:98:18:a1:21:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:50:51 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=6c4935f79ae41d42bcdc87fe79086d77abdcb46c49214135699ca1bb6a91cd60, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:34:33:55:da:13:a9:87:14:83:19:a9:2a:96:
71:c1:d1:f2:23:16:76:e4:ab:93:90:59:7c:12:5b:
64:77:69:0e:4a:ad:ed:55:b1:7c:6f:f5:e8:dd:78:
b9:e2:d3:3a:21:70:bd:4e:97:0b:ae:8d:6b:c5:d0:
b1:2a:15:c6:0c:00:68:fa:ec:65:f3:23:fa:42:e6:
fe:40:f6:c9:f0:c2:a1:f8:10:ad:ed:25:fa:de:3f:
59:54:0e:d7:89:f4:c7:4f:ca:17:16:f4:d2:6a:33:
2d:70:c1:6a:ea:eb:c4:0b:35:64:c9:f4:bf:92:f7:
9c:00:c5:b2:92:dc:68:b5:25:bd:95:21:da:12:4a:
be:12:0e:be:e2:d6:28:79:94:9d:f5:eb:0d:06:26:
6f:dd:e2:bf:d3:55:ab:7f:19:7c:a1:bf:43:47:a9:
ba:7f:1f:ae:38:78:f6:fc:2c:31:81:b6:65:f0:a0:
ad:de:6e:e8:fb:89:6a:69:99:c8:cd:8a:29:d6:74:
59:96:66:08:c4:25:27:11:d3:8c:38:79:fe:68:a8:
c4:30:c4:4d:3e:18:75:08:54:8a:9d:52:81:2a:43:
06:04:5f:74:89:33:67:41:97:60:93:8b:17:c9:f1:
32:65:d2:e4:a2:b4:e3:2e:4d:ba:76:38:61:bb:15:
13:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:1C:0E:D8:27:AA:93:C7:1A:A4:89:3A:22:DF:CA:7F:E2:8B:F7:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6265269-370a-4e3b-983b-9bec3a5c535a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:e000::/40
Signature Algorithm: sha256WithRSAEncryption
72:0a:33:93:ce:ea:29:92:7a:d7:42:88:6c:47:80:35:94:f4:
be:81:d9:6a:bc:a4:7f:d5:1e:73:22:91:d2:ef:d8:82:df:02:
37:8e:63:58:16:58:1d:4c:c0:62:02:3c:42:d5:0e:51:7c:e5:
b3:d1:96:3a:08:1f:fd:18:5b:32:5d:65:ac:4d:d8:e3:7c:0f:
83:7d:49:df:9e:24:90:9a:14:a0:08:8b:9a:b4:fe:c7:42:f6:
8b:5a:b4:cb:79:2e:c3:b1:4f:37:dd:f4:2d:83:d6:d5:90:23:
9d:a4:04:63:f3:f4:85:66:14:58:9e:1e:70:82:76:6d:db:d6:
d0:50:59:7b:c0:73:a4:12:43:fa:fc:f2:f4:76:7d:3d:c7:60:
af:ba:ce:8e:8b:61:36:33:2d:0b:46:a2:30:2b:02:e6:05:7a:
39:b1:bc:c0:ba:1e:82:19:ea:df:cc:b9:22:d1:a7:85:32:bb:
84:e7:18:24:07:c4:48:93:c3:f2:83:3f:58:75:3a:88:f2:5b:
ae:ec:e6:ae:89:a9:fb:23:b1:44:48:3e:4b:a8:17:78:5f:2d:
6b:b1:a6:48:9f:83:7a:95:4b:17:22:fc:7e:a9:87:c8:1c:7f:
dc:46:ff:af:fe:38:6a:46:db:73:c6:1f:6c:94:3a:c5:53:18:
79:d1:86:90
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHZaq7a9iVR+7sR9dekX9mBihIRQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTUwNTFaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjNDkzNWY3OWFlNDFkNDJiY2RjODdmZTc5MDg2ZDc3YWJkY2I0NmM0OTIx
NDEzNTY5OWNhMWJiNmE5MWNkNjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMY0M1XaE6mHFIMZqSqWccHR8iMWduSrk5BZfBJbZHdpDkqt7VWxfG/16N14
ueLTOiFwvU6XC66Na8XQsSoVxgwAaPrsZfMj+kLm/kD2yfDCofgQre0l+t4/WVQO
14n0x0/KFxb00mozLXDBaurrxAs1ZMn0v5L3nADFspLcaLUlvZUh2hJKvhIOvuLW
KHmUnfXrDQYmb93iv9NVq38ZfKG/Q0epun8frjh49vwsMYG2ZfCgrd5u6PuJammZ
yM2KKdZ0WZZmCMQlJxHTjDh5/mioxDDETT4YdQhUip1SgSpDBgRfdIkzZ0GXYJOL
F8nxMmXS5KK04y5NunY4YbsVEw0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQdHA7Y
J6qTxxqkiToi38p/4ov3kzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDYyNjUyNjktMzcwYS00ZTNiLTk4M2ItOWJlYzNhNWM1MzVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HPg
MA0GCSqGSIb3DQEBCwUAA4IBAQByCjOTzuopknrXQohsR4A1lPS+gdlqvKR/1R5z
IpHS79iC3wI3jmNYFlgdTMBiAjxC1Q5RfOWz0ZY6CB/9GFsyXWWsTdjjfA+DfUnf
niSQmhSgCIuatP7HQvaLWrTLeS7DsU833fQtg9bVkCOdpARj8/SFZhRYnh5wgnZt
29bQUFl7wHOkEkP6/PL0dn09x2Cvus6Oi2E2My0LRqIwKwLmBXo5sbzAuh6CGerf
zLki0aeFMruE5xgkB8RIk8Pygz9YdTqI8luu7Oauian7I7FESD5LqBd4Xy1rsaZI
n4N6lUsXIvx+qYfIHH/cRv+v/jhqRttzxh9slDrFUxh50YaQ
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:15 2025 by rpki-client