Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0f2e0c7-6d9c-428b-85e5-6a924e7414db.roa
File: e0f2e0c7-6d9c-428b-85e5-6a924e7414db.roa (raw, json)
Hash identifier: TOpxQ6eJ04XOLm2jG+J6zyeBxmf0ktmrsdnxZMR7Vsg=
Subject key identifier: 81:BB:70:3B:4A:7E:8B:B5:A7:F0:36:02:46:7C:14:53:48:08:D6:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0271361E7FC5EFD06D3A69F6EAFE312CBEBDEC36
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0f2e0c7-6d9c-428b-85e5-6a924e7414db.roa
Signing time: Fri 15 Aug 2025 15:41:25 +0000
ROA not before: Fri 15 Aug 2025 15:41:25 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:50c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:71:36:1e:7f:c5:ef:d0:6d:3a:69:f6:ea:fe:31:2c:be:bd:ec:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:41:25 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=12f07561e025b2b7141050735b88b86a876eb34944d6c1d822e7bb3b69678bfc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6f:f8:e9:4a:0e:60:7a:ce:bc:66:b4:1d:57:
73:0e:f1:be:46:7e:84:b4:f7:b3:74:2f:2a:28:1b:
67:be:75:46:ec:cb:a1:d1:5a:07:41:f0:50:8c:5f:
03:3e:12:8c:dc:a3:ce:c7:fe:e5:b5:cb:ba:1e:1d:
44:c0:23:bf:87:b1:db:6a:42:47:85:3d:e1:61:71:
b4:9e:46:31:d3:4c:42:e6:a4:ec:79:8e:ba:9c:34:
2b:0b:57:7e:db:de:5b:b7:0d:34:06:78:71:8f:44:
2d:b4:28:69:05:f4:87:8d:53:48:34:07:f6:b4:7a:
50:12:00:6c:8f:38:f1:9d:7b:d0:34:65:2b:c7:bd:
5e:74:c5:b7:3c:01:f3:01:ad:92:c6:ce:fd:ff:93:
4b:34:ec:7c:84:5b:f1:ac:4e:f7:de:71:47:d8:71:
c1:d1:9d:42:d1:d7:c7:02:b7:64:21:d3:a4:48:72:
73:7e:d9:aa:e2:e1:cc:99:d9:a0:57:00:8c:6a:e1:
b4:67:b5:d9:36:e8:f9:16:62:ee:c0:3b:e0:9f:9f:
03:d9:5b:e6:aa:12:41:94:9c:72:46:78:89:17:a7:
f9:97:e0:0b:4a:26:4b:77:c7:c0:aa:78:12:b4:a3:
22:12:d9:ea:95:57:af:05:93:c0:4b:6d:0f:8b:a6:
be:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:BB:70:3B:4A:7E:8B:B5:A7:F0:36:02:46:7C:14:53:48:08:D6:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0f2e0c7-6d9c-428b-85e5-6a924e7414db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:50c0::/46
Signature Algorithm: sha256WithRSAEncryption
a3:2c:51:6c:5b:2a:04:8a:54:93:14:76:67:21:8c:3d:61:f9:
e9:e3:83:56:b7:80:8a:a0:a2:1e:f9:01:d3:4c:0a:5a:37:62:
dd:72:65:57:e4:a9:8f:b6:e1:aa:f0:bf:75:76:05:a5:6d:3b:
0e:16:ee:43:36:bf:aa:8a:ac:c9:24:3d:cb:7b:61:40:b5:8c:
75:53:4e:e1:2f:04:dc:8d:d0:e3:48:4b:12:4d:4d:46:65:27:
c9:c5:5d:3b:c4:b0:7a:7b:d4:1f:67:94:9e:f3:7c:7a:6e:21:
ca:60:3b:2b:a2:70:d5:1c:f4:36:d8:21:fb:80:80:f2:ad:b0:
94:5f:fb:54:43:ab:02:0a:6d:48:96:e6:3a:c2:db:9b:f5:06:
08:49:60:31:13:ee:6a:7d:0f:5e:7a:34:10:57:83:e7:e7:71:
3b:da:30:40:5b:11:58:e0:08:87:c1:96:bd:82:83:55:96:e1:
3a:4a:eb:9f:d7:3d:b0:72:a4:64:9e:3f:87:c8:66:4e:47:a4:
03:5d:68:ec:29:4e:66:15:d0:6a:76:5e:09:0a:19:00:12:9b:
4d:4d:8a:33:f4:a3:ee:34:7a:80:2f:e8:6c:77:71:10:18:1d:
79:0f:e6:9f:b7:f7:61:fa:a4:e3:c0:a1:b8:76:9c:68:a1:e3:
8e:4e:2b:d9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAnE2Hn/F79BtOmn26v4xLL697DYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTQxMjVaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyZjA3NTYxZTAyNWIyYjcxNDEwNTA3MzViODhiODZhODc2ZWIzNDk0NGQ2
YzFkODIyZTdiYjNiNjk2NzhiZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9v+OlKDmB6zrxmtB1Xcw7xvkZ+hLT3s3QvKigbZ751RuzLodFaB0HwUIxf
Az4SjNyjzsf+5bXLuh4dRMAjv4ex22pCR4U94WFxtJ5GMdNMQuak7HmOupw0KwtX
ftveW7cNNAZ4cY9ELbQoaQX0h41TSDQH9rR6UBIAbI848Z170DRlK8e9XnTFtzwB
8wGtksbO/f+TSzTsfIRb8axO995xR9hxwdGdQtHXxwK3ZCHTpEhyc37ZquLhzJnZ
oFcAjGrhtGe12Tbo+RZi7sA74J+fA9lb5qoSQZScckZ4iRen+ZfgC0omS3fHwKp4
ErSjIhLZ6pVXrwWTwEttD4umvk0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSBu3A7
Sn6LtafwNgJGfBRTSAjWKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTBmMmUwYzctNmQ5Yy00MjhiLTg1ZTUtNmE5MjRlNzQxNGRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAoyxRbFsqBIpUkxR2ZyGMPWH56eODVreAiqCi
HvkB00wKWjdi3XJlV+Spj7bhqvC/dXYFpW07DhbuQza/qoqsySQ9y3thQLWMdVNO
4S8E3I3Q40hLEk1NRmUnycVdO8SwenvUH2eUnvN8em4hymA7K6Jw1Rz0Ntgh+4CA
8q2wlF/7VEOrAgptSJbmOsLbm/UGCElgMRPuan0PXno0EFeD5+dxO9owQFsRWOAI
h8GWvYKDVZbhOkrrn9c9sHKkZJ4/h8hmTkekA11o7ClOZhXQanZeCQoZABKbTU2K
M/Sj7jR6gC/obHdxEBgdeQ/mn7f3Yfqk48ChuHacaKHjjk4r2Q==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:40 2025 by rpki-client