Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2d9776f-9750-4d76-93f4-210836f1105b.roa
File: e2d9776f-9750-4d76-93f4-210836f1105b.roa (raw, json)
Hash identifier: TQUCiwyqEpI7ukKGeEXSogB9fNdf5Y7lluTwaPuScMk=
Subject key identifier: 15:C1:56:37:9B:3A:ED:BA:5F:45:8C:87:77:56:2B:B7:68:C6:DE:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 56FC8DCB36A02218D06EA382376423FAF651C705
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2d9776f-9750-4d76-93f4-210836f1105b.roa
Signing time: Fri 15 Aug 2025 15:40:05 +0000
ROA not before: Fri 15 Aug 2025 15:40:05 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:fc:8d:cb:36:a0:22:18:d0:6e:a3:82:37:64:23:fa:f6:51:c7:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:40:05 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=48be71b59f000a9036c91ff227a83791e80d5e9fb0ae4152a0af88355c991d89, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d8:9b:14:7a:6a:13:01:dc:56:4b:46:00:e4:
5d:d5:a6:45:9c:a0:39:7d:00:6e:a0:dd:64:ea:bb:
7e:1c:44:a7:d6:62:3b:56:ee:aa:7a:72:64:8f:45:
15:8b:96:59:88:54:bb:b6:67:6a:89:61:31:c7:d0:
be:6b:41:fe:39:ec:33:0d:63:ce:ea:96:4d:5c:d2:
43:e4:be:0f:e4:b7:7d:46:86:ed:cf:03:71:1b:44:
de:7f:2f:19:85:35:89:1f:40:c0:39:e3:f8:32:78:
f7:3d:e2:c3:13:ba:cd:c7:83:93:e0:31:20:02:fb:
f1:26:61:e0:21:65:07:67:20:17:98:9b:7d:e7:cb:
96:ca:80:c1:46:15:e3:a9:97:29:2e:6f:27:89:4d:
e2:4d:55:00:d0:6c:35:28:f1:d0:c9:fc:ab:82:0e:
8f:e1:93:05:e7:41:8f:de:02:96:9e:0e:a2:65:d2:
bf:fa:47:da:9a:95:cf:67:d8:34:3c:16:7a:d5:a8:
38:fb:55:83:0b:f6:7d:ab:42:35:a5:96:bf:08:3d:
58:b0:12:94:f9:c9:fb:02:6c:0c:b3:52:c5:fa:fc:
c6:ad:56:70:26:40:87:e4:4a:4b:8e:dd:5d:d0:f2:
9f:79:b6:10:e5:d7:30:50:13:b2:d9:51:2d:ed:53:
52:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:C1:56:37:9B:3A:ED:BA:5F:45:8C:87:77:56:2B:B7:68:C6:DE:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2d9776f-9750-4d76-93f4-210836f1105b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c020::/46
Signature Algorithm: sha256WithRSAEncryption
5c:d7:72:7f:76:68:19:f5:b7:87:ed:8c:f1:2e:96:28:fb:7f:
83:b2:ac:a6:90:95:57:fa:3d:97:53:93:3c:ac:cb:ce:98:b2:
70:b0:7a:d6:06:fd:b0:56:3a:68:16:b8:a6:8e:fc:80:b3:13:
70:ad:82:09:5e:1d:bd:bd:09:b4:79:33:2a:41:0c:1c:a1:26:
16:f9:fd:ba:e5:49:9c:8e:c0:65:7b:5d:b7:fa:cd:a8:7f:c1:
6e:12:39:44:46:e5:0f:9b:8f:4f:12:7b:75:cd:4d:f2:d1:03:
a3:0d:3b:bd:49:88:dc:05:3a:13:19:90:5a:68:d8:1d:ba:94:
08:69:75:11:55:42:f9:5f:b7:57:ab:73:59:da:de:df:01:57:
6d:3a:6f:82:3f:db:61:bb:8c:10:3a:86:8f:dd:12:42:07:21:
9e:46:59:ef:3f:7e:c9:0d:9a:70:cd:3c:8d:0a:1a:fb:94:85:
ae:4d:0e:c3:bb:66:f0:43:9e:cc:3a:59:88:33:13:13:33:b8:
5e:11:41:00:7d:62:f2:7f:4b:fe:3b:f4:22:4e:bc:d0:15:0f:
78:7f:ed:19:78:36:3a:d3:b0:b6:ad:d9:27:6f:bb:ff:c9:18:
f2:ba:a7:e9:7a:fc:d7:10:21:a4:85:bd:e4:f2:36:02:26:db:
c9:9f:26:d7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVvyNyzagIhjQbqOCN2Qj+vZRxwUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTQwMDVaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4YmU3MWI1OWYwMDBhOTAzNmM5MWZmMjI3YTgzNzkxZTgwZDVlOWZiMGFl
NDE1MmEwYWY4ODM1NWM5OTFkODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJzYmxR6ahMB3FZLRgDkXdWmRZygOX0AbqDdZOq7fhxEp9ZiO1buqnpyZI9F
FYuWWYhUu7ZnaolhMcfQvmtB/jnsMw1jzuqWTVzSQ+S+D+S3fUaG7c8DcRtE3n8v
GYU1iR9AwDnj+DJ49z3iwxO6zceDk+AxIAL78SZh4CFlB2cgF5ibfefLlsqAwUYV
46mXKS5vJ4lN4k1VANBsNSjx0Mn8q4IOj+GTBedBj94Clp4OomXSv/pH2pqVz2fY
NDwWetWoOPtVgwv2fatCNaWWvwg9WLASlPnJ+wJsDLNSxfr8xq1WcCZAh+RKS47d
XdDyn3m2EOXXMFATstlRLe1TUiUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQVwVY3
mzrtul9FjId3Viu3aMbe2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTJkOTc3NmYtOTc1MC00ZDc2LTkzZjQtMjEwODM2ZjExMDViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPA
IDANBgkqhkiG9w0BAQsFAAOCAQEAXNdyf3ZoGfW3h+2M8S6WKPt/g7KsppCVV/o9
l1OTPKzLzpiycLB61gb9sFY6aBa4po78gLMTcK2CCV4dvb0JtHkzKkEMHKEmFvn9
uuVJnI7AZXtdt/rNqH/BbhI5REblD5uPTxJ7dc1N8tEDow07vUmI3AU6ExmQWmjY
HbqUCGl1EVVC+V+3V6tzWdre3wFXbTpvgj/bYbuMEDqGj90SQgchnkZZ7z9+yQ2a
cM08jQoa+5SFrk0Ow7tm8EOezDpZiDMTEzO4XhFBAH1i8n9L/jv0Ik680BUPeH/t
GXg2OtOwtq3ZJ2+7/8kY8rqn6Xr81xAhpIW95PI2AibbyZ8m1w==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:36 2025 by rpki-client