Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
File: 02484022-c79f-4464-827b-2127faff0b06.roa (raw, json)
Hash identifier: AkbRYpJxyFvLsZiUwSEHwkIzDNWHpe+JBvf8sqxFdng=
Subject key identifier: 1A:63:B5:08:05:11:A8:E9:E9:C2:C9:71:31:AA:F3:4D:A2:31:74:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C17955FB8F2EB4EE73A915D0D32FFB502BA3140
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
Signing time: Fri 22 Aug 2025 15:11:07 +0000
ROA not before: Fri 22 Aug 2025 15:11:07 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:17:95:5f:b8:f2:eb:4e:e7:3a:91:5d:0d:32:ff:b5:02:ba:31:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:11:07 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=2ace755099658cbb465d333431013dca6a8260fcad53b096f66781544294d3fb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7b:a5:ff:63:31:90:98:ba:db:d4:b6:5a:0e:
80:57:5a:d9:dc:99:e7:e4:2e:82:08:14:bb:6e:68:
50:13:e6:a8:43:f4:63:71:95:dc:77:8e:a0:64:5f:
48:5f:6b:8a:d4:d5:6e:77:95:25:0a:ed:13:51:71:
8d:59:ac:5b:c6:ae:97:bd:ee:0f:9b:e9:2b:32:8c:
44:d6:de:d1:0c:a9:ec:a4:69:4d:34:1d:c1:7e:aa:
97:c3:a5:d1:b0:46:a8:57:d2:e8:c9:a6:aa:c0:2a:
00:a3:17:18:df:82:92:2b:f9:f8:07:b0:df:5b:1f:
58:2b:40:82:cc:02:d9:db:79:7e:bb:d1:7c:d7:58:
46:df:60:1b:15:97:0a:1b:6b:df:4c:fc:9a:36:51:
b7:41:b8:ea:72:f7:c8:81:93:23:14:7c:d4:88:fd:
b0:e5:63:63:61:bc:84:68:98:7e:ba:14:ac:0c:9b:
b3:67:d8:a4:9f:ab:09:51:fe:e9:04:2b:77:d2:d7:
f8:e2:f8:7a:87:5a:35:89:4d:53:33:c6:c3:10:cb:
eb:dd:b6:29:21:6b:38:7c:1e:6e:42:d5:21:e3:28:
82:f4:97:ee:f0:c3:93:f4:a2:87:08:04:0e:3f:fd:
67:2f:c4:5b:c0:31:63:8d:44:fb:42:32:97:aa:81:
83:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:63:B5:08:05:11:A8:E9:E9:C2:C9:71:31:AA:F3:4D:A2:31:74:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030::/32
Signature Algorithm: sha256WithRSAEncryption
1d:10:b3:e9:f9:0c:49:79:f6:ea:ac:14:b9:6b:c8:b5:da:25:
30:a5:fa:57:17:b3:be:ac:2c:9b:ae:bd:a7:fe:73:9a:a0:21:
ca:6f:51:88:06:30:59:9a:04:ae:4f:53:6f:ab:dd:c6:59:27:
63:7b:79:2b:20:fb:ae:18:dc:32:66:aa:0e:e7:e3:45:32:1a:
a5:a4:7f:1f:70:f7:88:06:45:36:96:cf:e2:87:33:c6:85:98:
11:3e:c7:a8:74:00:4f:14:81:f6:bd:5d:a3:b9:9e:f9:a0:6b:
ad:86:17:81:fc:f6:18:77:82:72:8a:d9:7a:e9:31:54:9e:c9:
33:53:48:8d:58:ac:83:a1:53:bf:88:0c:c8:26:d6:62:d6:fa:
13:5f:35:10:a8:06:6a:55:73:62:19:26:ad:dd:99:a9:61:2c:
f4:ec:4b:e7:5e:b8:6a:c4:75:57:10:99:13:16:f0:ae:df:02:
30:37:f8:2e:92:e0:e9:94:26:7f:b2:c4:3e:04:23:be:82:7e:
69:db:21:15:77:43:4b:0a:e5:2f:49:60:72:7d:02:20:67:09:
d1:28:20:86:9b:e2:2d:76:05:23:6c:9c:72:fb:e0:07:11:b9:
2e:f0:02:b1:6d:9c:91:9b:62:b7:20:26:33:39:48:0e:c7:75:
da:7d:52:6f
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUPBeVX7jy607nOpFdDTL/tQK6MUAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTExMDdaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhY2U3NTUwOTk2NThjYmI0NjVkMzMzNDMxMDEzZGNhNmE4MjYwZmNhZDUz
YjA5NmY2Njc4MTU0NDI5NGQzZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKd7pf9jMZCYutvUtloOgFda2dyZ5+QugggUu25oUBPmqEP0Y3GV3HeOoGRf
SF9ritTVbneVJQrtE1FxjVmsW8aul73uD5vpKzKMRNbe0Qyp7KRpTTQdwX6ql8Ol
0bBGqFfS6MmmqsAqAKMXGN+Ckiv5+Aew31sfWCtAgswC2dt5frvRfNdYRt9gGxWX
Chtr30z8mjZRt0G46nL3yIGTIxR81Ij9sOVjY2G8hGiYfroUrAybs2fYpJ+rCVH+
6QQrd9LX+OL4eodaNYlNUzPGwxDL6922KSFrOHwebkLVIeMogvSX7vDDk/SihwgE
Dj/9Zy/EW8AxY41E+0Iyl6qBg08CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQaY7UI
BRGo6enCyXExqvNNojF03TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDI0ODQwMjItYzc5Zi00NDY0LTgyN2ItMjEyN2ZhZmYwYjA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DAw
DQYJKoZIhvcNAQELBQADggEBAB0Qs+n5DEl59uqsFLlryLXaJTCl+lcXs76sLJuu
vaf+c5qgIcpvUYgGMFmaBK5PU2+r3cZZJ2N7eSsg+64Y3DJmqg7n40UyGqWkfx9w
94gGRTaWz+KHM8aFmBE+x6h0AE8Ugfa9XaO5nvmga62GF4H89hh3gnKK2XrpMVSe
yTNTSI1YrIOhU7+IDMgm1mLW+hNfNRCoBmpVc2IZJq3dmalhLPTsS+deuGrEdVcQ
mRMW8K7fAjA3+C6S4OmUJn+yxD4EI76CfmnbIRV3Q0sK5S9JYHJ9AiBnCdEoIIab
4i12BSNsnHL74AcRuS7wArFtnJGbYrcgJjM5SA7Hddp9Um8=
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:59 2025 by rpki-client