Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
File: 0b28278f-4fad-45f4-a194-c2e785f1c443.roa (raw, json)
Hash identifier: eZhXehp0DC8YqhpfWuQXAY/uA0LgWul6vzonBMwT6zY=
Subject key identifier: B8:04:6F:27:56:F7:D3:30:B4:6E:C3:6D:A5:24:14:8E:B7:28:49:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1DCA52AC186D6EC79AE4737323FE4F858D90ADC0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
Signing time: Mon 16 Jun 2025 21:30:10 +0000
ROA not before: Mon 16 Jun 2025 21:30:10 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:ca:52:ac:18:6d:6e:c7:9a:e4:73:73:23:fe:4f:85:8d:90:ad:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:30:10 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=d3721ed9287c7c6374583e4bbbc228a44d06d96c5c428d4b6cacd36a5a85a368, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ee:a6:a4:85:b7:6e:ec:9a:5f:2b:7f:e6:4a:
52:35:eb:a4:87:6d:9f:70:70:6b:43:4e:81:fc:b3:
1f:8c:bf:8a:8a:44:26:46:47:3f:45:00:0d:d1:ea:
39:ee:d1:12:d2:1f:0e:1c:9c:bb:21:2b:9e:2a:b3:
fa:13:a9:24:6c:7a:87:e5:90:5f:f5:96:ee:56:27:
c9:99:a6:e0:57:df:dc:21:77:d2:a9:de:3a:66:dd:
09:84:8d:f8:76:a9:1c:19:6b:56:68:f3:a5:51:3d:
28:f2:8a:38:c6:a2:34:d9:0c:80:ca:4b:31:f9:21:
b1:5d:d9:2a:3c:d2:f9:62:19:b0:4a:4a:82:a1:27:
a3:4b:7c:99:99:67:63:bb:8c:d6:f7:9e:f0:2f:2d:
bf:fd:1a:25:a8:dc:08:5c:96:42:0c:67:6a:90:b7:
10:9f:a1:6e:26:8a:9e:94:3e:6b:51:a1:bb:98:2a:
3b:bb:fe:d5:fc:53:29:47:96:9c:71:89:1c:47:10:
74:d6:fb:81:91:26:b1:5f:f8:6f:09:7d:e3:f2:26:
80:78:4d:dd:e7:b0:d0:a1:11:ef:47:eb:8a:03:1a:
18:9a:0a:c5:ae:b4:5c:03:fb:41:47:9b:78:c0:c7:
5c:88:0d:20:4b:ae:71:ea:9d:a6:77:c2:5d:7f:1e:
10:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:04:6F:27:56:F7:D3:30:B4:6E:C3:6D:A5:24:14:8E:B7:28:49:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019:800::/38
Signature Algorithm: sha256WithRSAEncryption
6c:44:62:4b:c0:9c:a5:95:bc:8e:16:82:b6:f8:fe:cc:b2:52:
bd:24:cc:eb:7e:ce:c6:d7:36:f9:d9:76:84:4d:02:6d:fe:0d:
32:3e:cc:89:c9:e2:0b:cf:43:d1:d4:63:12:a1:d4:d2:e7:c9:
66:8a:44:fa:4d:cf:81:ab:35:80:cb:e6:17:79:3b:4f:89:c9:
01:70:e3:66:ca:1d:14:6f:02:fa:82:ad:b2:75:cc:ff:7f:d3:
8b:f3:c1:ea:4c:dc:0d:61:8e:52:44:98:91:84:e0:e4:9e:b6:
9c:91:09:31:36:6d:22:50:48:7b:ca:97:0b:38:9c:25:b3:a9:
46:94:5e:9f:05:94:c6:d9:15:3f:db:a0:88:b1:36:e3:33:30:
3c:a8:a3:1f:ea:db:30:76:78:36:bc:9a:e9:d9:29:03:79:27:
a2:82:6e:63:64:e4:a9:65:de:84:98:96:d0:f5:74:ef:9c:2a:
8f:22:90:a9:67:c7:eb:fa:8c:e0:f7:c8:24:80:88:42:d8:4e:
c1:f7:e8:eb:e0:dc:4b:a2:78:67:1d:dd:fc:6a:cb:e0:7a:fa:
a3:52:1b:7e:0f:10:49:ed:4f:7a:60:41:c6:60:9e:cb:47:73:
7f:10:8f:ef:0e:af:7c:1a:79:84:9d:5a:75:26:c8:36:58:ff:
64:8b:0b:d5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHcpSrBhtbsea5HNzI/5PhY2QrcAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMwMTBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzNzIxZWQ5Mjg3YzdjNjM3NDU4M2U0YmJiYzIyOGE0NGQwNmQ5NmM1YzQy
OGQ0YjZjYWNkMzZhNWE4NWEzNjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHupqSFt27sml8rf+ZKUjXrpIdtn3Bwa0NOgfyzH4y/iopEJkZHP0UADdHq
Oe7REtIfDhycuyErniqz+hOpJGx6h+WQX/WW7lYnyZmm4Fff3CF30qneOmbdCYSN
+HapHBlrVmjzpVE9KPKKOMaiNNkMgMpLMfkhsV3ZKjzS+WIZsEpKgqEno0t8mZln
Y7uM1vee8C8tv/0aJajcCFyWQgxnapC3EJ+hbiaKnpQ+a1Ghu5gqO7v+1fxTKUeW
nHGJHEcQdNb7gZEmsV/4bwl94/ImgHhN3eew0KER70frigMaGJoKxa60XAP7QUeb
eMDHXIgNIEuuceqdpnfCXX8eEKkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4BG8n
VvfTMLRuw22lJBSOtyhJBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIyODI3OGYtNGZhZC00NWY0LWExOTQtYzJlNzg1ZjFjNDQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkI
MA0GCSqGSIb3DQEBCwUAA4IBAQBsRGJLwJyllbyOFoK2+P7MslK9JMzrfs7G1zb5
2XaETQJt/g0yPsyJyeILz0PR1GMSodTS58lmikT6Tc+BqzWAy+YXeTtPickBcONm
yh0UbwL6gq2ydcz/f9OL88HqTNwNYY5SRJiRhODknrackQkxNm0iUEh7ypcLOJwl
s6lGlF6fBZTG2RU/26CIsTbjMzA8qKMf6tswdng2vJrp2SkDeSeigm5jZOSpZd6E
mJbQ9XTvnCqPIpCpZ8fr+ozg98gkgIhC2E7B9+jr4NxLonhnHd38asvgevqjUht+
DxBJ7U96YEHGYJ7LR3N/EI/vDq98GnmEnVp1Jsg2WP9kiwvV
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:05 2025 by rpki-client