Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d8c280f-edb2-45fb-9207-8226dc900bb1.roa
File: 0d8c280f-edb2-45fb-9207-8226dc900bb1.roa (raw, json)
Hash identifier: uXXjNLEHv/4MAW/Jtm+FOrfvdMX5IYn+6fqGrpWvXbc=
Subject key identifier: 92:A5:92:63:2A:A9:68:D0:6E:A2:42:C7:5A:35:33:0A:08:67:8D:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 489166B203858748B4EFA27CABF449FCB07CAE09
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d8c280f-edb2-45fb-9207-8226dc900bb1.roa
Signing time: Tue 05 Aug 2025 19:01:06 +0000
ROA not before: Tue 05 Aug 2025 19:01:06 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:91:66:b2:03:85:87:48:b4:ef:a2:7c:ab:f4:49:fc:b0:7c:ae:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:01:06 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=fa3ead5f37f57ad50a616a3951eb3f85e33543b524b60c9708a5916ec1eb46b7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:aa:5f:13:d4:cd:72:a7:6c:49:d5:d0:ba:61:
91:36:90:a5:95:11:56:fc:6b:22:2e:67:36:dd:37:
87:a5:e2:c7:ea:12:7c:5f:cb:69:c7:16:ce:75:5e:
f9:d9:e9:77:6b:fc:f8:6c:b7:2d:c5:75:0e:23:c4:
cf:bd:2f:43:83:3c:41:9c:67:cf:79:44:f4:a3:46:
c8:ba:99:12:4d:87:30:65:cd:2a:17:fb:38:7c:e7:
96:c1:c2:57:f5:e8:d5:7c:ef:a3:0e:b1:68:da:df:
5e:e7:c9:87:f4:7a:63:23:fa:6a:07:61:b3:ad:90:
cd:ba:c6:aa:1d:40:f2:8b:b0:0f:bd:64:d8:6d:e2:
0b:cf:3d:94:42:6e:55:f7:10:28:f8:8f:bf:3b:68:
13:d7:57:94:34:47:40:97:63:bf:2a:2b:60:4f:b7:
86:dd:a1:25:03:f7:67:c4:61:e1:2c:25:63:61:89:
b7:15:11:81:c4:20:7a:7f:3e:c3:7a:da:51:85:17:
91:d8:7c:df:ce:c3:e7:9f:c3:04:39:98:b7:73:77:
6a:d6:55:68:5f:75:22:fc:ed:3a:57:97:40:17:78:
bd:84:c1:99:aa:ce:c4:50:94:20:5d:e6:4b:e7:6c:
b3:c0:6a:63:1c:53:78:cc:39:ac:bf:04:0a:a9:54:
57:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A5:92:63:2A:A9:68:D0:6E:A2:42:C7:5A:35:33:0A:08:67:8D:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d8c280f-edb2-45fb-9207-8226dc900bb1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5080::/48
Signature Algorithm: sha256WithRSAEncryption
72:e8:94:46:ab:f4:eb:99:a2:40:19:14:89:c1:69:b6:12:32:
75:61:63:c4:dc:63:74:db:67:0c:50:cd:5b:3c:9b:06:20:4f:
d5:11:45:be:b0:0d:03:76:51:f2:2c:56:39:31:1f:05:59:b0:
f3:21:8f:33:7e:c3:ed:87:22:6a:05:8c:95:4d:c9:d5:74:0a:
db:d8:25:ca:f5:92:57:33:48:d9:d5:df:b3:93:1d:55:90:94:
23:da:23:26:6b:cf:31:c5:44:be:9e:07:ca:20:28:50:d4:12:
2b:7e:81:e2:dd:6c:3f:52:66:4c:a3:2d:71:c8:e9:e6:90:d3:
13:b5:3d:49:f8:d4:c9:3a:71:0a:3d:d1:f0:70:b3:f9:7d:89:
91:92:be:4a:9a:9e:b5:ae:7d:6b:b9:37:a4:08:e3:28:6d:8d:
da:04:f3:6f:74:74:64:19:58:d9:c0:ab:f8:b6:5e:c1:b0:1c:
c0:fc:42:ac:92:f7:6b:19:87:f9:c1:f2:7b:00:af:13:8c:df:
6f:59:c7:ce:26:57:4a:7f:35:77:86:b9:e7:c9:5c:5f:d0:59:
94:bf:2e:f1:56:60:4c:4e:40:1f:95:ac:e4:90:fc:7b:e8:e8:
be:a5:5c:a6:01:27:1c:64:7e:d0:c9:9c:f3:ff:94:83:2d:87:
e2:6a:bf:b6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSJFmsgOFh0i076J8q/RJ/LB8rgkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAxMDZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhM2VhZDVmMzdmNTdhZDUwYTYxNmEzOTUxZWIzZjg1ZTMzNTQzYjUyNGI2
MGM5NzA4YTU5MTZlYzFlYjQ2YjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGqXxPUzXKnbEnV0LphkTaQpZURVvxrIi5nNt03h6Xix+oSfF/LaccWznVe
+dnpd2v8+Gy3LcV1DiPEz70vQ4M8QZxnz3lE9KNGyLqZEk2HMGXNKhf7OHznlsHC
V/Xo1Xzvow6xaNrfXufJh/R6YyP6agdhs62QzbrGqh1A8ouwD71k2G3iC889lEJu
VfcQKPiPvztoE9dXlDRHQJdjvyorYE+3ht2hJQP3Z8Rh4SwlY2GJtxURgcQgen8+
w3raUYUXkdh8387D55/DBDmYt3N3atZVaF91IvztOleXQBd4vYTBmarOxFCUIF3m
S+dss8BqYxxTeMw5rL8ECqlUVzMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSSpZJj
Kqlo0G6iQsdaNTMKCGeNEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGQ4YzI4MGYtZWRiMi00NWZiLTkyMDctODIyNmRjOTAwYmIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAcuiURqv065miQBkUicFpthIydWFjxNxjdNtn
DFDNWzybBiBP1RFFvrANA3ZR8ixWOTEfBVmw8yGPM37D7YciagWMlU3J1XQK29gl
yvWSVzNI2dXfs5MdVZCUI9ojJmvPMcVEvp4HyiAoUNQSK36B4t1sP1JmTKMtccjp
5pDTE7U9SfjUyTpxCj3R8HCz+X2JkZK+Spqeta59a7k3pAjjKG2N2gTzb3R0ZBlY
2cCr+LZewbAcwPxCrJL3axmH+cHyewCvE4zfb1nHziZXSn81d4a558lcX9BZlL8u
8VZgTE5AH5Ws5JD8e+jovqVcpgEnHGR+0Mmc8/+Ugy2H4mq/tg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:06 2025 by rpki-client