Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
File: 11758a9b-0e07-4929-92b2-ff867af4fa4f.roa (raw, json)
Hash identifier: fGp2Uhx0fiP/Gg0r+vMplxdotuilW5ssNgdlpMDessM=
Subject key identifier: 6D:D5:26:2D:49:05:5B:C9:51:52:0A:D1:CA:37:03:08:55:50:3D:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 05E8B3CE3A9F71BFA103F770A9C5E13C5A9A10CA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
Signing time: Fri 22 Aug 2025 15:11:09 +0000
ROA not before: Fri 22 Aug 2025 15:11:09 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:e8:b3:ce:3a:9f:71:bf:a1:03:f7:70:a9:c5:e1:3c:5a:9a:10:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:11:09 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=694f3c0aa59cc013a3ce08abe31ccd68e575c0f6d328c4022fd94f79522b4fab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:4c:62:63:e6:a3:3a:de:5d:d0:26:46:5d:2e:
07:8e:d8:c7:25:ed:e8:df:8d:cc:fc:e8:e2:ef:3a:
f9:f3:bc:39:05:66:5b:9d:2c:be:76:60:41:19:fe:
5b:5b:49:a1:f1:d5:41:ad:26:77:a3:25:63:67:b8:
c2:d1:82:0a:10:d0:45:d2:3d:0e:5f:2c:1f:60:50:
9d:11:53:f2:90:6e:e3:90:9e:22:76:be:e3:cc:8a:
4e:ab:2f:51:2f:78:53:96:86:82:46:8a:6f:f7:46:
d3:02:27:b7:70:76:35:a2:13:49:09:ca:33:13:1f:
36:0f:99:f3:62:f0:ff:b5:ee:f7:10:23:19:ed:49:
45:3b:35:91:8a:51:80:a9:7c:65:fc:76:41:c3:69:
8e:bc:3c:6a:cf:a7:ab:3a:bb:82:48:c0:26:7b:81:
cd:79:0e:a3:9c:91:f7:e2:da:1f:9b:b9:15:c8:9d:
bd:9b:8b:93:8a:32:82:16:05:03:d8:5d:9a:ad:6d:
a7:73:97:1b:74:f4:af:0a:07:a6:4e:f2:90:9d:00:
53:72:eb:0f:dc:39:24:a7:b4:67:81:01:24:9d:cd:
04:19:de:71:eb:35:33:c4:57:41:a4:63:da:a4:6c:
c1:80:2d:fb:81:38:15:8e:1b:81:08:56:3f:b1:ca:
07:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D5:26:2D:49:05:5B:C9:51:52:0A:D1:CA:37:03:08:55:50:3D:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:2000::/40
Signature Algorithm: sha256WithRSAEncryption
21:dc:fb:4a:49:47:ba:73:27:ac:df:de:4f:ce:e3:13:da:34:
58:b9:0c:ca:b1:52:02:d6:c3:53:3a:21:a0:d9:97:5b:b1:34:
9c:04:c4:ff:36:8b:9e:de:e2:a1:99:5b:4c:54:fe:ae:70:d0:
d7:62:2b:eb:bc:57:76:9e:03:21:63:b1:ce:39:ed:6f:d2:a0:
39:f0:88:ba:24:de:67:5d:e8:eb:8c:0e:25:d2:7a:50:9e:b2:
24:d8:e7:b0:2c:8d:55:30:b9:fe:28:5a:fe:10:ba:96:1d:35:
ec:31:13:56:77:1d:b6:3a:9e:8e:ef:5f:c9:02:60:54:f4:d2:
bb:7f:53:9b:f9:31:ef:31:47:98:9d:75:3f:48:29:a6:a7:2f:
89:c5:73:41:b4:6e:72:59:3b:77:9a:0d:f9:6a:96:18:c8:a0:
bf:0c:c4:34:21:08:6a:24:e8:2c:9b:cb:7e:f3:ef:d2:80:da:
d0:99:99:4e:c0:65:1c:e5:fa:76:a8:f3:3b:f1:6c:40:b2:61:
e5:87:a9:38:55:c3:65:46:bc:6b:a1:e6:ca:88:08:eb:43:97:
98:3c:b8:d9:1d:02:7d:9a:fa:bb:27:38:65:2f:b8:33:bd:e6:
fd:d6:56:1f:28:12:22:78:24:4c:eb:07:56:05:d2:63:6c:4c:
c3:3c:9c:ae
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBeizzjqfcb+hA/dwqcXhPFqaEMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTExMDlaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5NGYzYzBhYTU5Y2MwMTNhM2NlMDhhYmUzMWNjZDY4ZTU3NWMwZjZkMzI4
YzQwMjJmZDk0Zjc5NTIyYjRmYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOdMYmPmozreXdAmRl0uB47YxyXt6N+NzPzo4u86+fO8OQVmW50svnZgQRn+
W1tJofHVQa0md6MlY2e4wtGCChDQRdI9Dl8sH2BQnRFT8pBu45CeIna+48yKTqsv
US94U5aGgkaKb/dG0wInt3B2NaITSQnKMxMfNg+Z82Lw/7Xu9xAjGe1JRTs1kYpR
gKl8Zfx2QcNpjrw8as+nqzq7gkjAJnuBzXkOo5yR9+LaH5u5FcidvZuLk4oyghYF
A9hdmq1tp3OXG3T0rwoHpk7ykJ0AU3LrD9w5JKe0Z4EBJJ3NBBneces1M8RXQaRj
2qRswYAt+4E4FY4bgQhWP7HKBy8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRt1SYt
SQVbyVFSCtHKNwMIVVA9PTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTE3NThhOWItMGUwNy00OTI5LTkyYjItZmY4NjdhZjRmYTRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQg
MA0GCSqGSIb3DQEBCwUAA4IBAQAh3PtKSUe6cyes395PzuMT2jRYuQzKsVIC1sNT
OiGg2ZdbsTScBMT/Noue3uKhmVtMVP6ucNDXYivrvFd2ngMhY7HOOe1v0qA58Ii6
JN5nXejrjA4l0npQnrIk2OewLI1VMLn+KFr+ELqWHTXsMRNWdx22Op6O71/JAmBU
9NK7f1Ob+THvMUeYnXU/SCmmpy+JxXNBtG5yWTt3mg35apYYyKC/DMQ0IQhqJOgs
m8t+8+/SgNrQmZlOwGUc5fp2qPM78WxAsmHlh6k4VcNlRrxroebKiAjrQ5eYPLjZ
HQJ9mvq7JzhlL7gzveb91lYfKBIieCRM6wdWBdJjbEzDPJyu
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:20 2025 by rpki-client