Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
File: 11f67075-d744-49be-809b-fca0d72c41e0.roa (raw, json)
Hash identifier: iugQochwR0whkn5mGy/zNB400zB3rePGwqfPMGrlTG0=
Subject key identifier: A4:8D:59:26:A1:57:8A:E0:8D:51:C0:B3:DA:4C:4E:FF:8D:F2:50:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 034E845975D8EAC77F06B2E33EB63E0F7754E7B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
Signing time: Tue 05 Aug 2025 19:31:08 +0000
ROA not before: Tue 05 Aug 2025 19:31:08 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:4e:84:59:75:d8:ea:c7:7f:06:b2:e3:3e:b6:3e:0f:77:54:e7:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:08 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=c026cbc189fa85d33c23b0b58469a3017b189bad5978bee33c4299f7121c5c15, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a4:6b:68:52:ba:b5:10:8f:3e:9b:ce:7a:25:
14:60:db:73:fe:45:b9:be:16:80:2a:64:2e:b4:5a:
d2:45:be:bf:0d:6f:04:71:5e:49:63:ee:6a:31:ca:
8b:99:cb:f0:b7:38:d3:6c:42:56:92:33:2d:e0:76:
99:5e:1b:4f:1e:0a:16:b2:f1:79:80:2c:b6:92:47:
9c:43:db:ab:18:da:75:75:2e:86:2c:29:7d:87:2c:
8f:cd:fa:43:00:24:ea:66:42:b9:61:b3:84:7d:6d:
69:79:7b:5c:eb:23:93:2b:1e:f3:68:17:93:ad:d8:
53:35:28:d0:c1:6c:b3:4d:82:6d:72:45:8f:67:2c:
7e:3d:ef:e1:9f:c3:8f:fc:ca:d7:63:85:85:91:3c:
92:a6:f8:ba:31:af:38:12:6c:d2:46:be:c8:3d:5b:
44:da:2c:99:22:98:26:0a:e6:bd:53:ad:01:67:2d:
ae:14:3f:db:41:53:fb:95:4d:a6:2e:4d:49:d7:8f:
b7:75:2d:c5:db:9a:10:71:2d:93:71:d3:96:7f:1d:
e1:a1:a1:1b:2c:11:7e:a8:2f:a4:17:14:ff:d4:2f:
dd:34:d0:fe:5b:d4:7b:08:84:3f:7b:28:30:75:dc:
41:da:3c:f8:00:e5:78:fe:16:cd:5e:47:5b:e8:4b:
f6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:8D:59:26:A1:57:8A:E0:8D:51:C0:B3:DA:4C:4E:FF:8D:F2:50:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:2000::/40
Signature Algorithm: sha256WithRSAEncryption
04:1d:96:f5:59:df:b0:3d:66:c2:e8:07:8f:cb:6d:00:c7:8f:
08:10:1d:37:8d:e8:55:8e:cb:25:a7:2d:bd:25:b0:ea:b6:4a:
4d:92:33:26:a3:ca:e6:68:81:86:e8:cc:55:37:07:00:c5:64:
1e:d8:33:2d:e5:32:ea:d2:9a:d6:49:ab:e1:64:6c:72:4e:58:
5b:03:d3:7b:02:20:54:90:34:2e:e9:f6:bb:7a:cc:ac:74:51:
51:6e:3a:b7:63:3a:14:1f:1c:e6:ad:7a:45:f0:86:e1:cf:92:
ab:bd:8d:c3:0e:08:31:13:5e:e2:ec:c9:7e:58:80:8b:a8:30:
93:a2:24:25:77:a9:ad:33:cd:d5:9b:2f:2d:d1:e6:07:19:ed:
1c:f1:3e:7f:0a:ec:b3:bf:7c:59:6e:11:95:25:2e:29:ba:7a:
4a:7b:07:07:84:95:fb:28:dd:e1:a0:9d:a8:65:74:23:31:74:
cf:65:a6:53:a9:03:28:d0:82:96:df:2d:a5:cc:77:bf:f6:e9:
fb:c3:eb:de:2c:48:81:5b:e8:85:a0:c6:56:ad:54:c7:61:f1:
0e:e3:1c:b3:47:1c:b9:dc:89:7f:a6:e0:43:c0:57:1b:7d:7d:
c0:4c:44:97:9d:88:95:f2:21:04:20:c1:a3:b6:61:c3:c7:47:
6c:c5:19:0b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUA06EWXXY6sd/BrLjPrY+D3dU57gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxMDhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwMjZjYmMxODlmYTg1ZDMzYzIzYjBiNTg0NjlhMzAxN2IxODliYWQ1OTc4
YmVlMzNjNDI5OWY3MTIxYzVjMTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqka2hSurUQjz6bznolFGDbc/5Fub4WgCpkLrRa0kW+vw1vBHFeSWPuajHK
i5nL8Lc402xCVpIzLeB2mV4bTx4KFrLxeYAstpJHnEPbqxjadXUuhiwpfYcsj836
QwAk6mZCuWGzhH1taXl7XOsjkyse82gXk63YUzUo0MFss02CbXJFj2csfj3v4Z/D
j/zK12OFhZE8kqb4ujGvOBJs0ka+yD1bRNosmSKYJgrmvVOtAWctrhQ/20FT+5VN
pi5NSdePt3UtxduaEHEtk3HTln8d4aGhGywRfqgvpBcU/9Qv3TTQ/lvUewiEP3so
MHXcQdo8+ADleP4WzV5HW+hL9rECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSkjVkm
oVeK4I1RwLPaTE7/jfJQ7TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFmNjcwNzUtZDc0NC00OWJlLTgwOWItZmNhMGQ3MmM0MWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hgg
MA0GCSqGSIb3DQEBCwUAA4IBAQAEHZb1Wd+wPWbC6AePy20Ax48IEB03jehVjssl
py29JbDqtkpNkjMmo8rmaIGG6MxVNwcAxWQe2DMt5TLq0prWSavhZGxyTlhbA9N7
AiBUkDQu6fa7esysdFFRbjq3YzoUHxzmrXpF8Ibhz5KrvY3DDggxE17i7Ml+WICL
qDCToiQld6mtM83Vmy8t0eYHGe0c8T5/Cuyzv3xZbhGVJS4punpKewcHhJX7KN3h
oJ2oZXQjMXTPZaZTqQMo0IKW3y2lzHe/9un7w+veLEiBW+iFoMZWrVTHYfEO4xyz
Rxy53Il/puBDwFcbfX3ATESXnYiV8iEEIMGjtmHDx0dsxRkL
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:22 2025 by rpki-client