Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
File: 1977ffde-7d26-418c-800c-ccacd18fe560.roa (raw, json)
Hash identifier: fR823aa8yepoZ0KECcTcyNPJ7QAWvXwf76iyFGPSg50=
Subject key identifier: 4B:F3:6A:C5:17:0A:DD:0A:0E:34:40:49:53:E7:88:FC:23:C4:33:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74914590579E0A2796AD1B810163602FC26AFE19
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
Signing time: Fri 15 Aug 2025 15:50:10 +0000
ROA not before: Fri 15 Aug 2025 15:50:10 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:91:45:90:57:9e:0a:27:96:ad:1b:81:01:63:60:2f:c2:6a:fe:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:50:10 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=301f552866272e37fc4a9726c55641585394c2d930d8cd1d134b25a483b4515c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:be:36:52:b3:91:15:38:79:82:28:dc:39:3c:
0f:f1:b8:86:12:ca:c3:fb:e2:01:f6:45:4b:23:dc:
aa:ff:65:05:fb:49:32:ed:72:c4:e6:64:4b:fa:d2:
53:11:27:d5:f1:c5:b8:ca:44:67:a4:b2:01:47:ee:
7f:87:45:dc:c5:40:7a:92:ee:5d:a7:21:23:ee:38:
61:2c:b5:a1:f8:50:c5:a4:50:5e:a0:33:2b:f2:de:
56:2d:44:1a:11:79:f4:3b:9e:56:80:bb:9f:de:34:
99:34:ff:40:58:45:bf:6f:4e:5b:21:20:f8:90:0f:
45:d5:c3:89:a6:d7:0c:18:27:92:b6:fe:45:f0:9e:
c2:f1:f1:4f:22:4a:2f:23:79:d9:30:ab:ec:b5:0b:
82:98:66:e4:36:29:7e:a1:aa:86:e3:c7:b2:45:d6:
18:55:a5:4b:4f:8f:25:9c:9c:96:ad:4b:c4:05:e0:
ab:f5:6e:9d:0d:41:88:65:34:78:e0:0c:e6:fd:13:
62:69:5d:5f:06:81:8d:b2:35:eb:0b:eb:4b:c0:6a:
34:12:7c:35:3e:94:a3:3a:eb:8a:ee:f0:4f:69:30:
93:7b:00:2a:a6:36:09:eb:d7:b3:e8:33:17:72:f5:
1b:5a:b7:dd:a9:d9:74:e8:de:6e:7f:7e:60:ce:35:
ff:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:F3:6A:C5:17:0A:DD:0A:0E:34:40:49:53:E7:88:FC:23:C4:33:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
12:bf:f2:e0:88:e3:eb:2b:cc:99:65:33:f4:79:9e:79:90:64:
18:31:82:a2:18:ae:a7:c8:5e:d7:93:b7:96:39:15:63:04:62:
f6:8f:46:01:7e:14:23:25:6a:5c:c5:bf:a8:a2:c9:3e:be:2d:
50:f7:2d:4c:c8:53:24:f1:d3:90:42:d1:30:05:bf:31:35:06:
9a:85:5b:65:ef:8f:d5:18:e6:2a:71:04:bf:9f:73:04:1a:14:
98:22:47:96:68:cf:49:08:a0:10:d7:4e:c4:73:ca:66:d1:a0:
71:90:da:5a:06:a9:c9:01:24:14:04:2c:36:73:1c:d1:1d:17:
42:bf:17:a0:55:9d:75:9d:1e:8a:1c:eb:80:56:56:2c:f2:f7:
58:98:1c:57:58:06:c4:fa:ca:7a:9d:a0:28:dc:57:b3:38:54:
95:27:a3:a8:17:2d:ec:45:c7:55:ff:c6:ed:fe:00:a0:0f:62:
61:bb:04:2e:e1:c9:2c:79:c2:26:f1:40:9d:8b:cc:ba:39:5e:
5c:f3:06:83:d9:5b:c0:19:52:81:17:d1:b1:e6:cb:19:94:0d:
4f:6b:6d:5b:31:11:7a:d7:8c:22:27:58:e1:29:45:6b:3e:56:
dd:55:1c:98:d5:11:46:01:5d:29:34:68:de:c9:7b:21:71:5a:
b3:ed:69:69
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUdJFFkFeeCieWrRuBAWNgL8Jq/hkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTUwMTBaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwMWY1NTI4NjYyNzJlMzdmYzRhOTcyNmM1NTY0MTU4NTM5NGMyZDkzMGQ4
Y2QxZDEzNGIyNWE0ODNiNDUxNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJe+NlKzkRU4eYIo3Dk8D/G4hhLKw/viAfZFSyPcqv9lBftJMu1yxOZkS/rS
UxEn1fHFuMpEZ6SyAUfuf4dF3MVAepLuXachI+44YSy1ofhQxaRQXqAzK/LeVi1E
GhF59DueVoC7n940mTT/QFhFv29OWyEg+JAPRdXDiabXDBgnkrb+RfCewvHxTyJK
LyN52TCr7LULgphm5DYpfqGqhuPHskXWGFWlS0+PJZyclq1LxAXgq/VunQ1BiGU0
eOAM5v0TYmldXwaBjbI16wvrS8BqNBJ8NT6Uozrriu7wT2kwk3sAKqY2CevXs+gz
F3L1G1q33anZdOjebn9+YM41/+8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRL82rF
FwrdCg40QElT54j8I8QzfzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTk3N2ZmZGUtN2QyNi00MThjLTgwMGMtY2NhY2QxOGZlNTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBABK/8uCI4+srzJllM/R5nnmQZBgxgqIYrqfIXteT
t5Y5FWMEYvaPRgF+FCMlalzFv6iiyT6+LVD3LUzIUyTx05BC0TAFvzE1BpqFW2Xv
j9UY5ipxBL+fcwQaFJgiR5Zoz0kIoBDXTsRzymbRoHGQ2loGqckBJBQELDZzHNEd
F0K/F6BVnXWdHooc64BWVizy91iYHFdYBsT6ynqdoCjcV7M4VJUno6gXLexFx1X/
xu3+AKAPYmG7BC7hySx5wibxQJ2LzLo5XlzzBoPZW8AZUoEX0bHmyxmUDU9rbVsx
EXrXjCInWOEpRWs+Vt1VHJjVEUYBXSk0aN7JeyFxWrPtaWk=
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:43:38 2025 by rpki-client