Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1acc9be2-9211-4678-96a4-ec65ebb7bc77.roa
File: 1acc9be2-9211-4678-96a4-ec65ebb7bc77.roa (raw, json)
Hash identifier: n3MIYsjMj+LULPttfmPGK9Xc6jHlfk2ItFyOy0+rBGw=
Subject key identifier: 09:C7:58:24:6C:DC:FE:33:69:3D:85:A0:F3:58:76:C8:CE:DF:04:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C2525D1B00F5C06B6DBF81989044A8C25F59E7D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1acc9be2-9211-4678-96a4-ec65ebb7bc77.roa
Signing time: Mon 16 Jun 2025 20:51:16 +0000
ROA not before: Mon 16 Jun 2025 20:51:16 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:4040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:25:25:d1:b0:0f:5c:06:b6:db:f8:19:89:04:4a:8c:25:f5:9e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:51:16 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8e200e6134c064cf7ce5496305785a01b3d80708389296f8721d3620a63ccd63, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8e:b5:29:1d:12:ef:90:fb:1f:e0:2a:1a:df:
1d:a0:87:29:ad:3f:fe:44:1b:aa:09:06:51:53:8d:
ef:8d:a6:c7:63:34:c5:fc:e1:fd:38:6c:b8:c7:be:
ee:e6:40:85:9c:db:f9:de:99:ef:99:2b:46:94:64:
10:f8:69:12:17:33:0a:17:e5:98:3c:8b:b7:54:5b:
12:8f:82:83:68:d0:ef:0e:4a:ad:dc:5b:88:20:57:
b3:d1:21:ac:ba:58:41:d8:59:f3:bd:ae:7d:86:32:
68:73:9c:44:bc:f7:b6:b6:92:92:58:17:c0:71:15:
6c:12:70:9e:77:3a:44:eb:ad:d9:0c:c2:a2:ef:bf:
79:84:0b:f4:26:fa:e2:87:ff:d7:aa:0a:ca:18:1f:
ca:65:29:cb:3c:1e:01:c4:e7:f8:a2:70:2e:37:75:
de:cb:05:54:47:76:f9:7c:fa:48:4d:7b:f7:f7:b8:
c5:07:43:ad:61:8d:18:c2:7c:9f:e7:2a:bd:8e:e3:
cc:8f:2b:17:b8:8b:ff:c3:22:64:67:c6:70:14:9d:
b3:95:d0:99:90:b9:09:ec:4a:95:c4:9b:30:90:07:
07:24:c4:58:6c:1f:1b:d5:01:e4:f5:76:da:fe:73:
b7:ee:76:6e:e3:ae:f5:6b:16:8c:66:ae:f2:28:bc:
74:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C7:58:24:6C:DC:FE:33:69:3D:85:A0:F3:58:76:C8:CE:DF:04:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1acc9be2-9211-4678-96a4-ec65ebb7bc77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:4040::/46
Signature Algorithm: sha256WithRSAEncryption
9a:b2:00:fd:b1:64:cf:45:1b:66:49:12:6c:5a:b3:7a:04:7d:
6c:5f:8c:80:5a:62:f0:23:1a:4c:6c:45:fd:52:a9:18:2c:16:
7f:32:3a:05:99:16:e6:b8:40:89:6c:cd:d0:6f:72:4f:38:14:
bf:5c:ad:6e:b2:70:fa:7d:d3:33:11:7a:ce:2c:76:c1:f0:e1:
55:63:b0:b3:71:c9:75:94:ad:ed:ab:0b:dd:00:eb:b3:79:c6:
13:13:d4:83:32:42:dc:49:5a:ea:38:be:5a:76:11:8c:c3:17:
9f:ed:85:d8:ee:41:f8:7f:60:f2:6c:4c:1d:33:3c:c0:d1:a3:
da:3d:1e:2a:f3:78:2b:d9:ef:31:18:48:47:1f:90:6c:bc:a6:
84:c2:4d:09:7b:e6:7b:61:2e:7a:1e:f4:81:b2:24:8a:84:62:
22:b7:4c:1f:70:72:6d:9b:29:46:45:72:76:02:41:3b:5d:4a:
19:8e:45:b1:d1:70:36:d8:38:6d:0d:28:b6:82:26:a4:87:1c:
5f:a0:dd:9b:77:3c:83:2e:01:a9:32:d4:fe:07:92:1e:16:b7:
23:91:9c:30:b4:3c:8b:4a:32:2d:45:15:87:be:f9:8b:cd:7f:
93:f3:c1:08:4f:4f:71:8a:d6:0d:1c:0c:55:b7:ae:d3:58:3e:
9a:e4:c2:11
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHCUl0bAPXAa22/gZiQRKjCX1nn0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDUxMTZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlMjAwZTYxMzRjMDY0Y2Y3Y2U1NDk2MzA1Nzg1YTAxYjNkODA3MDgzODky
OTZmODcyMWQzNjIwYTYzY2NkNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCOtSkdEu+Q+x/gKhrfHaCHKa0//kQbqgkGUVON742mx2M0xfzh/ThsuMe+
7uZAhZzb+d6Z75krRpRkEPhpEhczChflmDyLt1RbEo+Cg2jQ7w5KrdxbiCBXs9Eh
rLpYQdhZ872ufYYyaHOcRLz3traSklgXwHEVbBJwnnc6ROut2QzCou+/eYQL9Cb6
4of/16oKyhgfymUpyzweAcTn+KJwLjd13ssFVEd2+Xz6SE179/e4xQdDrWGNGMJ8
n+cqvY7jzI8rF7iL/8MiZGfGcBSds5XQmZC5CexKlcSbMJAHByTEWGwfG9UB5PV2
2v5zt+52buOu9WsWjGau8ii8dPMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQJx1gk
bNz+M2k9haDzWHbIzt8EpzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWFjYzliZTItOTIxMS00Njc4LTk2YTQtZWM2NWViYjdiYzc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HdA
QDANBgkqhkiG9w0BAQsFAAOCAQEAmrIA/bFkz0UbZkkSbFqzegR9bF+MgFpi8CMa
TGxF/VKpGCwWfzI6BZkW5rhAiWzN0G9yTzgUv1ytbrJw+n3TMxF6zix2wfDhVWOw
s3HJdZSt7asL3QDrs3nGExPUgzJC3Ela6ji+WnYRjMMXn+2F2O5B+H9g8mxMHTM8
wNGj2j0eKvN4K9nvMRhIRx+QbLymhMJNCXvme2Eueh70gbIkioRiIrdMH3BybZsp
RkVydgJBO11KGY5FsdFwNtg4bQ0otoImpIccX6Ddm3c8gy4BqTLU/geSHha3I5Gc
MLQ8i0oyLUUVh775i81/k/PBCE9PcYrWDRwMVbeu01g+muTCEQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:30:05 2025 by rpki-client