Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2133a9e1-9f3c-4662-b3c3-5cea0c9406cc.roa
File: 2133a9e1-9f3c-4662-b3c3-5cea0c9406cc.roa (raw, json)
Hash identifier: NjLnW7DMcCaPnuYgo6xKwm1D7Uj6GXJcke68HipZQLc=
Subject key identifier: 4D:DE:18:8B:F7:DD:A5:A6:C9:DE:68:DE:6D:97:A1:AC:2A:01:E8:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C6D7802D131683430E80F3105AA631B1C23D167
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2133a9e1-9f3c-4662-b3c3-5cea0c9406cc.roa
Signing time: Mon 16 Jun 2025 20:30:48 +0000
ROA not before: Mon 16 Jun 2025 20:30:48 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:9080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:6d:78:02:d1:31:68:34:30:e8:0f:31:05:aa:63:1b:1c:23:d1:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:30:48 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=76caa203aa1e6e7de53fe3f247ad2c072f5e6a305f233daeaeae382e04065893, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7e:e8:ba:c5:8e:70:71:9f:f3:31:02:c8:fb:
4f:a3:6c:1e:f1:46:f4:aa:4c:7a:83:10:c6:f5:62:
8f:07:a6:3d:2f:fe:e4:36:08:ea:aa:ba:67:a6:5b:
b6:f0:c9:20:ec:21:a5:46:2f:75:f6:7a:b6:2a:8f:
b5:31:d1:dd:3d:c1:9b:0f:a0:fb:c7:2a:d7:82:86:
af:66:c9:ad:e4:4a:94:2d:36:93:ea:39:c2:08:98:
7f:2d:e8:55:40:06:9e:a0:43:38:41:69:61:51:00:
c0:17:ec:57:5d:1c:67:3e:66:1c:2b:4f:5b:6a:10:
be:ed:1e:d4:c7:1e:3c:2e:43:02:74:98:71:12:52:
d6:54:47:ff:a9:b8:6b:f3:e7:62:81:5a:18:73:df:
1e:3c:99:bc:e5:4e:03:46:ef:e6:7c:b0:b5:07:51:
d6:16:63:cd:6b:05:30:71:47:44:bd:3d:9e:8e:87:
7c:22:1c:01:31:45:7b:e0:27:a3:bc:2d:1c:7e:56:
c8:75:87:5a:c8:f1:ee:b6:28:c4:5e:60:0f:23:a4:
08:9f:74:a1:91:0f:25:6f:5b:cc:ef:f9:f8:dc:0c:
91:43:7e:5b:69:1f:89:27:9e:0f:cf:07:f3:22:c4:
fa:d1:69:33:c7:f3:5f:8b:d3:7d:e8:af:e2:84:78:
63:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:DE:18:8B:F7:DD:A5:A6:C9:DE:68:DE:6D:97:A1:AC:2A:01:E8:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2133a9e1-9f3c-4662-b3c3-5cea0c9406cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:9080::/46
Signature Algorithm: sha256WithRSAEncryption
aa:fb:59:a3:a2:32:c0:5e:cd:ce:99:97:45:65:4e:62:19:21:
99:a2:66:3b:fc:45:f2:ba:eb:29:22:65:80:75:6c:99:9f:a3:
3f:c6:e8:46:c0:1e:60:8d:c2:fc:4b:2d:1f:2d:d2:9b:cf:20:
3f:2a:10:d4:4a:5c:4d:2b:7b:68:56:79:a6:a1:ec:cb:f7:60:
1a:7c:09:72:98:b3:6a:35:c4:72:d1:2b:b8:d3:01:e2:8b:1a:
bd:0f:df:e0:8d:cd:b6:33:cd:4c:ee:0e:b4:b2:e8:71:37:30:
53:04:8c:57:af:67:44:55:4f:03:ca:e3:5c:78:78:66:bd:34:
12:9f:48:12:d9:f7:f8:16:eb:14:65:26:da:56:27:3b:6e:6e:
42:fa:3b:88:38:ec:1f:ad:0a:9f:8a:56:01:c9:de:e5:f0:81:
27:6d:23:a8:8b:e1:cf:cb:bc:28:6e:9e:31:55:9a:40:ad:06:
46:d7:d7:fc:6f:4a:9c:b1:a2:90:51:93:3b:e8:4a:df:40:3a:
90:c8:f5:16:27:e2:67:73:4c:db:49:c4:fe:e9:0b:9a:de:f5:
75:81:dc:02:7c:07:89:28:68:be:79:60:54:f3:73:11:33:7e:
4b:c9:dc:72:d1:7c:3d:92:d7:c2:c2:f7:19:fa:55:2d:28:58:
7f:f8:0f:df
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDG14AtExaDQw6A8xBapjGxwj0WcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDMwNDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2Y2FhMjAzYWExZTZlN2RlNTNmZTNmMjQ3YWQyYzA3MmY1ZTZhMzA1ZjIz
M2RhZWFlYWUzODJlMDQwNjU4OTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZ+6LrFjnBxn/MxAsj7T6NsHvFG9KpMeoMQxvVijwemPS/+5DYI6qq6Z6Zb
tvDJIOwhpUYvdfZ6tiqPtTHR3T3Bmw+g+8cq14KGr2bJreRKlC02k+o5wgiYfy3o
VUAGnqBDOEFpYVEAwBfsV10cZz5mHCtPW2oQvu0e1McePC5DAnSYcRJS1lRH/6m4
a/PnYoFaGHPfHjyZvOVOA0bv5nywtQdR1hZjzWsFMHFHRL09no6HfCIcATFFe+An
o7wtHH5WyHWHWsjx7rYoxF5gDyOkCJ90oZEPJW9bzO/5+NwMkUN+W2kfiSeeD88H
8yLE+tFpM8fzX4vTfeiv4oR4Y1ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRN3hiL
992lpsneaN5tl6GsKgHoMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjEzM2E5ZTEtOWYzYy00NjYyLWIzYzMtNWNlYTBjOTQwNmNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAqvtZo6IywF7NzpmXRWVOYhkhmaJmO/xF8rrr
KSJlgHVsmZ+jP8boRsAeYI3C/EstHy3Sm88gPyoQ1EpcTSt7aFZ5pqHsy/dgGnwJ
cpizajXEctEruNMB4osavQ/f4I3NtjPNTO4OtLLocTcwUwSMV69nRFVPA8rjXHh4
Zr00Ep9IEtn3+BbrFGUm2lYnO25uQvo7iDjsH60Kn4pWAcne5fCBJ20jqIvhz8u8
KG6eMVWaQK0GRtfX/G9KnLGikFGTO+hK30A6kMj1FifiZ3NM20nE/ukLmt71dYHc
AnwHiShovnlgVPNzETN+S8ncctF8PZLXwsL3GfpVLShYf/gP3w==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:41 2025 by rpki-client