Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
File: 21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa (raw, json)
Hash identifier: w/pVADHW3oifTCCpy/39fGJZwX90qh8Kmc1pY5Nnz68=
Subject key identifier: C9:3C:C6:8F:E9:67:48:3A:73:D9:04:41:81:A0:29:BF:34:3C:02:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7760AC737DAEA064601244DAE3D01482D4977C1D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
Signing time: Mon 16 Jun 2025 21:21:17 +0000
ROA not before: Mon 16 Jun 2025 21:21:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:60:ac:73:7d:ae:a0:64:60:12:44:da:e3:d0:14:82:d4:97:7c:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:21:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=87495690dcc6c59300be167897502192a159b31530cfd5a63aa61ac95f057812, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2c:9a:97:07:61:4b:a9:1e:de:fa:0d:07:2b:
46:73:0a:a8:0d:71:de:06:ca:d3:f1:49:f1:48:54:
1e:a7:d0:6a:24:c5:6c:42:22:f9:c0:19:1e:32:b1:
dd:61:d2:93:1e:74:8c:9c:28:1f:55:b1:06:33:cc:
1b:cc:65:e3:de:c4:5d:3f:de:e3:64:10:35:59:c8:
6e:b4:35:7b:fb:94:43:13:a4:d4:28:f9:c6:0f:31:
12:e7:dd:64:f3:88:bd:28:0a:cb:c8:21:a5:dd:ee:
75:cd:63:25:d8:03:15:16:73:f7:93:a0:23:a1:4e:
85:a7:89:62:57:e3:b4:8b:62:20:49:86:e0:d4:5b:
32:75:9f:e9:08:90:2f:d0:c6:c8:ab:4b:ab:61:28:
c5:80:df:95:74:6d:4e:63:b0:e4:4b:26:b7:a8:22:
64:6b:26:a7:75:33:44:f7:78:6f:ea:26:89:57:80:
8d:a1:a8:1c:dd:3f:30:d3:88:1e:68:25:fc:a6:fc:
0f:07:d4:7b:d0:7c:c9:5b:87:45:e1:e4:62:5c:cf:
4f:b6:76:fc:e6:93:66:35:1a:e4:1a:e1:02:26:b1:
73:8f:81:9f:97:e8:b6:f6:1d:41:89:4a:dd:e3:6b:
ce:82:fe:49:8c:ba:d5:94:7c:6d:ab:4e:76:08:8f:
e9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:3C:C6:8F:E9:67:48:3A:73:D9:04:41:81:A0:29:BF:34:3C:02:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:4000::/40
Signature Algorithm: sha256WithRSAEncryption
69:45:06:31:c9:00:51:04:5b:76:fd:cf:2a:2c:9c:68:da:0f:
55:65:b7:e0:d3:b0:1c:59:bf:23:ad:fa:37:ce:20:89:05:b8:
50:16:c0:75:5c:0a:14:8f:4b:c2:77:80:c7:cb:18:b2:45:e6:
89:9e:c9:0f:4e:ad:c4:f8:a5:82:1a:0b:f1:bd:66:71:1c:a1:
c4:f1:f2:47:28:95:8d:12:de:02:20:cc:38:19:97:48:7c:a3:
1f:cb:16:d2:4b:7a:53:12:b1:34:74:99:72:43:e4:8f:47:a1:
1b:fb:91:0d:64:86:f5:8c:63:e9:7b:c2:2b:9b:44:2f:34:37:
16:22:da:d6:5a:b3:79:df:6f:f0:48:1b:dc:65:27:9a:ef:63:
86:a2:b2:7d:6b:6f:e4:c7:9e:d7:66:04:48:24:15:94:cb:32:
8e:93:59:b4:63:3b:f3:88:8d:03:7e:37:00:87:44:ec:e9:6b:
26:cc:82:ec:11:b1:f8:92:27:bc:08:5b:92:5b:53:14:ea:54:
94:16:b9:96:18:60:77:e1:fe:05:15:52:0f:4d:37:c5:d9:15:
c7:75:bd:3e:0f:d4:8e:ac:17:24:bd:53:31:14:53:96:01:f7:
25:78:93:a2:0d:1d:b0:96:cf:ad:fc:57:fe:44:b8:1a:1e:3d:
ad:95:31:3f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd2Csc32uoGRgEkTa49AUgtSXfB0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIxMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3NDk1NjkwZGNjNmM1OTMwMGJlMTY3ODk3NTAyMTkyYTE1OWIzMTUzMGNm
ZDVhNjNhYTYxYWM5NWYwNTc4MTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYsmpcHYUupHt76DQcrRnMKqA1x3gbK0/FJ8UhUHqfQaiTFbEIi+cAZHjKx
3WHSkx50jJwoH1WxBjPMG8xl497EXT/e42QQNVnIbrQ1e/uUQxOk1Cj5xg8xEufd
ZPOIvSgKy8ghpd3udc1jJdgDFRZz95OgI6FOhaeJYlfjtItiIEmG4NRbMnWf6QiQ
L9DGyKtLq2EoxYDflXRtTmOw5Esmt6giZGsmp3UzRPd4b+omiVeAjaGoHN0/MNOI
Hmgl/Kb8DwfUe9B8yVuHReHkYlzPT7Z2/OaTZjUa5BrhAiaxc4+Bn5fotvYdQYlK
3eNrzoL+SYy61ZR8batOdgiP6WECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJPMaP
6WdIOnPZBEGBoCm/NDwCMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjFlMmY1YzgtZTAxMi00NGQwLWE2ZjItYzRhMDY1YjNiOTU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRA
MA0GCSqGSIb3DQEBCwUAA4IBAQBpRQYxyQBRBFt2/c8qLJxo2g9VZbfg07AcWb8j
rfo3ziCJBbhQFsB1XAoUj0vCd4DHyxiyReaJnskPTq3E+KWCGgvxvWZxHKHE8fJH
KJWNEt4CIMw4GZdIfKMfyxbSS3pTErE0dJlyQ+SPR6Eb+5ENZIb1jGPpe8Irm0Qv
NDcWItrWWrN532/wSBvcZSea72OGorJ9a2/kx57XZgRIJBWUyzKOk1m0YzvziI0D
fjcAh0Ts6WsmzILsEbH4kie8CFuSW1MU6lSUFrmWGGB34f4FFVIPTTfF2RXHdb0+
D9SOrBckvVMxFFOWAfcleJOiDR2wls+t/Ff+RLgaHj2tlTE/
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:18 2025 by rpki-client