Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/245b62a3-aba6-4bec-8e4d-d798fd0e1a73.roa
File: 245b62a3-aba6-4bec-8e4d-d798fd0e1a73.roa (raw, json)
Hash identifier: E75KBDqRwnEnRZGOKSrKmcFv+HO2Fp25av7YaPc+vlg=
Subject key identifier: F0:8F:B2:71:35:6A:11:A9:9A:96:9E:FA:36:C6:9C:99:25:8E:35:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68908E7727701D5D1D05961BF0609F14C3980DFE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/245b62a3-aba6-4bec-8e4d-d798fd0e1a73.roa
Signing time: Mon 16 Jun 2025 20:31:30 +0000
ROA not before: Mon 16 Jun 2025 20:31:30 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:80c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:90:8e:77:27:70:1d:5d:1d:05:96:1b:f0:60:9f:14:c3:98:0d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:31:30 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=9cf95eaf1b5b0449d5ba65cb3a827908bfa16113156336f3bd7c01396bfe75d5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:07:fe:13:3a:2a:dd:56:cd:01:80:5b:e3:f2:
cf:ab:56:eb:20:83:c5:5f:bc:b4:3d:05:3c:ad:94:
dd:db:c6:9e:91:43:0e:2f:9d:ca:71:db:4c:be:41:
d2:6a:2e:aa:c2:46:29:bd:51:60:38:84:5f:46:d2:
88:42:83:b0:99:a8:87:bd:64:85:f4:7c:d1:61:23:
b0:91:ce:92:ac:7e:40:f0:52:d1:59:55:48:11:e0:
9b:8c:67:82:97:ce:ce:fa:30:28:90:5b:70:69:ca:
8f:d1:2b:47:a8:e3:e0:90:12:6d:e6:58:68:3f:3c:
87:b8:63:80:6f:9c:e2:76:cd:20:76:5c:77:4f:7e:
39:27:5c:d1:9c:d5:7b:55:ea:78:61:7c:c8:f5:b9:
1c:d1:08:41:11:30:4d:db:99:ab:4d:44:8f:8e:c8:
7e:47:5e:03:b5:15:9c:22:bd:99:95:5e:03:d2:27:
2c:76:dd:3a:bf:b9:fe:9c:53:3d:e9:00:d4:2d:ae:
63:78:ad:f2:b6:eb:65:41:24:13:eb:9a:03:cf:82:
4c:d2:9d:ae:01:8b:ac:10:90:ff:0a:c2:ee:2a:0f:
d2:bd:8e:13:bf:e3:88:0b:18:ae:8d:67:40:83:6f:
75:cf:44:7a:0c:5c:60:01:3d:12:71:f7:50:26:18:
ff:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:8F:B2:71:35:6A:11:A9:9A:96:9E:FA:36:C6:9C:99:25:8E:35:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/245b62a3-aba6-4bec-8e4d-d798fd0e1a73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:80c0::/46
Signature Algorithm: sha256WithRSAEncryption
6c:3a:79:d1:fe:ec:16:bd:b7:de:68:56:2b:e6:01:ba:b1:d4:
4e:30:2f:1d:ee:c4:06:89:a1:05:00:47:39:a9:95:d2:5d:f8:
54:61:aa:00:3c:5e:9e:03:16:a8:17:83:c6:cd:7b:7e:35:b7:
53:cf:77:dc:02:c9:78:5b:5c:35:81:2c:52:8b:87:8a:3e:b4:
bd:d1:d1:bd:0f:f6:4a:36:44:11:f6:15:6f:52:fd:b5:53:f2:
05:c7:1f:88:cd:07:b8:c9:e8:47:06:cf:31:6d:4b:fd:0b:fa:
71:94:cd:94:6a:2a:da:0b:a7:bb:5a:14:06:39:42:63:79:a1:
81:ce:07:17:58:81:84:a7:21:6e:98:d9:4b:66:1a:c8:20:3d:
bf:bf:45:8a:68:a8:b5:ad:7b:03:95:9c:45:7f:a2:2a:54:aa:
7d:c4:7b:01:b8:bb:23:f8:c9:67:fb:6e:0b:76:a5:a8:fc:2c:
10:4a:0a:63:99:78:de:0d:6f:14:6b:bd:49:2f:be:04:62:ef:
19:ac:62:51:93:c6:31:4b:e4:2b:ef:72:df:18:89:f7:e0:28:
51:38:d6:03:a0:37:73:8e:c9:f5:cd:6a:90:bc:49:9c:fb:91:
e6:fc:5b:92:f8:a5:ef:96:e8:f3:59:10:03:05:71:a8:fd:e0:
b4:8a:40:dc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaJCOdydwHV0dBZYb8GCfFMOYDf4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDMxMzBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDljZjk1ZWFmMWI1YjA0NDlkNWJhNjVjYjNhODI3OTA4YmZhMTYxMTMxNTYz
MzZmM2JkN2MwMTM5NmJmZTc1ZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkH/hM6Kt1WzQGAW+Pyz6tW6yCDxV+8tD0FPK2U3dvGnpFDDi+dynHbTL5B
0mouqsJGKb1RYDiEX0bSiEKDsJmoh71khfR80WEjsJHOkqx+QPBS0VlVSBHgm4xn
gpfOzvowKJBbcGnKj9ErR6jj4JASbeZYaD88h7hjgG+c4nbNIHZcd09+OSdc0ZzV
e1XqeGF8yPW5HNEIQREwTduZq01Ej47IfkdeA7UVnCK9mZVeA9InLHbdOr+5/pxT
PekA1C2uY3it8rbrZUEkE+uaA8+CTNKdrgGLrBCQ/wrC7ioP0r2OE7/jiAsYro1n
QINvdc9EegxcYAE9EnH3UCYY/wMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTwj7Jx
NWoRqZqWnvo2xpyZJY414jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjQ1YjYyYTMtYWJhNi00YmVjLThlNGQtZDc5OGZkMGUxYTczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeA
wDANBgkqhkiG9w0BAQsFAAOCAQEAbDp50f7sFr233mhWK+YBurHUTjAvHe7EBomh
BQBHOamV0l34VGGqADxengMWqBeDxs17fjW3U8933ALJeFtcNYEsUouHij60vdHR
vQ/2SjZEEfYVb1L9tVPyBccfiM0HuMnoRwbPMW1L/Qv6cZTNlGoq2gunu1oUBjlC
Y3mhgc4HF1iBhKchbpjZS2YayCA9v79Fimiota17A5WcRX+iKlSqfcR7Abi7I/jJ
Z/tuC3alqPwsEEoKY5l43g1vFGu9SS++BGLvGaxiUZPGMUvkK+9y3xiJ9+AoUTjW
A6A3c47J9c1qkLxJnPuR5vxbkvil75bo81kQAwVxqP3gtIpA3A==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:47 2025 by rpki-client