Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
File: 2ab74891-6199-47fc-bcde-b8022379067c.roa (raw, json)
Hash identifier: TYWLjj5a9+ytHLktEORds+1zI27fXZmK9wiOh0ssNAA=
Subject key identifier: CB:FF:3C:61:BF:7B:4D:E3:AD:FD:34:60:05:71:4D:D2:43:C1:D3:54
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53831BCA82FDD6AB9C43C505A3280690634FC5C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
Signing time: Tue 17 Jun 2025 00:41:18 +0000
ROA not before: Tue 17 Jun 2025 00:41:18 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:83:1b:ca:82:fd:d6:ab:9c:43:c5:05:a3:28:06:90:63:4f:c5:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:41:18 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=e01b9fd8c352446afebb65d4214035bd4dd4a7fc5371ae50e8d2c1c751637cec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b2:2a:c4:4b:39:2e:3e:0d:bd:b7:b6:a9:0a:
9e:66:96:9f:5d:30:b5:93:3b:b8:b8:c8:c6:ce:55:
3e:91:62:9d:d1:bd:38:65:9e:54:2e:bc:35:fa:f6:
a9:3e:28:43:6d:7b:3e:ea:15:67:b4:e4:62:4b:24:
36:34:c1:34:20:4e:30:42:4e:28:55:d3:94:cf:d7:
cf:35:96:ad:e1:39:fb:33:20:63:17:42:e4:9c:18:
21:96:27:0d:40:01:49:5b:f8:b5:d2:2a:3f:fd:57:
2f:c7:58:cd:6a:f3:6e:ee:d5:36:73:c2:e5:7f:bc:
26:46:80:8d:13:fb:bf:2d:6e:51:16:3a:0d:01:58:
41:02:5e:a1:2c:9f:aa:3b:eb:c1:5a:93:59:0e:22:
8c:2b:1c:6a:2f:eb:42:70:37:fa:44:3d:cf:89:e7:
2c:d3:ba:26:19:8e:b5:7b:5a:e2:4b:5a:16:78:e7:
d7:ec:da:86:2e:9b:71:23:d1:cc:0c:5e:1c:01:4a:
a0:86:9d:af:d7:5a:b7:7a:19:f7:6d:d0:ab:c1:5d:
90:ae:37:0b:54:8c:8f:10:c3:90:fd:7f:bc:0b:e4:
ed:48:e4:ec:f5:f3:8c:44:17:32:ec:71:3e:10:14:
de:8c:9c:e5:e2:7a:ad:1e:6f:45:3a:27:0d:32:71:
a3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:FF:3C:61:BF:7B:4D:E3:AD:FD:34:60:05:71:4D:D2:43:C1:D3:54
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:4000::/40
Signature Algorithm: sha256WithRSAEncryption
62:4e:d8:d1:03:6a:00:77:27:4a:06:65:85:6e:8d:87:47:c1:
23:05:e4:62:9d:d3:e3:26:6c:7c:61:6b:f7:38:fb:ac:2c:2b:
66:2a:68:ea:d1:44:73:20:9b:65:a2:97:78:c7:e2:2e:ac:c1:
35:2c:90:f3:d0:d2:4b:62:6c:f1:9e:f9:b1:19:f5:46:50:b6:
88:d9:16:17:e5:96:73:78:31:1b:15:09:eb:af:fd:3c:4e:ee:
26:6b:f0:55:27:5f:39:0b:ec:57:99:97:cc:56:75:56:9c:18:
4b:a2:71:a0:4c:73:34:04:2b:d5:10:a1:b8:e1:b8:8b:c2:a8:
36:2c:6c:49:29:47:da:bb:d5:ce:08:4c:bc:89:47:64:7b:70:
d3:4e:61:fb:cb:9f:d4:8f:1f:ea:76:72:0e:0d:47:a1:1f:6a:
38:c5:97:ad:92:2e:71:3b:34:c3:d3:7d:cf:4f:89:bd:71:23:
dd:7e:6a:f8:9e:dd:ce:10:37:1d:92:29:a4:d1:dd:b8:60:7d:
eb:fc:11:81:9e:70:84:83:d3:8d:15:01:5c:29:2d:77:ad:68:
4f:b6:ed:5f:ef:ea:b2:47:b9:c5:96:fb:08:30:40:6a:2c:df:
f1:57:91:12:32:8c:f3:b2:58:1c:f9:4b:2a:2c:12:05:54:b8:
e5:9b:1b:72
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUU4MbyoL91qucQ8UFoygGkGNPxcgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQxMThaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwMWI5ZmQ4YzM1MjQ0NmFmZWJiNjVkNDIxNDAzNWJkNGRkNGE3ZmM1Mzcx
YWU1MGU4ZDJjMWM3NTE2MzdjZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJmyKsRLOS4+Db23tqkKnmaWn10wtZM7uLjIxs5VPpFindG9OGWeVC68Nfr2
qT4oQ217PuoVZ7TkYkskNjTBNCBOMEJOKFXTlM/XzzWWreE5+zMgYxdC5JwYIZYn
DUABSVv4tdIqP/1XL8dYzWrzbu7VNnPC5X+8JkaAjRP7vy1uURY6DQFYQQJeoSyf
qjvrwVqTWQ4ijCscai/rQnA3+kQ9z4nnLNO6JhmOtXta4ktaFnjn1+zahi6bcSPR
zAxeHAFKoIadr9dat3oZ923Qq8FdkK43C1SMjxDDkP1/vAvk7Ujk7PXzjEQXMuxx
PhAU3oyc5eJ6rR5vRTonDTJxo8kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTL/zxh
v3tN4639NGAFcU3SQ8HTVDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmFiNzQ4OTEtNjE5OS00N2ZjLWJjZGUtYjgwMjIzNzkwNjdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhA
MA0GCSqGSIb3DQEBCwUAA4IBAQBiTtjRA2oAdydKBmWFbo2HR8EjBeRindPjJmx8
YWv3OPusLCtmKmjq0URzIJtlopd4x+IurME1LJDz0NJLYmzxnvmxGfVGULaI2RYX
5ZZzeDEbFQnrr/08Tu4ma/BVJ185C+xXmZfMVnVWnBhLonGgTHM0BCvVEKG44biL
wqg2LGxJKUfau9XOCEy8iUdke3DTTmH7y5/Ujx/qdnIODUehH2o4xZetki5xOzTD
033PT4m9cSPdfmr4nt3OEDcdkimk0d24YH3r/BGBnnCEg9ONFQFcKS13rWhPtu1f
7+qyR7nFlvsIMEBqLN/xV5ESMozzslgc+UsqLBIFVLjlmxty
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:05:41 2025 by rpki-client