Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
File: 2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa (raw, json)
Hash identifier: L6BePvSPny/e+M/oB583z+fRfMazoZNLKwXGlRV7W+4=
Subject key identifier: 34:36:CE:DE:9F:ED:A7:75:59:EC:45:7C:6D:63:77:C7:D9:4E:CF:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1002F8830B35E0A2710DFA90922A29EF891394EB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
Signing time: Fri 08 Aug 2025 00:31:03 +0000
ROA not before: Fri 08 Aug 2025 00:31:03 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:02:f8:83:0b:35:e0:a2:71:0d:fa:90:92:2a:29:ef:89:13:94:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 8 00:31:03 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=c2e998b5e502f336991f13be532d4271576f25f49ed3396858dd55b7889610d9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:1f:52:2e:26:ef:ae:ee:31:1a:bd:92:f3:04:
02:7c:d6:57:ba:cb:98:bf:0f:48:73:9e:b6:35:e4:
20:53:d6:2c:ca:5f:2c:88:2c:de:3a:1a:f7:bb:c0:
f3:1e:9c:0a:0b:14:5f:5c:2f:eb:aa:72:c2:1c:3e:
8f:7a:ce:d2:ff:0e:9d:43:f0:43:f8:b9:48:a1:da:
25:1f:87:ea:f0:f7:af:db:56:5b:a7:09:0c:74:3e:
00:62:57:6c:04:92:0f:0f:46:b2:fd:62:f6:68:e4:
3d:b4:71:15:d4:9a:85:3d:39:eb:eb:6e:f2:47:a6:
83:b6:23:fc:b7:19:91:34:4e:7c:ea:d2:63:6c:76:
16:d2:15:22:2f:f3:40:35:28:45:2c:03:e5:72:3d:
0c:02:0f:55:55:ce:f8:80:0b:eb:6a:4b:67:5f:81:
0b:7f:b1:f0:6d:e9:c3:93:04:0c:68:be:a3:1e:40:
b9:3a:77:13:21:1f:c2:dd:40:d5:ae:af:76:73:62:
5e:60:e0:89:dd:83:b0:74:8a:9c:9e:46:93:f9:c4:
65:6b:15:b4:68:68:3b:c8:e9:84:73:16:22:3c:a6:
f0:05:be:53:bb:52:4c:9d:1b:d0:8f:4f:77:66:73:
1c:1d:b4:66:4b:aa:fb:aa:d2:82:34:62:06:b1:ad:
e2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:36:CE:DE:9F:ED:A7:75:59:EC:45:7C:6D:63:77:C7:D9:4E:CF:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014::/35
Signature Algorithm: sha256WithRSAEncryption
5c:a4:40:a1:5d:bb:77:90:41:6c:26:92:a5:5d:3f:5d:32:15:
1c:90:ff:20:9d:a7:df:10:a3:41:c5:68:91:89:d7:90:cb:2d:
dc:fb:32:b3:ec:7b:1b:f0:48:53:aa:2a:53:36:d5:77:14:80:
ab:ef:5e:dd:a5:b1:51:84:b9:5a:4e:21:05:a9:7b:53:60:3b:
08:1c:eb:cc:d0:2c:cf:5b:4b:8f:bc:d2:16:e2:fa:77:40:0f:
69:c2:6d:80:57:17:95:0a:92:c1:e2:d4:36:32:8c:c3:ca:33:
a3:12:46:3b:a2:9c:9f:72:6c:b9:7c:a6:ab:2a:de:e0:83:df:
79:56:76:6f:0d:dc:8b:90:95:9d:45:08:94:4e:5d:6b:80:0d:
dd:f2:69:e0:2f:d2:63:ee:bc:f6:6d:39:47:8c:38:a9:19:a1:
ce:b9:87:8b:21:a3:a0:63:ff:60:5f:1e:08:fd:0c:0f:5c:b3:
ac:08:06:7c:19:ba:08:9a:2e:f0:51:31:fd:b2:8a:8b:fa:b0:
b9:c5:c7:9d:ce:a7:1c:40:b8:2f:53:33:72:92:62:7b:45:2e:
5e:5b:fe:c6:ee:e6:8c:2f:3f:fc:17:26:0f:1e:74:43:e8:4b:
49:62:ca:f7:0c:ec:b2:04:e9:b6:d4:39:b2:b3:d5:5f:6c:da:
a7:7c:0f:92
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEAL4gws14KJxDfqQkiop74kTlOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDgwMDMxMDNaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyZTk5OGI1ZTUwMmYzMzY5OTFmMTNiZTUzMmQ0MjcxNTc2ZjI1ZjQ5ZWQz
Mzk2ODU4ZGQ1NWI3ODg5NjEwZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANUfUi4m767uMRq9kvMEAnzWV7rLmL8PSHOetjXkIFPWLMpfLIgs3joa97vA
8x6cCgsUX1wv66pywhw+j3rO0v8OnUPwQ/i5SKHaJR+H6vD3r9tWW6cJDHQ+AGJX
bASSDw9Gsv1i9mjkPbRxFdSahT056+tu8kemg7Yj/LcZkTROfOrSY2x2FtIVIi/z
QDUoRSwD5XI9DAIPVVXO+IAL62pLZ1+BC3+x8G3pw5MEDGi+ox5AuTp3EyEfwt1A
1a6vdnNiXmDgid2DsHSKnJ5Gk/nEZWsVtGhoO8jphHMWIjym8AW+U7tSTJ0b0I9P
d2ZzHB20Zkuq+6rSgjRiBrGt4r8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ0Ns7e
n+2ndVnsRXxtY3fH2U7PfTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmM1YmE2NzMtNmQ5YS00ZWYyLWI4YTAtMTFkMGRkYmYzMDJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BQA
MA0GCSqGSIb3DQEBCwUAA4IBAQBcpEChXbt3kEFsJpKlXT9dMhUckP8gnaffEKNB
xWiRideQyy3c+zKz7Hsb8EhTqipTNtV3FICr717dpbFRhLlaTiEFqXtTYDsIHOvM
0CzPW0uPvNIW4vp3QA9pwm2AVxeVCpLB4tQ2MozDyjOjEkY7opyfcmy5fKarKt7g
g995VnZvDdyLkJWdRQiUTl1rgA3d8mngL9Jj7rz2bTlHjDipGaHOuYeLIaOgY/9g
Xx4I/QwPXLOsCAZ8GboImi7wUTH9soqL+rC5xcedzqccQLgvUzNykmJ7RS5eW/7G
7uaMLz/8FyYPHnRD6EtJYsr3DOyyBOm21Dmys9VfbNqnfA+S
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:54:08 2025 by rpki-client