Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/356f05f3-9814-4715-9f58-bf044bf5d10f.roa
File: 356f05f3-9814-4715-9f58-bf044bf5d10f.roa (raw, json)
Hash identifier: rr8NxSCWBuVcu7+a2SjFlpLwjhTTsY6g3QMqjD4aZas=
Subject key identifier: 44:3C:10:79:1F:7D:D1:54:25:5D:49:E9:09:6B:B5:FC:87:26:24:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A91858A624522C95FCA224CE293B3C3395439C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/356f05f3-9814-4715-9f58-bf044bf5d10f.roa
Signing time: Thu 26 Jun 2025 19:38:46 +0000
ROA not before: Thu 26 Jun 2025 19:38:46 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:91:85:8a:62:45:22:c9:5f:ca:22:4c:e2:93:b3:c3:39:54:39:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:38:46 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=954e6f5d9c5dcf0e74ee224c3206a30207b4075b2efee310914414668dfe7e64, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:25:0a:f1:0e:73:d1:13:4a:85:c0:e6:0c:fd:
e8:58:3c:9b:3d:8c:a3:14:b2:42:aa:77:c9:da:5d:
14:dc:b6:10:ae:64:1b:dd:10:41:34:b0:d5:2c:b4:
37:09:4e:0f:e8:7e:aa:d1:56:01:61:21:54:08:47:
65:20:06:b7:c1:50:0c:6e:f6:ba:7d:2c:69:7d:de:
51:be:2b:ff:3e:da:63:1a:38:3f:05:6c:18:4c:d9:
b3:9d:2c:8f:10:2e:7d:d2:94:af:a0:e3:8b:c5:6c:
53:13:cb:6b:f6:70:c5:f6:8d:b3:b6:80:2e:1f:74:
ee:df:0e:63:5c:4d:30:57:a0:c8:c1:ad:fb:c9:c1:
85:06:80:56:d0:8b:32:46:4f:88:4e:49:8b:f9:45:
5e:30:e6:aa:d9:f1:42:51:0d:75:9b:90:68:eb:c0:
19:09:9a:61:7e:a8:27:2a:09:5a:cd:47:bb:58:c6:
4e:c2:57:50:93:34:d3:38:38:cf:e3:31:77:bc:47:
6c:fd:df:a4:ba:d6:4a:66:f2:66:5f:56:b9:b6:61:
ce:66:7e:cf:d2:b9:3c:53:58:06:b5:ac:cc:cb:0b:
fe:c7:87:2f:c1:c4:d5:34:f8:9a:31:06:de:88:6e:
70:f4:42:be:35:df:25:5e:b1:f0:89:cc:80:14:60:
77:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:3C:10:79:1F:7D:D1:54:25:5D:49:E9:09:6B:B5:FC:87:26:24:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/356f05f3-9814-4715-9f58-bf044bf5d10f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:880::/46
Signature Algorithm: sha256WithRSAEncryption
77:14:7c:10:07:85:09:74:26:17:7e:1d:c6:e1:6d:0c:b1:47:
fd:50:45:78:51:ce:0a:b9:7a:3b:8a:35:a9:91:f0:b0:63:8b:
99:40:af:eb:4e:91:c7:85:d5:83:bd:aa:61:18:dc:9e:df:6a:
ce:e0:43:6e:35:c8:77:99:7c:ee:4c:55:42:bf:3d:fd:4e:d4:
1a:03:37:cb:3f:19:70:f7:3d:b8:25:16:95:5e:aa:e5:7d:5a:
ac:cd:c6:81:9d:f7:55:23:2e:bc:7f:9d:28:ec:ba:ee:85:dd:
91:63:22:d6:9b:14:dc:5e:6c:cb:12:20:26:2b:05:a2:32:18:
18:2e:5e:18:43:5b:96:fc:cb:9d:d2:29:17:ea:d8:2b:cd:cc:
7f:72:c6:79:02:37:96:3b:7e:06:49:f2:66:8a:26:3f:1a:75:
01:21:c7:0b:e3:36:fb:86:36:96:f0:c0:ee:03:95:4e:8b:0a:
86:5f:e8:e2:02:ec:99:e0:4f:b1:a7:04:cb:9f:10:74:34:e9:
d1:64:03:b1:24:12:c3:e9:b2:bc:1f:9d:24:84:0a:f0:86:42:
8f:3f:72:74:0f:69:b0:f8:af:7e:10:25:73:d9:aa:76:6d:d8:
fd:52:63:e2:b9:fd:15:45:ea:4d:73:ee:2f:2e:a5:fe:bd:8e:
31:d1:d8:d7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKpGFimJFIslfyiJM4pOzwzlUOckwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM4NDZaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1NGU2ZjVkOWM1ZGNmMGU3NGVlMjI0YzMyMDZhMzAyMDdiNDA3NWIyZWZl
ZTMxMDkxNDQxNDY2OGRmZTdlNjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJQlCvEOc9ETSoXA5gz96Fg8mz2MoxSyQqp3ydpdFNy2EK5kG90QQTSw1Sy0
NwlOD+h+qtFWAWEhVAhHZSAGt8FQDG72un0saX3eUb4r/z7aYxo4PwVsGEzZs50s
jxAufdKUr6Dji8VsUxPLa/ZwxfaNs7aALh907t8OY1xNMFegyMGt+8nBhQaAVtCL
MkZPiE5Ji/lFXjDmqtnxQlENdZuQaOvAGQmaYX6oJyoJWs1Hu1jGTsJXUJM00zg4
z+Mxd7xHbP3fpLrWSmbyZl9WubZhzmZ+z9K5PFNYBrWszMsL/seHL8HE1TT4mjEG
3ohucPRCvjXfJV6x8InMgBRgd9sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBREPBB5
H33RVCVdSekJa7X8hyYkzTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzU2ZjA1ZjMtOTgxNC00NzE1LTlmNTgtYmYwNDRiZjVkMTBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMI
gDANBgkqhkiG9w0BAQsFAAOCAQEAdxR8EAeFCXQmF34dxuFtDLFH/VBFeFHOCrl6
O4o1qZHwsGOLmUCv606Rx4XVg72qYRjcnt9qzuBDbjXId5l87kxVQr89/U7UGgM3
yz8ZcPc9uCUWlV6q5X1arM3GgZ33VSMuvH+dKOy67oXdkWMi1psU3F5syxIgJisF
ojIYGC5eGENblvzLndIpF+rYK83Mf3LGeQI3ljt+BknyZoomPxp1ASHHC+M2+4Y2
lvDA7gOVTosKhl/o4gLsmeBPsacEy58QdDTp0WQDsSQSw+myvB+dJIQK8IZCjz9y
dA9psPivfhAlc9mqdm3Y/VJj4rn9FUXqTXPuLy6l/r2OMdHY1w==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:48 2025 by rpki-client