Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
File: 3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa (raw, json)
Hash identifier: cXEF1Qgtj4EuidcBujgUhZDmHgfJpOZzHk70uA1aQQc=
Subject key identifier: 5C:A6:22:3A:33:75:2A:A9:60:78:2C:D5:E4:E1:89:E1:F0:93:32:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 080C4F14E608F794BA1EB3703E54D5416A90A2BF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
Signing time: Tue 05 Aug 2025 19:00:03 +0000
ROA not before: Tue 05 Aug 2025 19:00:03 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:0c:4f:14:e6:08:f7:94:ba:1e:b3:70:3e:54:d5:41:6a:90:a2:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:00:03 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=bd96dada7027f997ca63b9adfaf393d668acb0f103215643b4a24509a1cafe72, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:80:64:92:0d:0d:05:37:4f:53:14:28:07:eb:
e8:ea:46:a8:69:53:c4:ed:d5:c6:1c:08:0a:9c:6b:
c8:8a:67:e0:87:a9:82:c4:da:3a:77:ff:40:06:6f:
5b:04:e3:4d:b0:d4:c0:aa:24:54:b1:58:f4:7f:5d:
ec:89:23:64:48:03:29:b5:2b:b8:6c:b4:44:81:7e:
e8:27:66:ff:88:fe:82:3d:81:cf:57:a9:2b:8f:e8:
8e:49:c6:9c:5c:e5:25:43:5c:d2:21:5b:c7:99:df:
cf:99:5b:0b:84:ce:cc:68:bc:a7:00:e5:2c:79:7f:
45:5b:66:68:eb:7d:90:37:7c:1b:6e:2c:30:5b:fc:
2b:68:43:71:fe:e8:80:63:76:58:a3:0f:24:f4:00:
8c:3c:b4:37:9a:a2:b3:ca:4d:25:b6:12:4b:8f:6d:
cd:76:59:1d:a5:fb:af:a7:a7:f8:69:95:02:1f:80:
54:e8:43:82:77:04:63:db:8d:73:bb:94:3d:1f:17:
21:28:47:f3:db:ea:d0:78:ba:7c:76:a8:e7:fe:3a:
22:44:34:d3:f4:39:50:c2:57:03:c3:19:4d:32:30:
27:26:18:39:25:46:03:31:92:44:42:78:bc:94:16:
91:16:ed:99:8f:cd:cc:ba:74:8c:6c:b3:05:89:ed:
64:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A6:22:3A:33:75:2A:A9:60:78:2C:D5:E4:E1:89:E1:F0:93:32:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:b000::/40
Signature Algorithm: sha256WithRSAEncryption
24:15:9a:ab:75:8a:5a:c5:eb:49:69:aa:43:e0:31:ec:fb:53:
fb:0c:c9:03:99:ed:4f:f6:c9:b5:77:69:af:2d:ca:d8:43:7a:
9d:09:19:63:4a:bc:6b:49:04:11:c7:74:04:46:00:66:46:5a:
8d:7c:23:3a:9f:74:13:0f:17:c4:67:a7:b8:c0:03:ca:16:ff:
0e:4c:4e:1c:03:59:b7:35:e1:5c:7e:ad:e0:73:b5:8a:94:f0:
e7:6a:e0:ea:1a:41:e4:68:8d:9d:ea:7e:2e:03:14:8b:10:73:
d0:72:46:96:ac:2b:b6:e5:03:7c:23:27:49:bb:8e:77:63:38:
c5:7d:8e:42:56:dd:6f:f4:df:74:ab:fc:a5:71:2e:0e:d8:43:
20:c3:f2:c3:22:09:b1:3c:b7:65:81:c8:34:39:97:5e:b3:96:
ae:6a:1c:3b:ed:8f:d6:12:63:9a:7f:40:ff:60:5d:ab:af:b9:
7e:a7:a7:60:2e:52:b2:06:66:ef:15:bd:2c:18:7f:e6:0c:ad:
fd:82:4c:c2:c1:1d:c9:ab:5b:2d:82:17:9f:08:12:8b:fe:54:
85:74:5b:bb:c4:69:18:73:05:b9:75:6e:70:e6:69:48:53:0c:
54:40:62:41:49:dc:47:64:e0:11:ab:83:21:aa:d0:21:7c:f5:
54:97:27:6d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCAxPFOYI95S6HrNwPlTVQWqQor8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAwMDNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkOTZkYWRhNzAyN2Y5OTdjYTYzYjlhZGZhZjM5M2Q2NjhhY2IwZjEwMzIx
NTY0M2I0YTI0NTA5YTFjYWZlNzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANmAZJINDQU3T1MUKAfr6OpGqGlTxO3VxhwICpxryIpn4IepgsTaOnf/QAZv
WwTjTbDUwKokVLFY9H9d7IkjZEgDKbUruGy0RIF+6Cdm/4j+gj2Bz1epK4/ojknG
nFzlJUNc0iFbx5nfz5lbC4TOzGi8pwDlLHl/RVtmaOt9kDd8G24sMFv8K2hDcf7o
gGN2WKMPJPQAjDy0N5qis8pNJbYSS49tzXZZHaX7r6en+GmVAh+AVOhDgncEY9uN
c7uUPR8XIShH89vq0Hi6fHao5/46IkQ00/Q5UMJXA8MZTTIwJyYYOSVGAzGSREJ4
vJQWkRbtmY/NzLp0jGyzBYntZGsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRcpiI6
M3UqqWB4LNXk4Ynh8JMyWzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2E2YWJhMWYtNDQwZS00ODc0LTkxOTMtYTNhMWY2ZWEzZWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKw
MA0GCSqGSIb3DQEBCwUAA4IBAQAkFZqrdYpaxetJaapD4DHs+1P7DMkDme1P9sm1
d2mvLcrYQ3qdCRljSrxrSQQRx3QERgBmRlqNfCM6n3QTDxfEZ6e4wAPKFv8OTE4c
A1m3NeFcfq3gc7WKlPDnauDqGkHkaI2d6n4uAxSLEHPQckaWrCu25QN8IydJu453
YzjFfY5CVt1v9N90q/ylcS4O2EMgw/LDIgmxPLdlgcg0OZdes5auahw77Y/WEmOa
f0D/YF2rr7l+p6dgLlKyBmbvFb0sGH/mDK39gkzCwR3Jq1stghefCBKL/lSFdFu7
xGkYcwW5dW5w5mlIUwxUQGJBSdxHZOARq4MhqtAhfPVUlydt
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:54:10 2025 by rpki-client