Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/446c7294-15f2-4794-9a7f-77119799815e.roa
File: 446c7294-15f2-4794-9a7f-77119799815e.roa (raw, json)
Hash identifier: JvTMKjsaDmGPR2O0pu7tmRVqCGZBg7kcW21/9dD3kRw=
Subject key identifier: 0E:DF:21:8E:89:95:F3:D9:D9:01:52:8A:7A:F1:BC:8B:34:C1:2D:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B05BBA4D09EFBF9DF7D56D1BCB4C53E5C7D11CA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/446c7294-15f2-4794-9a7f-77119799815e.roa
Signing time: Thu 26 Jun 2025 19:37:17 +0000
ROA not before: Thu 26 Jun 2025 19:37:17 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:60c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:05:bb:a4:d0:9e:fb:f9:df:7d:56:d1:bc:b4:c5:3e:5c:7d:11:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:37:17 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=b04e0835bf38a721f0e10b34e32c8e8bcb7d1e24ebcc3388a436aec48a1fa27b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ef:b6:ed:0a:c0:3e:c1:01:ae:be:7c:bf:e3:
68:8b:46:1e:8c:1d:a0:45:99:85:df:13:2b:68:05:
70:4a:48:6f:36:6e:8c:ac:63:22:4b:4d:d2:b8:dd:
73:e4:46:25:16:c6:cf:21:f7:0a:b9:b7:4b:3c:43:
ac:dd:95:2b:fa:28:e9:90:f4:01:85:9e:68:5d:a0:
09:0d:bd:a4:5f:ca:14:a9:3c:23:e7:07:d1:3b:75:
dd:7f:1b:7c:4e:92:99:0b:63:65:8f:7c:32:fb:6d:
1f:8a:ac:3b:16:60:97:7c:06:70:6b:8b:25:fa:48:
57:0d:76:51:40:70:98:4c:43:e7:79:43:bd:13:6b:
9a:c6:92:36:80:e1:cc:8f:14:8e:e3:d6:31:70:1d:
39:54:d2:a2:50:78:8b:72:c4:dd:7d:0c:21:8b:99:
4b:43:9d:63:18:08:76:06:12:74:24:11:ab:55:41:
b7:c2:50:bf:62:9e:82:01:f9:c7:3e:77:63:b8:e1:
1c:cf:33:71:89:27:b4:9c:04:94:96:9e:19:47:cc:
1c:fb:25:01:b3:28:68:8b:e2:66:07:e6:4d:85:17:
b3:bf:8d:ef:74:d0:56:fd:d6:b1:9f:4e:99:92:96:
d6:02:f1:ff:9f:5d:eb:bc:4a:a9:0f:98:4f:b2:69:
56:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:DF:21:8E:89:95:F3:D9:D9:01:52:8A:7A:F1:BC:8B:34:C1:2D:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/446c7294-15f2-4794-9a7f-77119799815e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
c7:ec:26:a4:79:21:38:a3:10:d4:2f:9d:d0:66:23:03:41:cd:
32:d1:9c:29:27:7c:ad:37:d4:87:6e:95:55:f0:8d:10:6f:53:
6a:9b:da:99:f4:c2:e6:a6:0a:2a:9c:94:06:01:c5:1b:06:dc:
b0:8a:13:aa:e8:d3:f9:63:5e:5e:dc:3c:50:33:b0:96:bf:0a:
1d:ec:c3:a4:af:99:38:6d:23:09:bb:41:c9:96:a8:c1:7e:cf:
b8:59:e1:c5:37:9e:fa:00:e5:55:df:e3:f1:26:ea:d2:16:d2:
75:6a:89:5c:b0:06:24:41:aa:ba:b4:14:89:52:1f:f0:1c:92:
dd:0e:64:bf:8e:ef:4b:28:d0:0b:87:13:e7:0a:eb:0c:a6:c3:
b9:90:a5:b7:38:d9:ec:e9:8c:c2:46:85:ef:d2:0f:41:f2:4e:
90:ed:38:7f:ed:cf:c7:a7:4c:93:47:37:c8:c5:fe:6e:35:aa:
23:52:83:ba:92:10:bf:78:11:98:ca:7e:38:15:98:90:d0:a0:
57:a2:b2:97:2e:2e:59:48:5f:ad:58:72:90:ea:2c:6f:17:b8:
50:ff:b5:0a:f7:4a:a5:41:d8:38:1a:08:69:12:21:69:31:ed:
ff:2f:6a:86:d0:7f:d3:9e:3a:98:2a:2c:8b:ee:54:aa:2f:67:
d0:da:1f:e1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSwW7pNCe+/nffVbRvLTFPlx9EcowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM3MTdaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwNGUwODM1YmYzOGE3MjFmMGUxMGIzNGUzMmM4ZThiY2I3ZDFlMjRlYmNj
MzM4OGE0MzZhZWM0OGExZmEyN2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANnvtu0KwD7BAa6+fL/jaItGHowdoEWZhd8TK2gFcEpIbzZujKxjIktN0rjd
c+RGJRbGzyH3Crm3SzxDrN2VK/oo6ZD0AYWeaF2gCQ29pF/KFKk8I+cH0Tt13X8b
fE6SmQtjZY98MvttH4qsOxZgl3wGcGuLJfpIVw12UUBwmExD53lDvRNrmsaSNoDh
zI8UjuPWMXAdOVTSolB4i3LE3X0MIYuZS0OdYxgIdgYSdCQRq1VBt8JQv2KeggH5
xz53Y7jhHM8zcYkntJwElJaeGUfMHPslAbMoaIviZgfmTYUXs7+N73TQVv3WsZ9O
mZKW1gLx/59d67xKqQ+YT7JpVgcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQO3yGO
iZXz2dkBUop68byLNMEtjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQ2YzcyOTQtMTVmMi00Nzk0LTlhN2YtNzcxMTk3OTk4MTVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNg
wDANBgkqhkiG9w0BAQsFAAOCAQEAx+wmpHkhOKMQ1C+d0GYjA0HNMtGcKSd8rTfU
h26VVfCNEG9TapvamfTC5qYKKpyUBgHFGwbcsIoTqujT+WNeXtw8UDOwlr8KHezD
pK+ZOG0jCbtByZaowX7PuFnhxTee+gDlVd/j8Sbq0hbSdWqJXLAGJEGqurQUiVIf
8ByS3Q5kv47vSyjQC4cT5wrrDKbDuZCltzjZ7OmMwkaF79IPQfJOkO04f+3Px6dM
k0c3yMX+bjWqI1KDupIQv3gRmMp+OBWYkNCgV6Kyly4uWUhfrVhykOosbxe4UP+1
CvdKpUHYOBoIaRIhaTHt/y9qhtB/0546mCosi+5Uqi9n0Nof4Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:06:59 2025 by rpki-client