Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
File: 44d8b686-7db5-4309-8f09-3af611be3753.roa (raw, json)
Hash identifier: tL82n/u+CwaWlDxnS2FvH3oauDfOTGfhMBmMrBjGtb4=
Subject key identifier: 39:1A:2B:8A:5A:BC:B7:E1:AC:BC:02:B1:91:EC:78:01:13:62:DE:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 383C60917385C34B776DA96A9686385A298844C4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
Signing time: Tue 05 Aug 2025 19:31:44 +0000
ROA not before: Tue 05 Aug 2025 19:31:44 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:3c:60:91:73:85:c3:4b:77:6d:a9:6a:96:86:38:5a:29:88:44:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:44 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=b55af0e4cd94a79c697e20081c143e460aad7d451c5b8fb405a7c74d6a58afe0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c2:d9:11:f5:af:73:84:6c:0a:9d:68:0a:3a:
c9:81:de:ee:cc:b7:80:f3:35:e3:79:72:6d:6d:29:
d1:c8:7b:3a:14:31:80:e3:41:1e:53:9d:23:67:e4:
88:16:c5:cf:3f:de:a4:28:e4:26:8b:f7:3e:d6:03:
fa:ac:37:e9:28:ef:b1:b7:01:08:86:9c:88:47:02:
fb:30:27:cc:9b:bd:21:66:20:e7:98:90:9e:44:70:
87:77:66:f9:b7:17:2f:10:50:3d:ba:94:6f:30:ca:
46:58:53:2f:3f:c7:c7:01:15:93:0b:d2:cb:3d:f5:
52:a0:2e:40:49:8d:5b:0a:9e:3f:05:0b:6b:e0:02:
19:73:d3:bd:fd:6a:7c:91:e8:e8:6b:29:96:8c:bb:
0d:61:26:90:5a:bc:82:63:02:59:1e:82:26:90:43:
e4:90:71:2d:9a:f9:c7:c0:10:b6:a5:f5:56:68:47:
80:c2:d9:a8:3f:f2:08:5e:f4:04:c0:57:32:ec:ce:
12:8c:a0:49:f9:a4:1d:c4:1f:00:4b:72:33:82:c1:
f5:25:66:a0:29:14:5f:1d:f8:ae:91:c4:e0:a0:06:
9d:61:91:e9:b6:76:19:fd:76:1c:a5:c1:ed:7b:37:
0c:de:df:1f:69:da:b8:07:5f:d6:ad:6f:93:c8:4d:
1c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:1A:2B:8A:5A:BC:B7:E1:AC:BC:02:B1:91:EC:78:01:13:62:DE:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:c000::/40
Signature Algorithm: sha256WithRSAEncryption
79:67:6d:e1:9a:e7:37:8f:f6:ee:6e:35:8c:ef:34:95:92:a3:
07:8a:3d:9c:67:91:ae:1e:b5:b9:44:f5:47:9f:f5:69:32:90:
cc:c9:e8:2f:a8:b2:8d:06:be:d9:d7:6f:a4:ac:cc:2e:21:f2:
30:bd:31:dc:45:bc:50:3b:48:0f:4c:3b:94:1a:28:16:b6:81:
7b:fe:db:c3:b8:55:13:7a:bf:e0:ea:69:19:a9:8e:fc:45:6d:
50:c2:a8:06:6c:99:51:0e:19:3c:a6:da:db:a5:db:17:19:00:
a2:44:d0:ab:0e:fc:ee:8e:c4:f3:a1:e0:a9:a3:e2:0b:c1:e8:
20:6d:c7:1a:6a:4c:ae:f0:a1:c9:16:ad:fe:bc:ec:93:fb:a3:
bd:c3:e2:6b:1c:1b:e1:83:12:42:51:d1:0a:03:5a:c6:97:71:
8b:57:d4:07:8f:67:96:cc:51:53:df:89:63:97:d2:20:e1:42:
65:aa:f2:f4:23:1a:9b:a5:e9:31:c0:6b:97:e7:7c:c7:52:21:
6e:3e:83:52:4b:0a:0b:a8:ef:66:da:13:a2:63:f6:1b:33:a5:
11:75:7d:89:6f:95:60:93:2a:f1:3d:bc:2a:c4:8f:76:6a:5f:
c9:f9:60:b9:a1:e9:ff:ff:23:ed:04:8e:b1:92:b7:08:d6:c4:
a7:68:78:20
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUODxgkXOFw0t3balqloY4WimIRMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxNDRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1NWFmMGU0Y2Q5NGE3OWM2OTdlMjAwODFjMTQzZTQ2MGFhZDdkNDUxYzVi
OGZiNDA1YTdjNzRkNmE1OGFmZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDC2RH1r3OEbAqdaAo6yYHe7sy3gPM143lybW0p0ch7OhQxgONBHlOdI2fk
iBbFzz/epCjkJov3PtYD+qw36SjvsbcBCIaciEcC+zAnzJu9IWYg55iQnkRwh3dm
+bcXLxBQPbqUbzDKRlhTLz/HxwEVkwvSyz31UqAuQEmNWwqePwULa+ACGXPTvf1q
fJHo6Gsploy7DWEmkFq8gmMCWR6CJpBD5JBxLZr5x8AQtqX1VmhHgMLZqD/yCF70
BMBXMuzOEoygSfmkHcQfAEtyM4LB9SVmoCkUXx34rpHE4KAGnWGR6bZ2Gf12HKXB
7Xs3DN7fH2nauAdf1q1vk8hNHEcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ5GiuK
Wry34ay8ArGR7HgBE2LeqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDRkOGI2ODYtN2RiNS00MzA5LThmMDktM2FmNjExYmUzNzUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HrA
MA0GCSqGSIb3DQEBCwUAA4IBAQB5Z23hmuc3j/bubjWM7zSVkqMHij2cZ5GuHrW5
RPVHn/VpMpDMyegvqLKNBr7Z12+krMwuIfIwvTHcRbxQO0gPTDuUGigWtoF7/tvD
uFUTer/g6mkZqY78RW1QwqgGbJlRDhk8ptrbpdsXGQCiRNCrDvzujsTzoeCpo+IL
weggbccaakyu8KHJFq3+vOyT+6O9w+JrHBvhgxJCUdEKA1rGl3GLV9QHj2eWzFFT
34ljl9Ig4UJlqvL0IxqbpekxwGuX53zHUiFuPoNSSwoLqO9m2hOiY/YbM6URdX2J
b5VgkyrxPbwqxI92al/J+WC5oen//yPtBI6xkrcI1sSnaHgg
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:08 2025 by rpki-client