Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/452f19af-8187-465e-9ab8-4e678c11315e.roa
File: 452f19af-8187-465e-9ab8-4e678c11315e.roa (raw, json)
Hash identifier: 3aWLh6r9cKGXcekpkbkMUSGnKrfF6j234KWgO0Qf9Kc=
Subject key identifier: 6E:29:B2:73:55:D2:D1:3A:92:B4:2F:5E:0A:E6:2C:43:5E:AD:9C:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6AD34AEDFB7CC770EBFFE5BE79BAD38A189E2A82
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/452f19af-8187-465e-9ab8-4e678c11315e.roa
Signing time: Mon 16 Jun 2025 21:40:59 +0000
ROA not before: Mon 16 Jun 2025 21:40:59 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:d3:4a:ed:fb:7c:c7:70:eb:ff:e5:be:79:ba:d3:8a:18:9e:2a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:40:59 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=bcfbe985c53f354eaa93358e6e8819bd4b6c5902e800d09aa9ba0a05293fffb2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f6:90:34:25:fc:a7:a3:92:89:0d:29:9b:7b:
28:d8:f2:52:56:3b:3f:6f:4f:96:c4:77:6d:56:3d:
8e:dd:7c:b4:a6:68:22:76:30:cf:87:bb:54:7a:d9:
3d:45:56:70:fd:ae:57:c0:6b:6e:bf:42:71:33:15:
86:da:89:d3:6f:c2:f1:f1:51:88:e8:9b:8c:a3:ab:
b4:db:78:91:9f:ec:1a:27:77:41:0b:ad:73:ee:41:
c8:8f:d1:8d:41:a4:52:8a:2d:c7:12:b0:85:ea:10:
d7:d1:b5:7a:a2:66:88:5a:0e:fb:d7:30:91:02:81:
4c:20:f9:94:5d:5c:6e:9d:14:b4:57:2a:e1:75:b7:
75:ac:ba:6c:15:8a:bc:59:5c:2e:eb:e0:65:4c:88:
a5:48:a6:34:b5:74:a0:fc:96:c5:e1:e9:ab:7a:30:
6b:c0:31:03:44:03:29:d7:02:14:d3:a0:59:74:01:
64:43:55:d4:2f:57:09:d5:98:0e:8f:04:94:54:79:
35:7f:d1:84:ed:0d:fc:9c:02:b9:18:fc:e2:fd:79:
60:ca:68:06:9a:8d:c6:27:74:73:2b:d9:90:7f:b7:
22:65:0a:96:00:3c:c4:ae:65:89:54:61:1e:ea:08:
d0:34:cb:3d:bb:95:ac:7b:8a:4f:d3:5b:dc:18:68:
3d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:29:B2:73:55:D2:D1:3A:92:B4:2F:5E:0A:E6:2C:43:5E:AD:9C:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/452f19af-8187-465e-9ab8-4e678c11315e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b::/37
Signature Algorithm: sha256WithRSAEncryption
ba:cf:3f:9b:7c:45:64:ad:35:1f:8e:cd:be:11:3b:27:41:2c:
07:9f:bf:66:33:78:9a:ff:33:0d:cb:8a:2f:69:9b:7a:c7:03:
ac:2c:3f:96:d2:f3:51:e6:9e:02:07:63:25:d1:e3:05:ee:e1:
b9:21:83:c3:c3:7a:37:e0:19:3d:06:40:8a:3c:c8:c9:17:bb:
f4:4f:62:85:bf:fe:c8:d3:7c:c7:7e:69:25:1e:89:0a:f5:bf:
08:20:44:f9:da:5f:c5:4d:ca:bf:9d:9e:64:96:bc:de:e6:f6:
f9:f2:48:27:8b:d9:03:65:12:02:14:33:8c:22:58:2f:38:41:
a6:3e:e5:29:c8:91:36:6d:4b:5b:13:e1:6a:33:87:32:e4:7d:
36:53:13:b6:4b:84:54:01:7b:93:ae:7d:17:30:06:35:3e:e6:
6d:bf:99:62:6e:3f:b3:14:ff:a6:d3:8b:af:ac:84:fd:a5:65:
d9:49:fc:78:5f:e6:28:1c:4f:7d:72:81:58:7e:3a:e7:5f:84:
60:57:94:35:8e:b1:6c:da:c9:9a:9b:82:6f:b1:81:ee:b8:d1:
04:5b:1c:43:5a:b7:6b:aa:df:b7:62:9a:d8:6e:12:8b:c2:e8:
e6:1c:9e:5a:75:97:45:04:fb:14:04:8c:5f:05:9d:43:83:6c:
32:cd:fc:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUatNK7ft8x3Dr/+W+ebrTihieKoIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQwNTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjZmJlOTg1YzUzZjM1NGVhYTkzMzU4ZTZlODgxOWJkNGI2YzU5MDJlODAw
ZDA5YWE5YmEwYTA1MjkzZmZmYjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/2kDQl/KejkokNKZt7KNjyUlY7P29PlsR3bVY9jt18tKZoInYwz4e7VHrZ
PUVWcP2uV8Brbr9CcTMVhtqJ02/C8fFRiOibjKOrtNt4kZ/sGid3QQutc+5ByI/R
jUGkUootxxKwheoQ19G1eqJmiFoO+9cwkQKBTCD5lF1cbp0UtFcq4XW3day6bBWK
vFlcLuvgZUyIpUimNLV0oPyWxeHpq3owa8AxA0QDKdcCFNOgWXQBZENV1C9XCdWY
Do8ElFR5NX/RhO0N/JwCuRj84v15YMpoBpqNxid0cyvZkH+3ImUKlgA8xK5liVRh
HuoI0DTLPbuVrHuKT9Nb3BhoPb8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRuKbJz
VdLROpK0L14K5ixDXq2cZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDUyZjE5YWYtODE4Ny00NjVlLTlhYjgtNGU2NzhjMTEzMTVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0CsA
MA0GCSqGSIb3DQEBCwUAA4IBAQC6zz+bfEVkrTUfjs2+ETsnQSwHn79mM3ia/zMN
y4ovaZt6xwOsLD+W0vNR5p4CB2Ml0eMF7uG5IYPDw3o34Bk9BkCKPMjJF7v0T2KF
v/7I03zHfmklHokK9b8IIET52l/FTcq/nZ5klrze5vb58kgni9kDZRICFDOMIlgv
OEGmPuUpyJE2bUtbE+FqM4cy5H02UxO2S4RUAXuTrn0XMAY1PuZtv5libj+zFP+m
04uvrIT9pWXZSfx4X+YoHE99coFYfjrnX4RgV5Q1jrFs2smam4JvsYHuuNEEWxxD
Wrdrqt+3YprYbhKLwujmHJ5adZdFBPsUBIxfBZ1Dg2wyzfy5
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:09 2025 by rpki-client