Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
File: 455a2efe-3411-42cf-a196-73c25845d48c.roa (raw, json)
Hash identifier: Rv6uLij6+ZMbS+7+MC7/9cG6XeIE9Bo4FTsmn+XLvDs=
Subject key identifier: 04:7A:22:AD:61:1C:54:F1:74:D0:3A:7B:9E:3C:E4:3A:0D:C4:78:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 215029AD8F2471E19503A23FB8D7FC06036CF8FA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
Signing time: Tue 05 Aug 2025 19:51:05 +0000
ROA not before: Tue 05 Aug 2025 19:51:05 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:50:29:ad:8f:24:71:e1:95:03:a2:3f:b8:d7:fc:06:03:6c:f8:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:51:05 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=d2bfba9f53ed602d46718d61190215bab7d7bb0c05d05622382aa6a87b06daf6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:01:e2:b2:0e:34:e1:ee:cd:8f:13:bb:d6:6e:
a3:fb:c3:fe:5c:4a:2f:03:02:ce:52:fb:88:e4:5c:
52:52:6b:68:95:db:4f:fc:85:e2:94:1e:e2:df:e9:
e4:3a:37:f3:0e:a3:af:6b:81:e2:52:08:fb:df:da:
37:2f:2b:ac:fe:df:72:12:17:1a:70:2d:9d:81:8a:
98:53:9c:ea:83:29:a4:e5:81:88:64:45:2b:06:e9:
90:7a:21:47:33:b0:c4:28:71:9c:cd:12:c2:ad:b9:
62:0f:66:dc:29:6c:9d:b6:28:93:fd:c1:65:43:73:
54:b3:2e:ae:3a:3e:03:50:04:38:2b:3d:0e:3d:d1:
4b:c0:c2:43:f6:ee:d9:5e:c3:a9:69:7e:47:6a:af:
e0:1e:15:f4:8a:52:89:00:ea:70:b2:20:b8:54:a8:
25:06:3c:5a:b1:74:3d:cd:d2:7b:18:39:87:50:dd:
2b:7d:3a:ae:38:3e:53:30:33:3d:7e:20:c4:f4:8a:
48:d8:87:aa:4c:82:65:6e:30:38:df:00:7c:88:e2:
05:4d:37:9d:16:16:90:2d:d3:78:59:d1:e0:5a:bb:
d1:a5:26:17:df:02:11:50:f8:c2:1c:4a:65:2e:2a:
63:eb:7f:11:e2:6e:c3:0b:85:3c:4d:ad:a4:a6:01:
ad:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:7A:22:AD:61:1C:54:F1:74:D0:3A:7B:9E:3C:E4:3A:0D:C4:78:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:2000::/40
Signature Algorithm: sha256WithRSAEncryption
c9:d3:eb:32:ee:a5:67:2d:0b:e5:44:b8:b6:a6:f0:8a:19:27:
66:bd:66:0b:06:e5:51:3b:ab:47:70:97:45:28:f7:fc:45:4d:
fa:3c:4f:19:de:36:6d:a9:52:b7:c4:b8:45:f2:d8:d0:be:65:
81:35:35:d9:08:24:c0:70:8b:1d:0b:60:fb:40:f6:83:f5:3f:
62:ec:56:f7:6e:24:e3:b2:5a:20:7e:d7:3a:32:6a:98:26:dd:
1b:b6:3f:84:10:c6:01:11:a9:d2:ea:ed:4a:ab:f1:79:72:ed:
e9:b6:76:18:09:2c:8c:66:e4:49:73:c5:cd:c2:84:ec:09:c5:
65:68:19:95:45:74:a6:c6:c8:74:7d:64:a1:9d:b8:f4:b2:f8:
d2:a5:a6:2f:67:5f:37:85:54:0d:3b:ad:7e:83:e2:c1:85:6d:
ac:c2:31:77:e6:d6:59:77:17:23:8c:ca:9d:8d:2d:75:6f:52:
7c:cb:e8:92:dd:89:5d:0b:ee:51:ca:d3:ea:02:52:fa:6a:93:
ea:30:53:3b:0a:34:1a:54:99:b9:6f:a2:00:96:03:62:7f:23:
51:42:6a:47:d5:37:b1:b1:39:40:13:e8:de:ce:c1:6b:d7:7d:
35:bf:83:5e:26:62:06:d5:0b:11:df:0c:54:3f:da:b1:a7:8c:
ee:a5:0b:2e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIVAprY8kceGVA6I/uNf8BgNs+PowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUxMDVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyYmZiYTlmNTNlZDYwMmQ0NjcxOGQ2MTE5MDIxNWJhYjdkN2JiMGMwNWQw
NTYyMjM4MmFhNmE4N2IwNmRhZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYB4rIONOHuzY8Tu9Zuo/vD/lxKLwMCzlL7iORcUlJraJXbT/yF4pQe4t/p
5Do38w6jr2uB4lII+9/aNy8rrP7fchIXGnAtnYGKmFOc6oMppOWBiGRFKwbpkHoh
RzOwxChxnM0Swq25Yg9m3ClsnbYok/3BZUNzVLMurjo+A1AEOCs9Dj3RS8DCQ/bu
2V7DqWl+R2qv4B4V9IpSiQDqcLIguFSoJQY8WrF0Pc3Sexg5h1DdK306rjg+UzAz
PX4gxPSKSNiHqkyCZW4wON8AfIjiBU03nRYWkC3TeFnR4Fq70aUmF98CEVD4whxK
ZS4qY+t/EeJuwwuFPE2tpKYBrWsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQEeiKt
YRxU8XTQOnuePOQ6DcR4SDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1YTJlZmUtMzQxMS00MmNmLWExOTYtNzNjMjU4NDVkNDhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fgg
MA0GCSqGSIb3DQEBCwUAA4IBAQDJ0+sy7qVnLQvlRLi2pvCKGSdmvWYLBuVRO6tH
cJdFKPf8RU36PE8Z3jZtqVK3xLhF8tjQvmWBNTXZCCTAcIsdC2D7QPaD9T9i7Fb3
biTjslogftc6MmqYJt0btj+EEMYBEanS6u1Kq/F5cu3ptnYYCSyMZuRJc8XNwoTs
CcVlaBmVRXSmxsh0fWShnbj0svjSpaYvZ183hVQNO61+g+LBhW2swjF35tZZdxcj
jMqdjS11b1J8y+iS3YldC+5RytPqAlL6apPqMFM7CjQaVJm5b6IAlgNifyNRQmpH
1TexsTlAE+jezsFr1301v4NeJmIG1QsR3wxUP9qxp4zupQsu
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:57 2025 by rpki-client