Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45d0d709-7b92-4c46-9d95-6605e2a3d35e.roa
File: 45d0d709-7b92-4c46-9d95-6605e2a3d35e.roa (raw, json)
Hash identifier: 2ge5X2S2JUgG5ewcm6jNOwzAz2QGVYel3SDDqwEdv9Q=
Subject key identifier: 2C:28:0C:1F:AB:90:54:26:F6:12:33:A5:5B:E2:1E:E7:49:32:71:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 316E3C66D54DC943DF4F0808D7C0FA151E9FE891
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45d0d709-7b92-4c46-9d95-6605e2a3d35e.roa
Signing time: Mon 16 Jun 2025 21:10:06 +0000
ROA not before: Mon 16 Jun 2025 21:10:06 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:6e:3c:66:d5:4d:c9:43:df:4f:08:08:d7:c0:fa:15:1e:9f:e8:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:10:06 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=fde08672ba7167d182a09f7b9a9675b3938d7c3eb249d9e2c6d9c39050ba20e6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bd:3e:0c:fc:85:45:e5:f7:91:fe:f7:dc:34:
5e:3b:c0:32:cc:ce:5e:4c:05:fc:1a:23:14:82:18:
04:db:c2:6f:70:e5:46:fc:18:37:9c:a0:fe:a6:66:
34:0c:7b:a5:8c:6c:6b:3e:5e:14:af:8b:b3:c6:5d:
03:45:23:30:b6:d1:2f:7d:01:50:b5:8f:d4:98:cc:
a1:f9:02:18:43:e9:8c:db:87:f3:fc:50:7c:38:53:
55:3a:96:06:87:dc:be:bf:2a:c3:31:07:4f:23:7c:
57:eb:b5:f6:c6:6d:48:c1:89:fb:a4:0b:c8:37:2e:
aa:1f:48:af:b7:36:d8:42:9a:95:37:5d:9e:2e:a2:
06:e0:a2:06:7a:aa:9a:6d:4d:2a:82:42:18:0f:e5:
82:75:eb:bf:dc:19:81:df:09:ca:df:bc:1e:4d:cc:
37:20:14:00:4a:46:14:67:13:54:e6:af:c0:03:10:
eb:b5:00:5b:79:a2:91:c0:d8:53:56:28:38:0c:6b:
58:49:85:05:40:85:fd:85:89:f2:8c:42:3c:53:ad:
d7:d9:4d:64:e4:ac:d6:a9:11:f0:e8:e3:30:8b:41:
cf:f0:b3:fe:f8:f4:fb:10:63:32:3b:c9:81:be:64:
21:48:c1:ca:c1:b8:98:95:ca:02:17:e7:15:e6:a0:
c7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:28:0C:1F:AB:90:54:26:F6:12:33:A5:5B:E2:1E:E7:49:32:71:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45d0d709-7b92-4c46-9d95-6605e2a3d35e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:e000::/40
Signature Algorithm: sha256WithRSAEncryption
0f:d3:c8:2c:f5:df:ae:8d:e6:a3:ef:ef:af:20:43:a4:5e:3c:
4c:63:2e:83:8c:02:31:d2:19:09:0f:52:9a:04:04:af:ef:61:
58:f5:e8:59:e4:95:5c:4b:4f:ef:c4:91:92:ec:21:f6:58:d0:
f1:d4:b0:a1:89:30:e6:b9:25:4c:6c:36:e8:e2:cf:41:e9:27:
25:90:2b:34:8a:22:af:8c:56:75:7f:82:e0:c2:98:19:54:4c:
a7:59:8f:80:b7:28:72:50:56:61:5e:40:ec:cf:68:d3:8c:b8:
cc:df:73:fe:40:25:69:da:ef:c1:ca:75:b7:05:7b:6b:6a:e0:
10:2e:76:cd:57:3c:db:1f:7a:04:df:47:a2:7f:e3:36:94:f8:
d5:28:3c:7c:7b:56:6b:b3:46:67:85:91:7d:56:2e:86:70:5e:
d1:11:7a:0b:93:98:44:cd:c4:df:77:2e:02:f9:a9:db:c8:00:
c1:71:0a:94:9a:a6:84:b6:f3:46:98:85:1d:36:4e:a4:f1:ba:
a1:f2:ba:48:06:17:b6:9b:04:eb:dc:36:de:98:1a:0f:5d:d8:
02:b2:ed:38:7e:ce:51:b8:59:ed:7b:55:3e:4b:f3:21:5f:99:
02:ac:58:c6:e9:60:26:b0:f1:d1:63:e9:e1:d2:e1:f4:ff:91:
50:b3:17:4d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMW48ZtVNyUPfTwgI18D6FR6f6JEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTEwMDZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkZTA4NjcyYmE3MTY3ZDE4MmEwOWY3YjlhOTY3NWIzOTM4ZDdjM2ViMjQ5
ZDllMmM2ZDljMzkwNTBiYTIwZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALm9Pgz8hUXl95H+99w0XjvAMszOXkwF/BojFIIYBNvCb3DlRvwYN5yg/qZm
NAx7pYxsaz5eFK+Ls8ZdA0UjMLbRL30BULWP1JjMofkCGEPpjNuH8/xQfDhTVTqW
Bofcvr8qwzEHTyN8V+u19sZtSMGJ+6QLyDcuqh9Ir7c22EKalTddni6iBuCiBnqq
mm1NKoJCGA/lgnXrv9wZgd8Jyt+8Hk3MNyAUAEpGFGcTVOavwAMQ67UAW3mikcDY
U1YoOAxrWEmFBUCF/YWJ8oxCPFOt19lNZOSs1qkR8OjjMItBz/Cz/vj0+xBjMjvJ
gb5kIUjBysG4mJXKAhfnFeagxxECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQsKAwf
q5BUJvYSM6Vb4h7nSTJxvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDVkMGQ3MDktN2I5Mi00YzQ2LTlkOTUtNjYwNWUyYTNkMzVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HXg
MA0GCSqGSIb3DQEBCwUAA4IBAQAP08gs9d+ujeaj7++vIEOkXjxMYy6DjAIx0hkJ
D1KaBASv72FY9ehZ5JVcS0/vxJGS7CH2WNDx1LChiTDmuSVMbDbo4s9B6SclkCs0
iiKvjFZ1f4LgwpgZVEynWY+AtyhyUFZhXkDsz2jTjLjM33P+QCVp2u/BynW3BXtr
auAQLnbNVzzbH3oE30eif+M2lPjVKDx8e1Zrs0ZnhZF9Vi6GcF7REXoLk5hEzcTf
dy4C+anbyADBcQqUmqaEtvNGmIUdNk6k8bqh8rpIBhe2mwTr3DbemBoPXdgCsu04
fs5RuFnte1U+S/MhX5kCrFjG6WAmsPHRY+nh0uH0/5FQsxdN
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:28:42 2025 by rpki-client