Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57c971db-5779-4af6-9c2f-2c7cd904e742.roa
File: 57c971db-5779-4af6-9c2f-2c7cd904e742.roa (raw, json)
Hash identifier: iJQvmjHwKX6240/eLaG74OFwFanjhDzjMOMRcjTWQwQ=
Subject key identifier: C5:1F:E7:A4:F9:17:09:BE:63:D1:9A:11:F7:7E:BE:91:35:3E:CB:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7957B4FF93A537C4C20A3E52EC285455202BC1E1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57c971db-5779-4af6-9c2f-2c7cd904e742.roa
Signing time: Tue 05 Aug 2025 19:11:28 +0000
ROA not before: Tue 05 Aug 2025 19:11:28 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:c000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:57:b4:ff:93:a5:37:c4:c2:0a:3e:52:ec:28:54:55:20:2b:c1:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:11:28 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=19edf4fdfdd03a574f287f49265d32622493616c1788b340462dc59f28216897, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2c:3a:db:e2:20:83:41:6c:35:4f:0d:9b:56:
d3:c2:59:bf:4a:05:72:00:42:4f:38:a5:e7:ce:5b:
bb:74:f5:4f:0f:2d:90:02:b3:15:78:f5:f3:b0:69:
87:a4:d4:00:16:9c:4b:38:9b:a6:92:24:2d:ac:a5:
c6:68:a2:06:5b:3c:86:e4:eb:f5:6c:47:e0:73:bd:
83:bb:c2:b3:c8:e1:f2:03:c6:3d:8d:09:0f:f0:a5:
a5:65:37:2a:ad:a9:2e:15:21:57:12:46:c8:b9:4f:
35:64:6a:9b:87:15:7d:7d:83:a6:e1:7c:1f:7e:1e:
3b:67:6e:ea:48:22:88:55:c4:5d:05:d7:29:68:ad:
e4:e0:01:ff:eb:3b:c9:c0:af:ae:fb:14:11:0f:32:
e3:b2:86:47:ae:dc:cb:ec:52:83:42:a2:f9:7c:e8:
71:41:45:5e:20:8e:71:04:1f:3f:4e:9b:75:1a:a0:
ac:18:74:74:60:b5:85:dc:48:fd:e2:2d:87:7c:07:
53:fc:fa:c3:94:ba:a9:83:19:56:f3:dd:0d:d0:02:
5e:ed:c5:e8:fc:d0:65:af:26:af:62:04:eb:84:50:
29:88:32:11:7b:b4:ba:0b:61:ef:91:5a:2e:3d:3c:
b1:00:b5:63:e1:4c:60:3e:62:df:c4:64:e8:b4:81:
2f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:1F:E7:A4:F9:17:09:BE:63:D1:9A:11:F7:7E:BE:91:35:3E:CB:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57c971db-5779-4af6-9c2f-2c7cd904e742.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:c000::/48
Signature Algorithm: sha256WithRSAEncryption
41:06:99:3d:77:91:9e:d4:d2:c0:cb:24:57:76:ce:f5:c4:b2:
1c:1a:67:dd:f3:28:69:22:f9:a7:97:4e:79:5b:c6:db:e2:27:
46:d0:92:9b:51:55:de:c6:d2:3e:31:0d:cb:b8:4d:a0:68:f1:
11:59:47:cd:9f:83:84:60:84:17:7c:35:72:62:9a:c7:34:2d:
bb:a7:b3:b9:a4:98:e3:b2:59:5c:21:73:16:3c:c8:2d:53:ec:
25:b0:82:e5:d5:54:ba:0b:71:32:21:3e:60:8c:d1:fd:63:68:
cd:ca:8c:61:a1:43:50:8e:c6:80:ba:de:f3:0e:dd:4d:77:1e:
90:d8:20:de:84:77:59:20:d5:ea:0d:dd:95:a8:52:13:96:a6:
b6:f2:3c:86:a8:35:9b:8e:03:6e:ed:ca:96:cd:ac:f4:7b:66:
29:c1:a2:7b:0e:3c:90:02:df:28:db:02:43:78:cb:44:61:56:
b3:d9:fe:bd:c1:5d:88:04:a9:17:c6:74:7a:dc:b2:72:73:55:
3a:59:73:71:73:ec:72:9e:96:0b:b2:11:4e:9e:64:d1:b3:ff:
61:95:59:05:71:b5:95:66:87:83:ee:74:12:54:63:b6:2d:dc:
54:1b:87:7d:84:a9:59:bb:a1:3a:fc:d3:22:5d:4e:2f:48:b8:
28:ea:9b:b5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeVe0/5OlN8TCCj5S7ChUVSArweEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTExMjhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5ZWRmNGZkZmRkMDNhNTc0ZjI4N2Y0OTI2NWQzMjYyMjQ5MzYxNmMxNzg4
YjM0MDQ2MmRjNTlmMjgyMTY4OTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgsOtviIINBbDVPDZtW08JZv0oFcgBCTzil585bu3T1Tw8tkAKzFXj187Bp
h6TUABacSzibppIkLaylxmiiBls8huTr9WxH4HO9g7vCs8jh8gPGPY0JD/ClpWU3
Kq2pLhUhVxJGyLlPNWRqm4cVfX2DpuF8H34eO2du6kgiiFXEXQXXKWit5OAB/+s7
ycCvrvsUEQ8y47KGR67cy+xSg0Ki+XzocUFFXiCOcQQfP06bdRqgrBh0dGC1hdxI
/eIth3wHU/z6w5S6qYMZVvPdDdACXu3F6PzQZa8mr2IE64RQKYgyEXu0ugth75Fa
Lj08sQC1Y+FMYD5i38Rk6LSBLxsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTFH+ek
+RcJvmPRmhH3fr6RNT7LmjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTdjOTcxZGItNTc3OS00YWY2LTljMmYtMmM3Y2Q5MDRlNzQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HbA
ADANBgkqhkiG9w0BAQsFAAOCAQEAQQaZPXeRntTSwMskV3bO9cSyHBpn3fMoaSL5
p5dOeVvG2+InRtCSm1FV3sbSPjENy7hNoGjxEVlHzZ+DhGCEF3w1cmKaxzQtu6ez
uaSY47JZXCFzFjzILVPsJbCC5dVUugtxMiE+YIzR/WNozcqMYaFDUI7GgLre8w7d
TXcekNgg3oR3WSDV6g3dlahSE5amtvI8hqg1m44Dbu3Kls2s9HtmKcGiew48kALf
KNsCQ3jLRGFWs9n+vcFdiASpF8Z0etyycnNVOllzcXPscp6WC7IRTp5k0bP/YZVZ
BXG1lWaHg+50ElRjti3cVBuHfYSpWbuhOvzTIl1OL0i4KOqbtQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:44:44 2025 by rpki-client