Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
File: 5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa (raw, json)
Hash identifier: W/mcwA5MKsGrkQ/1QcyDYYithmPIzpI8Ikk3MPOrYLc=
Subject key identifier: AE:E6:45:94:95:E2:EE:CD:5E:06:C2:73:65:DB:A8:B6:F3:6A:CB:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A67BC62323BD2C3D9B3D4766B59D063C6811A4F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
Signing time: Tue 05 Aug 2025 18:50:51 +0000
ROA not before: Tue 05 Aug 2025 18:50:51 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:67:bc:62:32:3b:d2:c3:d9:b3:d4:76:6b:59:d0:63:c6:81:1a:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:50:51 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=74847e1ce995cb242a51edad92f8c872dddc53e7161b512080859dc280a9cc14, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ae:15:50:40:27:51:ca:f6:64:68:e9:95:3b:
92:80:44:48:1e:18:ef:2b:39:08:9b:b3:ee:46:1b:
6c:3a:ef:85:60:11:1b:e5:5f:37:44:7f:73:88:99:
02:22:61:1a:76:d4:ad:18:80:84:52:71:2a:9d:d0:
82:04:84:c8:1f:02:fc:2c:58:72:54:b5:f4:1b:74:
c1:07:9f:02:9c:c0:b0:54:c8:00:9f:f5:c9:df:f8:
c3:bf:be:96:e1:01:83:1d:60:ec:46:cc:9b:1d:d2:
d3:9a:46:aa:3f:6d:2a:21:39:33:cd:63:74:0c:2c:
93:b1:31:09:ae:7b:9d:ff:54:84:97:ce:b7:27:99:
d6:97:16:bf:1f:42:3b:fb:75:73:48:b3:47:a6:29:
6a:66:35:0a:65:fa:06:56:ba:8e:ce:64:f9:da:a3:
e5:67:49:46:4c:f2:76:ea:56:a5:32:23:8d:1b:67:
cf:b1:6b:a9:26:b4:92:49:f4:9c:c0:33:85:bc:cb:
7a:3e:66:2e:13:58:a0:ae:06:0e:10:74:08:a0:97:
5b:07:e2:30:8a:3e:b3:bd:26:b6:fc:d5:84:32:b6:
26:1c:95:bc:0b:10:4c:f4:e0:e1:5d:c6:54:77:f4:
ab:44:8d:9c:9a:85:70:21:3c:ae:06:76:21:9e:87:
5e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:E6:45:94:95:E2:EE:CD:5E:06:C2:73:65:DB:A8:B6:F3:6A:CB:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80b0::/48
Signature Algorithm: sha256WithRSAEncryption
7b:7c:89:f5:4d:f0:f0:89:50:88:3f:d9:ce:03:0a:16:52:b4:
9c:c0:ba:dd:ce:d0:e4:23:a6:97:5c:76:49:29:a0:c5:ff:8a:
50:1a:d0:de:0f:f7:a1:9d:cc:c7:6c:b0:d8:0e:27:ea:b3:f7:
f7:62:a9:4f:5e:fd:24:8c:5c:b6:bf:5d:06:57:6a:9d:7f:ff:
0d:c8:9e:d5:f0:89:1a:83:bb:ec:f2:a1:21:e1:3c:d7:9f:97:
b1:34:75:bc:89:9c:8b:a5:2a:d0:cb:d4:ac:9f:16:29:a9:27:
18:66:9e:32:95:08:a6:ab:4d:69:d5:4d:87:71:3e:b3:c8:8b:
d2:4a:2b:46:2e:8c:fa:50:c7:f3:01:b4:70:a9:db:ac:a5:f4:
8c:f9:ae:69:9b:63:35:33:8d:c7:26:9b:4e:79:6f:0c:e2:35:
11:84:12:65:a4:a0:6e:24:29:21:e0:c9:84:a9:cd:56:f1:9f:
bf:34:72:b9:7b:de:f7:f8:8a:fe:fe:af:9b:1c:05:fc:d9:a4:
a9:43:80:ba:22:dc:e1:03:d8:63:5d:4c:80:9e:c3:ae:86:b9:
e2:44:03:4d:c2:4f:13:bd:d6:d6:9b:d8:ce:55:50:17:f5:a7:
40:fe:b2:6b:2f:3f:4d:fd:5e:56:16:a2:f5:ea:48:01:86:f7:
e0:bd:88:28
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGme8YjI70sPZs9R2a1nQY8aBGk8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODUwNTFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0ODQ3ZTFjZTk5NWNiMjQyYTUxZWRhZDkyZjhjODcyZGRkYzUzZTcxNjFi
NTEyMDgwODU5ZGMyODBhOWNjMTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWuFVBAJ1HK9mRo6ZU7koBESB4Y7ys5CJuz7kYbbDrvhWARG+VfN0R/c4iZ
AiJhGnbUrRiAhFJxKp3QggSEyB8C/CxYclS19Bt0wQefApzAsFTIAJ/1yd/4w7++
luEBgx1g7EbMmx3S05pGqj9tKiE5M81jdAwsk7ExCa57nf9UhJfOtyeZ1pcWvx9C
O/t1c0izR6YpamY1CmX6Bla6js5k+dqj5WdJRkzydupWpTIjjRtnz7FrqSa0kkn0
nMAzhbzLej5mLhNYoK4GDhB0CKCXWwfiMIo+s70mtvzVhDK2JhyVvAsQTPTg4V3G
VHf0q0SNnJqFcCE8rgZ2IZ6HXtsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSu5kWU
leLuzV4GwnNl26i282rLzzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQxZmZmOTgtNDQxNS00Y2QwLWIyY2MtMjZmNjFhOGNhZTdiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
sDANBgkqhkiG9w0BAQsFAAOCAQEAe3yJ9U3w8IlQiD/ZzgMKFlK0nMC63c7Q5COm
l1x2SSmgxf+KUBrQ3g/3oZ3Mx2yw2A4n6rP392KpT179JIxctr9dBldqnX//Dcie
1fCJGoO77PKhIeE815+XsTR1vImci6Uq0MvUrJ8WKaknGGaeMpUIpqtNadVNh3E+
s8iL0korRi6M+lDH8wG0cKnbrKX0jPmuaZtjNTONxyabTnlvDOI1EYQSZaSgbiQp
IeDJhKnNVvGfvzRyuXve9/iK/v6vmxwF/NmkqUOAuiLc4QPYY11MgJ7Droa54kQD
TcJPE73W1pvYzlVQF/WnQP6yay8/Tf1eVhai9epIAYb34L2IKA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:15 2025 by rpki-client