Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
File: 699ed05f-92ce-48c3-8186-6564a7373323.roa (raw, json)
Hash identifier: ptnHkoo9eHKkkL8JHVlPY4xfvKDu7lcAJXOkIaNStWA=
Subject key identifier: 81:7B:66:3E:55:4B:7D:EB:08:4A:CA:11:75:7E:45:12:C5:09:A1:3B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23CABE9C09EF4E6908584F997879C7ECBD00C77F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
Signing time: Tue 05 Aug 2025 18:40:55 +0000
ROA not before: Tue 05 Aug 2025 18:40:55 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:ca:be:9c:09:ef:4e:69:08:58:4f:99:78:79:c7:ec:bd:00:c7:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:40:55 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=cf40093813db23768d384ec78fc68640f489dd1bcfc967a2731cdc526a37fd91, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e9:17:3a:6b:4f:ea:43:6a:bb:5c:7d:61:79:
89:d3:bc:e9:7e:62:53:d4:63:0e:e9:de:fb:9a:1d:
46:a3:bd:5f:b7:6a:e1:d1:82:84:e1:b9:98:34:be:
35:98:b4:5b:0b:fe:0b:a4:8b:23:eb:0d:92:8e:e5:
6f:7c:d6:29:3e:7f:50:d5:0b:fa:2d:a8:36:3f:09:
8b:f1:8b:0c:02:0a:94:3a:0a:e6:de:bf:85:ff:0a:
b5:d9:0d:7e:08:40:32:a9:95:8c:e0:06:a1:98:4b:
cb:98:4e:b8:78:3d:cb:5d:70:f1:91:45:7c:90:c1:
db:bf:b0:65:c7:16:57:37:ca:e8:75:ec:26:2e:f3:
1c:36:24:50:67:e6:73:00:28:81:19:dc:ec:2d:a1:
bd:9f:05:84:95:91:62:68:73:25:f0:0b:ff:96:d0:
1e:7e:21:aa:1f:4d:4a:a5:c3:53:92:46:65:41:c7:
02:bd:52:c7:65:fa:66:e6:19:d7:5a:b6:04:58:7a:
b9:0d:c6:36:4c:f1:aa:bf:c9:7d:4a:5f:f7:7b:d4:
44:28:cb:1b:01:d5:3c:0b:b7:81:fe:0c:4a:f9:00:
c5:eb:d5:f6:1c:cb:a3:8e:ab:84:d4:39:5e:a7:66:
32:c3:fb:c0:99:51:0e:8a:10:d2:12:38:f1:ec:15:
44:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:7B:66:3E:55:4B:7D:EB:08:4A:CA:11:75:7E:45:12:C5:09:A1:3B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c040::/48
Signature Algorithm: sha256WithRSAEncryption
a5:d8:a0:16:d6:4c:ab:1e:e8:af:34:46:65:86:26:87:58:23:
95:2d:9c:42:ef:72:23:3f:2d:79:9e:fd:30:85:a2:c8:80:93:
01:15:83:9a:50:ae:eb:dd:56:eb:4f:8e:ad:6a:1b:a1:2f:b7:
52:c3:e8:1d:cd:d8:0f:de:25:1e:a8:4c:2f:8c:0f:3f:a1:30:
bc:c7:ac:6b:d1:53:ef:b3:7d:44:d6:ea:ab:67:39:4a:e4:b5:
75:ae:18:36:8d:04:cf:bb:1e:b0:51:8e:c5:27:13:88:b4:5c:
2f:c1:ee:d5:94:08:aa:b7:78:4a:81:18:03:10:e1:79:31:83:
eb:10:3c:7c:c1:11:f4:b3:20:14:b2:64:77:96:32:9f:a7:8a:
8c:e2:ff:03:dc:33:3d:b6:ee:24:30:0b:da:2d:e3:a0:ba:2a:
15:cb:7e:c8:52:9b:a0:b2:17:2a:0d:bf:df:85:a3:a2:06:72:
0a:13:80:72:8b:17:0d:eb:05:4e:77:b3:1b:88:9e:f8:db:c6:
75:e1:df:4b:d2:f5:89:49:43:aa:86:e0:37:4d:cb:a5:e8:cb:
89:3e:2c:e6:2a:1a:03:e0:7b:38:59:84:5f:23:b5:56:0b:20:
d7:cc:e6:af:88:a3:c8:95:ee:5d:a3:35:f1:75:19:51:53:28:
9f:12:1e:7e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUI8q+nAnvTmkIWE+ZeHnH7L0Ax38wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQwNTVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmNDAwOTM4MTNkYjIzNzY4ZDM4NGVjNzhmYzY4NjQwZjQ4OWRkMWJjZmM5
NjdhMjczMWNkYzUyNmEzN2ZkOTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTpFzprT+pDartcfWF5idO86X5iU9RjDune+5odRqO9X7dq4dGChOG5mDS+
NZi0Wwv+C6SLI+sNko7lb3zWKT5/UNUL+i2oNj8Ji/GLDAIKlDoK5t6/hf8KtdkN
fghAMqmVjOAGoZhLy5hOuHg9y11w8ZFFfJDB27+wZccWVzfK6HXsJi7zHDYkUGfm
cwAogRnc7C2hvZ8FhJWRYmhzJfAL/5bQHn4hqh9NSqXDU5JGZUHHAr1Sx2X6ZuYZ
11q2BFh6uQ3GNkzxqr/JfUpf93vURCjLGwHVPAu3gf4MSvkAxevV9hzLo46rhNQ5
XqdmMsP7wJlRDooQ0hI48ewVRHkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSBe2Y+
VUt96whKyhF1fkUSxQmhOzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njk5ZWQwNWYtOTJjZS00OGMzLTgxODYtNjU2NGE3MzczMzIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
QDANBgkqhkiG9w0BAQsFAAOCAQEApdigFtZMqx7orzRGZYYmh1gjlS2cQu9yIz8t
eZ79MIWiyICTARWDmlCu691W60+OrWoboS+3UsPoHc3YD94lHqhML4wPP6EwvMes
a9FT77N9RNbqq2c5SuS1da4YNo0Ez7sesFGOxScTiLRcL8Hu1ZQIqrd4SoEYAxDh
eTGD6xA8fMER9LMgFLJkd5Yyn6eKjOL/A9wzPbbuJDAL2i3joLoqFct+yFKboLIX
Kg2/34WjogZyChOAcosXDesFTnezG4ie+NvGdeHfS9L1iUlDqobgN03LpejLiT4s
5ioaA+B7OFmEXyO1Vgsg18zmr4ijyJXuXaM18XUZUVMonxIefg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:29 2025 by rpki-client