Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e11a1fd-46e4-4d91-84e8-f174e0774136.roa
File: 6e11a1fd-46e4-4d91-84e8-f174e0774136.roa (raw, json)
Hash identifier: x8RwI3ylmc6eHpMFps1uGX3t9UWbpgctDLEdhEpIsS0=
Subject key identifier: 8A:A8:F4:0A:84:72:5E:D3:14:5F:5C:23:D9:73:6E:01:F7:48:97:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1334784D8F135CF4382DF2A3A1052F476A348180
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e11a1fd-46e4-4d91-84e8-f174e0774136.roa
Signing time: Thu 26 Jun 2025 19:39:00 +0000
ROA not before: Thu 26 Jun 2025 19:39:00 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:e0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:34:78:4d:8f:13:5c:f4:38:2d:f2:a3:a1:05:2f:47:6a:34:81:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:39:00 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=f8487303398a1b0dd29f95c4442a36dab7697a839da7322c1d9f7e01eaa7d7fa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c6:cb:cb:65:4f:2e:45:27:f2:4a:c0:69:ac:
03:0b:55:05:7a:8a:ef:6b:45:9f:5a:cb:14:47:17:
1c:d3:06:fa:7d:63:af:59:e2:70:e2:b6:c8:9f:5e:
af:68:6a:98:c0:c5:1f:04:e9:1e:24:5b:59:fa:bc:
c3:69:b4:b1:25:a0:36:ec:8b:78:dd:1b:47:4a:d7:
ea:49:02:8b:8e:60:a5:39:31:24:d5:43:e2:91:7f:
b7:d7:45:f3:fd:85:7f:b2:1a:4b:f8:0f:a6:7e:2b:
38:cc:df:4c:08:a4:13:3d:a5:16:d6:e8:de:c9:08:
4f:d1:16:a8:a6:53:50:40:df:4b:de:3e:fc:22:ed:
35:68:d7:98:8c:c1:01:d1:a3:98:9e:e7:40:92:2f:
f9:85:64:b3:89:75:c5:6b:e2:7a:6d:5c:16:d2:75:
34:87:7a:77:fb:45:87:d1:0c:b4:d2:f1:cf:d1:b3:
01:8c:7f:48:b9:ef:93:4d:91:5d:1c:bd:27:20:3b:
9c:fc:a1:f9:f5:a3:3a:62:20:22:8f:2a:a8:c3:62:
35:fe:83:bc:23:a4:00:b7:87:7f:e1:6d:96:75:76:
f0:89:7e:d7:47:3f:3c:de:16:fe:e1:62:35:b1:18:
18:b8:a4:48:55:d4:ff:83:aa:35:ff:f4:f2:d3:fa:
1a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A8:F4:0A:84:72:5E:D3:14:5F:5C:23:D9:73:6E:01:F7:48:97:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e11a1fd-46e4-4d91-84e8-f174e0774136.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:e0c0::/46
Signature Algorithm: sha256WithRSAEncryption
68:3a:92:87:5c:02:25:ed:0b:f8:21:04:81:28:1e:78:12:86:
94:c5:ad:92:5e:60:4e:4e:91:19:b2:b9:93:73:39:f9:70:64:
28:22:b6:c7:23:4d:53:7a:a3:37:2e:c5:60:a1:c3:1e:2f:7f:
f0:b2:a8:a7:22:f0:23:c2:24:b6:a2:93:03:5f:3d:c7:35:d8:
9d:20:5e:aa:6f:e3:ce:bf:d1:97:e1:9d:d2:97:9f:c2:59:19:
23:6e:7a:3b:2d:4e:20:50:d2:f4:50:77:bf:a2:83:a7:0d:df:
36:38:19:5a:6b:67:3b:0b:b1:c8:74:c8:4f:68:36:6c:19:f5:
b1:51:57:82:fa:8f:5d:7e:31:a8:1b:39:e3:43:d4:b3:95:40:
06:4c:02:9e:16:07:72:9e:62:76:df:d1:2e:e4:03:e5:6d:44:
ba:c8:2d:a7:19:84:d2:6f:b8:3e:43:bb:12:a4:32:b6:c0:8d:
84:98:02:01:af:8e:b1:fc:87:b7:18:2a:15:f4:3d:b6:00:a2:
55:63:83:47:93:96:ff:40:3c:f2:b4:ce:de:c5:8e:12:c0:62:
f0:81:fa:46:65:7b:7c:69:d2:0e:7b:a5:bd:7f:9d:f8:c0:e8:
99:74:1c:8f:49:f5:7e:1c:af:76:b3:2b:60:33:22:32:23:5b:
e1:94:83:13
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEzR4TY8TXPQ4LfKjoQUvR2o0gYAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM5MDBaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4NDg3MzAzMzk4YTFiMGRkMjlmOTVjNDQ0MmEzNmRhYjc2OTdhODM5ZGE3
MzIyYzFkOWY3ZTAxZWFhN2Q3ZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPGy8tlTy5FJ/JKwGmsAwtVBXqK72tFn1rLFEcXHNMG+n1jr1nicOK2yJ9e
r2hqmMDFHwTpHiRbWfq8w2m0sSWgNuyLeN0bR0rX6kkCi45gpTkxJNVD4pF/t9dF
8/2Ff7IaS/gPpn4rOMzfTAikEz2lFtbo3skIT9EWqKZTUEDfS94+/CLtNWjXmIzB
AdGjmJ7nQJIv+YVks4l1xWviem1cFtJ1NId6d/tFh9EMtNLxz9GzAYx/SLnvk02R
XRy9JyA7nPyh+fWjOmIgIo8qqMNiNf6DvCOkALeHf+FtlnV28Il+10c/PN4W/uFi
NbEYGLikSFXU/4OqNf/08tP6GqUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSKqPQK
hHJe0xRfXCPZc24B90iXejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmUxMWExZmQtNDZlNC00ZDkxLTg0ZTgtZjE3NGUwNzc0MTM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPg
wDANBgkqhkiG9w0BAQsFAAOCAQEAaDqSh1wCJe0L+CEEgSgeeBKGlMWtkl5gTk6R
GbK5k3M5+XBkKCK2xyNNU3qjNy7FYKHDHi9/8LKopyLwI8IktqKTA189xzXYnSBe
qm/jzr/Rl+Gd0pefwlkZI256Oy1OIFDS9FB3v6KDpw3fNjgZWmtnOwuxyHTIT2g2
bBn1sVFXgvqPXX4xqBs540PUs5VABkwCnhYHcp5idt/RLuQD5W1EusgtpxmE0m+4
PkO7EqQytsCNhJgCAa+OsfyHtxgqFfQ9tgCiVWODR5OW/0A88rTO3sWOEsBi8IH6
RmV7fGnSDnulvX+d+MDomXQcj0n1fhyvdrMrYDMiMiNb4ZSDEw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:48 2025 by rpki-client