Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e276817-fa44-4713-a36e-7aa0cf282f8a.roa
File: 6e276817-fa44-4713-a36e-7aa0cf282f8a.roa (raw, json)
Hash identifier: TiOL2ScveuU804I4aE6UZNvGhpUrFhvhFDdG0v1t7vw=
Subject key identifier: D9:67:29:B2:B6:10:34:D9:E4:C6:C6:02:8B:A2:F7:D7:E6:4A:23:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32D593682CB7469425BFDE5DA74124B3F9DBE914
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e276817-fa44-4713-a36e-7aa0cf282f8a.roa
Signing time: Mon 16 Jun 2025 20:41:04 +0000
ROA not before: Mon 16 Jun 2025 20:41:04 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:d5:93:68:2c:b7:46:94:25:bf:de:5d:a7:41:24:b3:f9:db:e9:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:41:04 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e5d53ea33ce2aebdfac12bd5900f13d22273e0b789ff1bcf36c428870689eda5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e7:02:da:b0:40:a9:d2:16:ad:81:69:40:21:
6f:cb:1a:60:a0:e3:b1:5f:c8:5d:d1:70:3a:25:06:
27:ed:5f:0c:25:8d:8b:38:31:c1:f7:42:39:f2:93:
7f:e5:ae:0f:eb:a6:e0:40:64:cd:ac:0b:b6:e6:c7:
51:f0:9b:de:cb:40:18:88:25:b9:a2:ac:d5:19:39:
b1:c6:95:68:9a:75:55:af:45:78:3f:3e:ab:93:0f:
e2:d6:c4:c2:5c:09:d2:1d:77:70:b5:8e:f0:c5:b8:
7e:ed:5d:80:15:d8:e9:fa:d7:b1:a4:c3:c2:3e:1c:
bd:40:fc:83:49:0f:55:c0:28:ff:20:fd:2f:90:d8:
ca:53:ea:80:6d:52:6f:09:59:0d:64:d5:a9:e3:6b:
2f:07:30:40:8d:61:90:70:85:26:bb:28:d7:35:3c:
5d:26:6c:a9:f6:4c:aa:c4:42:9e:76:b5:65:84:3f:
24:f8:27:72:f8:dd:d5:ed:1b:9a:5d:7b:4a:31:10:
ca:f1:a0:dc:f6:8d:d3:b0:b6:14:37:34:d5:55:f9:
f4:03:fb:44:39:28:b3:50:54:38:46:ba:7f:c7:c2:
94:4d:95:73:9f:ec:31:1e:df:a1:28:99:c6:4d:79:
d1:22:e4:04:76:c7:0d:58:72:10:8d:f0:4d:ee:90:
9c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:67:29:B2:B6:10:34:D9:E4:C6:C6:02:8B:A2:F7:D7:E6:4A:23:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e276817-fa44-4713-a36e-7aa0cf282f8a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:9000::/40
Signature Algorithm: sha256WithRSAEncryption
64:ca:93:2f:75:4a:55:61:0a:6d:35:0a:4c:8e:30:3c:9e:79:
77:ad:39:ed:a0:d3:b0:72:ac:52:f7:29:c8:3a:ab:8a:03:08:
c3:0d:3b:8a:11:c1:5d:07:00:ec:11:21:cc:cb:dc:48:39:d0:
9e:68:cd:5c:75:e3:dd:33:45:13:63:07:9d:a5:ef:56:b6:ec:
43:a9:d9:24:e0:4f:f1:b9:69:88:b1:39:ef:f5:02:35:7d:a6:
07:a8:da:c2:02:01:f6:6e:bf:49:99:c5:13:48:81:17:81:8a:
e2:6c:0b:30:8c:bb:00:db:63:16:b8:d8:a0:7d:15:b3:c7:e5:
16:dd:1c:40:bd:08:9b:ab:f2:5e:82:ce:f3:0a:4e:f7:e6:ed:
9b:63:9e:e8:51:12:d2:42:f5:7f:60:20:61:66:dc:b8:e8:3a:
07:87:c2:29:fd:6e:3f:02:99:02:24:6a:ab:db:43:5b:23:b6:
b2:58:61:be:67:c8:0d:df:22:95:f4:76:9a:43:b4:06:da:79:
bc:75:80:b1:16:90:49:d9:20:ea:eb:d1:e6:2b:b3:3b:55:d2:
c3:1d:0e:b1:cb:73:c7:3b:85:d4:6d:3a:81:5f:df:2f:79:b7:
80:52:99:87:e6:b7:77:48:d7:d4:13:a0:7d:fd:ab:80:f4:85:
5b:6c:44:94
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMtWTaCy3RpQlv95dp0Eks/nb6RQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDQxMDRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1ZDUzZWEzM2NlMmFlYmRmYWMxMmJkNTkwMGYxM2QyMjI3M2UwYjc4OWZm
MWJjZjM2YzQyODg3MDY4OWVkYTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrnAtqwQKnSFq2BaUAhb8saYKDjsV/IXdFwOiUGJ+1fDCWNizgxwfdCOfKT
f+WuD+um4EBkzawLtubHUfCb3stAGIgluaKs1Rk5scaVaJp1Va9FeD8+q5MP4tbE
wlwJ0h13cLWO8MW4fu1dgBXY6frXsaTDwj4cvUD8g0kPVcAo/yD9L5DYylPqgG1S
bwlZDWTVqeNrLwcwQI1hkHCFJrso1zU8XSZsqfZMqsRCnna1ZYQ/JPgncvjd1e0b
ml17SjEQyvGg3PaN07C2FDc01VX59AP7RDkos1BUOEa6f8fClE2Vc5/sMR7foSiZ
xk150SLkBHbHDVhyEI3wTe6QnDsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTZZymy
thA02eTGxgKLovfX5kojAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmUyNzY4MTctZmE0NC00NzEzLWEzNmUtN2FhMGNmMjgyZjhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HuQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBkypMvdUpVYQptNQpMjjA8nnl3rTntoNOwcqxS
9ynIOquKAwjDDTuKEcFdBwDsESHMy9xIOdCeaM1cdePdM0UTYwedpe9WtuxDqdkk
4E/xuWmIsTnv9QI1faYHqNrCAgH2br9JmcUTSIEXgYribAswjLsA22MWuNigfRWz
x+UW3RxAvQibq/Jegs7zCk735u2bY57oURLSQvV/YCBhZty46DoHh8Ip/W4/ApkC
JGqr20NbI7ayWGG+Z8gN3yKV9HaaQ7QG2nm8dYCxFpBJ2SDq69HmK7M7VdLDHQ6x
y3PHO4XUbTqBX98vebeAUpmH5rd3SNfUE6B9/auA9IVbbESU
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:41 2025 by rpki-client