Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
File: 6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa (raw, json)
Hash identifier: tnDKAR7wQTQ0uooH5rGCbblM4Wa7mUNwTRuD4Dyi9PU=
Subject key identifier: 19:44:99:36:CB:A4:62:09:36:8F:EE:9E:A0:03:12:40:70:12:C3:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 618E2E33EB78202DFCCB37CFB766F9F2AE1D4CEA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
Signing time: Mon 16 Jun 2025 21:41:23 +0000
ROA not before: Mon 16 Jun 2025 21:41:23 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:8e:2e:33:eb:78:20:2d:fc:cb:37:cf:b7:66:f9:f2:ae:1d:4c:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:41:23 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=859415cbd8f4cb8321eb099c99363d5e9676ce13a6322fe19c1ba9700abda0fc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:04:bf:96:a6:11:06:f8:fa:19:2a:b8:d4:e4:
c0:a3:6c:1a:40:1e:f6:d1:ac:58:3b:cf:34:51:37:
04:70:4e:c0:e2:0a:1c:20:91:4e:79:f8:8b:aa:9b:
db:69:36:51:4e:50:8c:b8:13:a6:73:99:2f:69:a0:
e7:b5:68:43:b4:70:31:48:d6:ff:5d:57:26:df:95:
23:12:37:29:96:3b:31:6c:09:8d:ee:4a:f1:d4:80:
65:89:c7:8f:b9:8d:82:28:c9:dd:69:39:7f:b0:5a:
d1:98:60:f4:f4:25:24:81:87:84:e3:32:04:7b:2e:
1f:60:98:fd:36:3d:a0:12:b1:69:bb:12:90:ab:98:
55:e1:fd:69:3c:04:2f:a6:39:21:73:55:8b:f7:25:
1e:8d:ac:cc:ed:e8:2b:09:ed:ba:f0:d8:a4:a7:5a:
a1:4f:63:b3:a5:07:c3:c3:8b:d6:73:79:87:89:30:
7c:d1:0f:b8:64:85:a8:44:bd:a4:24:00:d2:c4:24:
61:89:e1:ae:e0:81:b2:0d:d5:72:e1:f4:a5:11:34:
8c:7f:99:50:4b:3b:10:f8:3d:b4:53:f2:26:37:f0:
fa:d9:d1:a3:9f:22:99:85:fd:77:09:c7:d8:3a:ac:
54:e9:9a:94:a7:af:9d:65:82:40:bb:fb:17:6b:60:
a4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:44:99:36:CB:A4:62:09:36:8F:EE:9E:A0:03:12:40:70:12:C3:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/36
Signature Algorithm: sha256WithRSAEncryption
74:c6:a3:f4:7d:c4:a1:29:7e:1b:80:38:0c:86:88:18:59:76:
23:e1:3b:3e:7d:1b:b5:82:07:52:3e:1a:a7:27:13:d2:a4:44:
20:b3:e2:77:e2:81:a9:b4:61:29:fc:91:8c:8b:7e:db:b3:9c:
bc:14:1e:75:c4:b4:aa:54:b1:8c:81:45:41:16:cc:bc:97:8d:
e5:ab:cd:4b:1f:33:65:26:2a:86:6d:8a:13:63:f7:21:bd:43:
36:f1:fa:41:ac:0a:60:a0:75:c7:c3:9b:e8:76:cb:cc:05:ac:
f6:55:83:2f:03:79:82:17:c1:11:0b:7a:9f:1f:f1:f2:a0:12:
cb:33:ea:10:c7:79:d3:4b:c9:01:60:6b:fe:82:ab:0c:3b:58:
94:09:43:98:52:cb:fd:50:43:bc:2e:77:bf:d2:e9:2c:6f:51:
81:c3:13:bd:53:3a:3d:89:fd:b7:e6:5b:a5:f5:15:c6:d4:41:
b3:2d:a0:46:f3:d5:a4:83:e3:31:ec:c1:9f:bb:be:df:c6:09:
f4:33:c0:2c:41:2c:e5:c5:05:48:80:36:9c:de:b3:80:da:05:
fb:30:db:ed:a5:2f:85:90:a7:cf:0e:33:11:ab:31:7a:48:6a:
cd:96:a8:7e:2f:81:6a:46:82:4e:5e:93:49:f8:63:1d:dc:a8:
99:94:5e:41
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYY4uM+t4IC38yzfPt2b58q4dTOowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQxMjNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1OTQxNWNiZDhmNGNiODMyMWViMDk5Yzk5MzYzZDVlOTY3NmNlMTNhNjMy
MmZlMTljMWJhOTcwMGFiZGEwZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ8Ev5amEQb4+hkquNTkwKNsGkAe9tGsWDvPNFE3BHBOwOIKHCCRTnn4i6qb
22k2UU5QjLgTpnOZL2mg57VoQ7RwMUjW/11XJt+VIxI3KZY7MWwJje5K8dSAZYnH
j7mNgijJ3Wk5f7Ba0Zhg9PQlJIGHhOMyBHsuH2CY/TY9oBKxabsSkKuYVeH9aTwE
L6Y5IXNVi/clHo2szO3oKwntuvDYpKdaoU9js6UHw8OL1nN5h4kwfNEPuGSFqES9
pCQA0sQkYYnhruCBsg3VcuH0pRE0jH+ZUEs7EPg9tFPyJjfw+tnRo58imYX9dwnH
2DqsVOmalKevnWWCQLv7F2tgpJsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQZRJk2
y6RiCTaP7p6gAxJAcBLD9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU1OGZhMTctMGNmYy00YTA2LThkNDgtNDdkOTZjMGQ0OWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQB0xqP0fcShKX4bgDgMhogYWXYj4Ts+fRu1ggdS
PhqnJxPSpEQgs+J34oGptGEp/JGMi37bs5y8FB51xLSqVLGMgUVBFsy8l43lq81L
HzNlJiqGbYoTY/chvUM28fpBrApgoHXHw5vodsvMBaz2VYMvA3mCF8ERC3qfH/Hy
oBLLM+oQx3nTS8kBYGv+gqsMO1iUCUOYUsv9UEO8Lne/0uksb1GBwxO9Uzo9if23
5lul9RXG1EGzLaBG89Wkg+Mx7MGfu77fxgn0M8AsQSzlxQVIgDac3rOA2gX7MNvt
pS+FkKfPDjMRqzF6SGrNlqh+L4FqRoJOXpNJ+GMd3KiZlF5B
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:13 2025 by rpki-client