Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee98048-5141-4b16-8b8c-269a397f53ce.roa
File: 6ee98048-5141-4b16-8b8c-269a397f53ce.roa (raw, json)
Hash identifier: 7jcPvwAGe7Mp7vqRtqMQHQ8avqdDkRrIMPf3JfQeobw=
Subject key identifier: 06:96:EE:5F:5E:14:DB:7A:07:B8:7C:BC:77:E3:AA:51:09:7B:D8:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D6B9A824381A94B2450B329DBF486B941511EDE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee98048-5141-4b16-8b8c-269a397f53ce.roa
Signing time: Tue 05 Aug 2025 19:11:13 +0000
ROA not before: Tue 05 Aug 2025 19:11:13 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:6b:9a:82:43:81:a9:4b:24:50:b3:29:db:f4:86:b9:41:51:1e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:11:13 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=b70d7e8527df78a8109ce40175750a775548fca8c23c94ccf45acf8a9b9cbb90, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:db:63:15:f2:17:4d:5b:48:92:2c:65:d8:93:
0d:57:c5:fe:66:58:ff:d2:7b:44:68:aa:70:e2:76:
4c:83:76:e9:a5:0d:1d:38:b1:8c:41:8a:80:a3:90:
34:13:7d:1a:e9:4c:1c:24:be:d2:f0:a7:7d:4f:af:
a6:0c:56:e1:52:62:f3:29:88:3a:45:62:7d:67:b5:
18:39:e4:b9:ef:b5:c9:6b:08:8c:01:30:23:6c:e1:
17:3f:dc:11:3a:16:61:9d:6f:a6:a3:9a:10:97:23:
1b:29:5b:26:65:69:1a:36:c1:97:70:91:08:db:e3:
ce:6f:50:cc:ed:0f:7c:a6:e0:27:19:6e:be:1e:18:
d2:9b:41:57:c3:44:d1:86:15:04:13:a9:5a:3c:8b:
ef:86:07:ec:07:e1:01:78:4c:11:90:c9:67:1a:e9:
64:c2:68:1d:4f:80:75:54:02:41:16:63:ce:ea:a0:
a2:0c:8b:74:77:86:28:e8:a8:eb:6e:41:8c:3c:01:
ec:70:d8:33:d2:49:ba:cc:12:01:10:ed:da:69:74:
18:9f:f5:c2:95:df:f7:5c:5b:a5:02:f0:3e:17:32:
8f:53:fd:15:1b:b4:8c:5f:ca:ae:52:6d:48:c2:0a:
7c:a3:64:c7:84:cd:7e:38:d5:62:73:92:44:e4:b4:
ed:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:96:EE:5F:5E:14:DB:7A:07:B8:7C:BC:77:E3:AA:51:09:7B:D8:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee98048-5141-4b16-8b8c-269a397f53ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4080::/48
Signature Algorithm: sha256WithRSAEncryption
26:db:1f:9d:9e:6c:88:42:e2:a2:cc:af:6a:32:7e:26:0d:b9:
47:b2:5f:8a:97:37:1d:db:1d:1b:ac:33:23:ee:01:c6:f3:25:
6f:45:d3:2b:be:1f:8b:f0:a2:4a:48:f7:43:c9:58:fc:e3:66:
80:26:a2:9d:2d:a9:45:2a:7a:b6:20:19:2a:98:f4:39:b7:09:
db:47:a1:4c:0c:5d:a8:55:71:17:8c:04:be:af:1f:89:d7:5b:
46:1c:8d:4c:6e:4c:da:d9:1c:d2:d7:13:cb:6f:97:66:28:2e:
a1:9f:35:93:39:77:22:08:1c:c8:7d:39:fb:df:1f:9d:96:53:
af:b1:12:f1:02:00:1e:59:9e:c5:c9:c6:43:c4:a1:a5:65:bb:
0b:0e:43:81:f3:ea:93:a8:0a:a2:7a:c9:d5:a0:9a:b1:bc:c7:
7b:10:a2:8c:6d:0a:11:1a:0b:d4:16:4e:82:63:e8:0d:92:54:
50:62:34:21:cb:4c:17:16:2d:55:c5:84:fe:7e:80:87:a8:eb:
ba:19:4d:c1:31:26:ab:b0:6a:6c:be:ec:70:12:6d:cf:c9:d0:
3a:a3:52:52:f6:ab:07:68:0f:f2:42:e0:a6:a1:e0:c5:46:ac:
90:38:f8:25:cf:56:f3:cc:2f:c8:a2:eb:b0:1f:88:26:94:1a:
67:92:bc:4c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDWuagkOBqUskULMp2/SGuUFRHt4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTExMTNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3MGQ3ZTg1MjdkZjc4YTgxMDljZTQwMTc1NzUwYTc3NTU0OGZjYThjMjNj
OTRjY2Y0NWFjZjhhOWI5Y2JiOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLbYxXyF01bSJIsZdiTDVfF/mZY/9J7RGiqcOJ2TIN26aUNHTixjEGKgKOQ
NBN9GulMHCS+0vCnfU+vpgxW4VJi8ymIOkVifWe1GDnkue+1yWsIjAEwI2zhFz/c
EToWYZ1vpqOaEJcjGylbJmVpGjbBl3CRCNvjzm9QzO0PfKbgJxluvh4Y0ptBV8NE
0YYVBBOpWjyL74YH7AfhAXhMEZDJZxrpZMJoHU+AdVQCQRZjzuqgogyLdHeGKOio
625BjDwB7HDYM9JJuswSARDt2ml0GJ/1wpXf91xbpQLwPhcyj1P9FRu0jF/KrlJt
SMIKfKNkx4TNfjjVYnOSROS07U0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQGlu5f
XhTbege4fLx346pRCXvYHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmVlOTgwNDgtNTE0MS00YjE2LThiOGMtMjY5YTM5N2Y1M2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
gDANBgkqhkiG9w0BAQsFAAOCAQEAJtsfnZ5siELiosyvajJ+Jg25R7Jfipc3Hdsd
G6wzI+4BxvMlb0XTK74fi/CiSkj3Q8lY/ONmgCainS2pRSp6tiAZKpj0ObcJ20eh
TAxdqFVxF4wEvq8fiddbRhyNTG5M2tkc0tcTy2+XZiguoZ81kzl3IggcyH05+98f
nZZTr7ES8QIAHlmexcnGQ8ShpWW7Cw5DgfPqk6gKonrJ1aCasbzHexCijG0KERoL
1BZOgmPoDZJUUGI0IctMFxYtVcWE/n6Ah6jruhlNwTEmq7BqbL7scBJtz8nQOqNS
UvarB2gP8kLgpqHgxUaskDj4Jc9W88wvyKLrsB+IJpQaZ5K8TA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:26 2025 by rpki-client