Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73488a43-875c-415a-9969-c278b245b9fb.roa
File: 73488a43-875c-415a-9969-c278b245b9fb.roa (raw, json)
Hash identifier: JBwYKCKCeBoQli+6nW5eeh1cwIaHZT6upJ4CEIa9Uh4=
Subject key identifier: 0A:EC:EF:A2:15:F0:F3:3B:E8:19:12:F5:4A:F8:1A:1F:05:60:9B:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F4BB137CF1DFD9164E3A7D5F9190322F43E1979
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73488a43-875c-415a-9969-c278b245b9fb.roa
Signing time: Tue 05 Aug 2025 19:30:21 +0000
ROA not before: Tue 05 Aug 2025 19:30:21 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:4b:b1:37:cf:1d:fd:91:64:e3:a7:d5:f9:19:03:22:f4:3e:19:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:30:21 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=e44f7ca79f9faab76640570d012bfeed5ade9d6331305d1e2016facb562c082a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:54:db:18:f6:ad:35:03:1d:fc:cb:df:4c:f4:
c6:7f:d5:61:e4:cf:3a:8c:31:94:bc:d5:97:3a:cd:
67:ce:85:8c:52:42:43:12:8e:8d:99:b7:12:00:eb:
67:38:f1:6e:1a:0c:d0:6d:a7:f6:98:5b:10:aa:80:
7d:f7:68:55:42:7c:91:10:71:c3:b1:ed:91:c1:26:
cf:7c:97:c0:59:1c:25:80:91:69:02:94:6e:97:dd:
06:c9:b5:bd:b6:11:63:f0:d3:7a:17:30:12:80:e6:
21:de:69:40:32:62:fb:77:0c:f0:85:7b:db:82:b6:
54:18:96:f8:21:04:ee:62:d9:9d:66:21:dc:6d:84:
35:73:ab:2c:65:ac:32:1f:d2:cb:7a:ee:ca:3a:53:
21:75:bc:52:4b:10:7c:cc:df:c7:91:2e:08:88:92:
3e:1f:87:70:1d:c8:e7:95:7d:42:0b:db:df:eb:25:
e0:50:db:94:55:ca:e3:c4:c6:44:68:2c:dc:aa:23:
76:d8:c8:24:eb:8c:49:20:9c:ad:17:2b:26:8b:f5:
89:b0:67:a0:53:3f:e8:6e:e9:df:ec:59:65:b5:bd:
69:e9:e2:aa:34:4a:20:3b:55:41:98:32:6c:69:0a:
72:93:7c:5b:f3:ea:90:2a:c1:14:ab:e1:c0:af:d8:
65:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:EC:EF:A2:15:F0:F3:3B:E8:19:12:F5:4A:F8:1A:1F:05:60:9B:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73488a43-875c-415a-9969-c278b245b9fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e080::/48
Signature Algorithm: sha256WithRSAEncryption
aa:89:df:f5:2c:e9:11:2d:16:52:19:01:91:f0:0c:89:bc:36:
fd:0b:dd:7a:72:ae:ca:8d:b3:18:b6:ee:3a:22:a5:75:17:79:
dc:d9:1c:e1:98:c8:e2:fc:5c:b1:66:74:73:7c:53:81:65:56:
47:1d:46:1b:bc:34:af:e0:14:83:39:a6:34:7b:56:1a:71:be:
18:75:de:60:01:5b:0f:92:5d:19:95:0d:99:60:ef:31:87:6a:
75:4f:a0:03:dc:ea:57:2e:9b:1f:3f:bb:1e:5b:a9:12:77:99:
d1:d3:c1:1a:3b:51:0c:2f:e9:f1:ca:9b:3a:8a:48:80:2a:09:
3b:47:fe:90:86:ca:61:64:de:8c:7d:29:4b:bc:e0:8d:74:b6:
86:6a:0a:1d:7f:15:08:43:84:19:06:6f:57:3f:77:5e:a2:de:
3d:c7:b3:ff:fa:f9:ec:91:d3:21:79:2c:46:48:05:7c:8d:29:
b3:18:60:fb:b1:3b:1e:b6:42:38:e1:4a:80:54:c7:76:b4:a2:
da:2f:f5:9a:01:be:8d:e8:77:77:5e:ad:cd:09:13:aa:48:17:
b1:14:72:48:f7:74:bb:08:fd:8f:67:fe:52:54:af:a8:27:8c:
a6:dd:d6:7e:0b:4e:13:6b:e7:ad:1d:eb:1f:a8:1b:7d:e8:30:
f4:21:68:c5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUH0uxN88d/ZFk46fV+RkDIvQ+GXkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMwMjFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0NGY3Y2E3OWY5ZmFhYjc2NjQwNTcwZDAxMmJmZWVkNWFkZTlkNjMzMTMw
NWQxZTIwMTZmYWNiNTYyYzA4MmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN1U2xj2rTUDHfzL30z0xn/VYeTPOowxlLzVlzrNZ86FjFJCQxKOjZm3EgDr
ZzjxbhoM0G2n9phbEKqAffdoVUJ8kRBxw7HtkcEmz3yXwFkcJYCRaQKUbpfdBsm1
vbYRY/DTehcwEoDmId5pQDJi+3cM8IV724K2VBiW+CEE7mLZnWYh3G2ENXOrLGWs
Mh/Sy3ruyjpTIXW8UksQfMzfx5EuCIiSPh+HcB3I55V9Qgvb3+sl4FDblFXK48TG
RGgs3KojdtjIJOuMSSCcrRcrJov1ibBnoFM/6G7p3+xZZbW9aeniqjRKIDtVQZgy
bGkKcpN8W/PqkCrBFKvhwK/YZWUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQK7O+i
FfDzO+gZEvVK+BofBWCb5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM0ODhhNDMtODc1Yy00MTVhLTk5NjktYzI3OGIyNDViOWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
gDANBgkqhkiG9w0BAQsFAAOCAQEAqonf9SzpES0WUhkBkfAMibw2/QvdenKuyo2z
GLbuOiKldRd53Nkc4ZjI4vxcsWZ0c3xTgWVWRx1GG7w0r+AUgzmmNHtWGnG+GHXe
YAFbD5JdGZUNmWDvMYdqdU+gA9zqVy6bHz+7HlupEneZ0dPBGjtRDC/p8cqbOopI
gCoJO0f+kIbKYWTejH0pS7zgjXS2hmoKHX8VCEOEGQZvVz93XqLePcez//r57JHT
IXksRkgFfI0psxhg+7E7HrZCOOFKgFTHdrSi2i/1mgG+jeh3d16tzQkTqkgXsRRy
SPd0uwj9j2f+UlSvqCeMpt3WfgtOE2vnrR3rH6gbfegw9CFoxQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:48:21 2025 by rpki-client