Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
File: 7a025e69-9e3e-460c-9734-42e9bd14485c.roa (raw, json)
Hash identifier: Mwd6zUtPb+WSPJVrBjGmdDCpRpcYj55SJ6lk0AKgvEY=
Subject key identifier: F0:74:AF:53:CA:6C:8F:71:BC:F5:7B:B6:CA:C1:BE:9E:E8:91:26:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B09F06A4052F943329236E91EF6FE7A9F4DD524
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
Signing time: Fri 22 Aug 2025 15:11:15 +0000
ROA not before: Fri 22 Aug 2025 15:11:15 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:09:f0:6a:40:52:f9:43:32:92:36:e9:1e:f6:fe:7a:9f:4d:d5:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:11:15 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=68dec8d1f3ef27d6d7228359349ef04b57744ed32f9e14f74cd38db2fc2d570c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ce:b2:a1:49:f3:06:80:c5:9e:5e:54:df:0e:
ea:9e:3f:9c:b4:21:61:51:35:2f:a8:4f:b8:b4:cb:
70:6e:a8:ad:4d:8a:53:5f:39:1c:b8:81:7d:36:30:
5e:fd:33:53:22:e9:16:49:c5:08:03:43:2f:07:f0:
6e:50:96:b1:25:a8:1b:0d:43:c0:0c:17:12:06:5a:
07:00:b1:01:fe:e9:05:3f:d2:ec:20:64:d4:f0:0c:
a9:c0:06:57:a2:0d:48:1e:b7:e3:33:d4:cb:8a:dd:
4d:35:be:32:2a:ba:7b:24:f1:d9:91:ec:82:ae:eb:
7a:bb:0a:ea:58:14:97:8d:f2:68:d9:19:fe:b1:30:
09:7e:65:cb:ec:92:97:68:3e:6d:92:4d:74:d8:3c:
c6:54:f4:88:a8:79:6a:fb:ac:72:bd:5c:18:c5:f7:
f9:f0:ef:14:f8:db:36:59:43:b6:7f:11:d1:2f:8f:
08:09:cc:08:03:85:28:3a:c2:a6:ec:a2:2f:a1:c8:
20:19:d8:53:10:f9:f6:c7:6c:00:08:05:fb:90:72:
7e:79:eb:b4:c7:00:b5:7d:c9:01:d9:3e:0f:5d:46:
fa:26:22:91:a8:1a:c5:19:a9:cb:65:c8:9c:5c:a7:
0e:be:ca:9e:59:0e:14:ae:10:3b:76:79:78:51:d8:
5c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:74:AF:53:CA:6C:8F:71:BC:F5:7B:B6:CA:C1:BE:9E:E8:91:26:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:6000::/40
Signature Algorithm: sha256WithRSAEncryption
8e:6d:aa:41:a9:4c:2b:62:09:a1:ed:fd:17:fc:4c:a2:71:40:
ee:ba:0e:9f:4c:74:88:27:6c:dd:c9:06:c9:0f:66:1b:44:6c:
17:ee:5e:b5:73:28:21:13:49:7e:46:ba:59:0e:59:02:1e:88:
60:e2:98:3c:a5:7f:15:6c:e6:22:16:6e:4c:58:23:f7:a8:4d:
7b:90:57:36:0a:2f:54:8e:1e:f2:cb:8f:e3:2e:26:41:91:78:
dd:26:07:15:76:30:26:2e:07:b9:a4:3b:d8:9e:39:48:8e:2c:
f5:47:f2:0e:7a:a8:68:05:52:bb:9a:02:2b:5d:b0:ed:36:5a:
17:0c:8b:b3:6c:d6:79:40:8a:18:da:93:9e:c9:ae:74:7b:39:
67:a4:a8:5f:77:f9:64:1a:95:c5:fa:8e:4e:40:7b:dd:97:1d:
c4:c2:96:73:df:27:02:f3:25:39:2b:e5:2f:2f:6f:70:c6:ab:
7c:9f:e8:29:38:55:86:9b:24:c3:be:68:36:4a:41:3e:5b:d4:
11:99:57:10:f9:3b:18:a3:39:60:5f:05:2f:56:70:24:90:00:
d9:c4:f8:9f:4c:c5:11:05:ad:47:93:3a:24:ff:e1:8c:48:67:
d6:2f:ed:a0:b7:64:2c:98:08:33:8a:8b:a5:f8:23:cc:99:ad:
53:82:85:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCwnwakBS+UMykjbpHvb+ep9N1SQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTExMTVaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4ZGVjOGQxZjNlZjI3ZDZkNzIyODM1OTM0OWVmMDRiNTc3NDRlZDMyZjll
MTRmNzRjZDM4ZGIyZmMyZDU3MGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/OsqFJ8waAxZ5eVN8O6p4/nLQhYVE1L6hPuLTLcG6orU2KU185HLiBfTYw
Xv0zUyLpFknFCANDLwfwblCWsSWoGw1DwAwXEgZaBwCxAf7pBT/S7CBk1PAMqcAG
V6INSB634zPUy4rdTTW+Miq6eyTx2ZHsgq7rersK6lgUl43yaNkZ/rEwCX5ly+yS
l2g+bZJNdNg8xlT0iKh5avuscr1cGMX3+fDvFPjbNllDtn8R0S+PCAnMCAOFKDrC
puyiL6HIIBnYUxD59sdsAAgF+5ByfnnrtMcAtX3JAdk+D11G+iYikagaxRmpy2XI
nFynDr7KnlkOFK4QO3Z5eFHYXKsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTwdK9T
ymyPcbz1e7bKwb6e6JEmJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2EwMjVlNjktOWUzZS00NjBjLTk3MzQtNDJlOWJkMTQ0ODVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBg
MA0GCSqGSIb3DQEBCwUAA4IBAQCObapBqUwrYgmh7f0X/EyicUDuug6fTHSIJ2zd
yQbJD2YbRGwX7l61cyghE0l+RrpZDlkCHohg4pg8pX8VbOYiFm5MWCP3qE17kFc2
Ci9Ujh7yy4/jLiZBkXjdJgcVdjAmLge5pDvYnjlIjiz1R/IOeqhoBVK7mgIrXbDt
NloXDIuzbNZ5QIoY2pOeya50ezlnpKhfd/lkGpXF+o5OQHvdlx3EwpZz3ycC8yU5
K+UvL29wxqt8n+gpOFWGmyTDvmg2SkE+W9QRmVcQ+TsYozlgXwUvVnAkkADZxPif
TMURBa1Hkzok/+GMSGfWL+2gt2QsmAgzioul+CPMma1TgoWc
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:55:23 2025 by rpki-client