Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
File: 7dbe70b9-8807-4382-b0db-753dfbe69012.roa (raw, json)
Hash identifier: yuunjmEdzmCqSN3dohL8MAVxB9WKw3ziusCMaXoGRVM=
Subject key identifier: C5:53:9F:4C:77:FF:76:1B:F1:36:0D:24:B1:51:3C:68:F0:0D:28:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 08299E236D32D32946BBDACB375864B5FA6B0740
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
Signing time: Tue 05 Aug 2025 20:10:53 +0000
ROA not before: Tue 05 Aug 2025 20:10:53 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:29:9e:23:6d:32:d3:29:46:bb:da:cb:37:58:64:b5:fa:6b:07:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:10:53 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=46aebb4f2204da421e51695fd671288e2c3772e4f3161a59e5235fbceaa3ad66, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8f:81:db:61:61:34:f8:e5:df:cc:e3:41:f2:
d9:66:38:16:15:96:da:ac:75:0e:91:78:04:f2:89:
58:5f:2f:20:19:a0:f6:b9:24:1a:f7:9f:21:1e:c1:
8d:74:e6:d5:b5:b8:7d:08:90:9f:b2:89:e0:3e:82:
d6:97:d9:5e:1e:e4:9a:18:f9:00:b3:bf:7e:f4:d7:
70:af:b8:e9:bc:66:a8:cd:4f:f3:d4:44:cd:19:eb:
27:44:1a:97:45:1f:f0:eb:7c:30:91:ca:35:32:69:
7f:7d:e4:8b:0d:15:1f:5d:a7:bd:54:91:46:e7:75:
95:4b:f5:43:75:da:ed:2a:7a:3b:d6:b9:d4:ab:0c:
c3:91:4b:9f:d7:70:5f:fc:3b:2b:16:ae:b0:e4:27:
ff:a4:e7:5c:b2:91:1d:5c:6a:ef:7a:86:2c:58:18:
63:0d:8f:85:b5:c4:9b:6e:50:92:59:3b:c4:8f:25:
86:33:4c:8b:3b:e6:61:5a:88:82:e4:5b:c7:e5:d8:
91:69:c0:cd:ba:14:ab:a8:4b:3c:77:ae:d5:11:a4:
7b:41:a0:9e:77:0c:ea:f7:78:89:8b:83:18:b5:5f:
5f:ae:d4:17:33:3b:2c:09:c9:84:4c:54:b4:ec:3a:
11:9f:3b:61:eb:e4:43:9b:cd:aa:01:02:44:05:37:
8a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:53:9F:4C:77:FF:76:1B:F1:36:0D:24:B1:51:3C:68:F0:0D:28:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/37
Signature Algorithm: sha256WithRSAEncryption
3c:50:99:e5:ef:80:89:4b:29:6a:b3:cd:a0:1b:7f:86:3e:38:
05:fa:02:9c:ec:fe:e7:08:8d:a1:93:14:c7:83:db:9f:77:7f:
c8:42:fd:c1:84:96:12:6b:5d:d2:a6:48:2c:68:15:c8:0d:1a:
3e:99:96:6d:37:d2:32:1e:e2:82:27:d7:14:9f:5b:09:cf:f0:
7d:58:14:8e:65:5a:7d:3b:40:6c:02:c9:de:f3:3f:67:74:59:
9a:ba:f0:6d:af:32:4b:db:83:8c:bf:f1:6c:3b:29:25:44:cd:
64:00:ab:3e:c8:81:96:7c:38:2c:41:52:89:d7:bf:d4:54:5c:
83:31:46:f8:d9:0e:14:fb:c0:be:b7:bb:59:0d:62:ca:a3:78:
a7:85:cd:6d:9f:4a:f8:98:3d:a0:7e:ac:9d:af:f8:df:1e:fb:
27:6c:e9:55:c5:eb:c3:19:83:f2:ed:03:93:cb:88:3d:63:e6:
36:68:95:a7:98:2b:ae:aa:10:ec:ec:80:cf:18:dc:92:50:07:
72:bf:b3:a8:11:4f:9d:22:8d:a8:ed:aa:0a:9f:95:a6:0b:bc:
ae:6d:c5:5d:3b:95:d1:52:60:34:ec:8e:43:36:df:e7:ea:81:
1f:f9:7b:fd:9d:82:61:00:58:0a:a0:13:82:28:a9:f4:14:e0:
fd:4f:b1:05
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCCmeI20y0ylGu9rLN1hktfprB0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDEwNTNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2YWViYjRmMjIwNGRhNDIxZTUxNjk1ZmQ2NzEyODhlMmMzNzcyZTRmMzE2
MWE1OWU1MjM1ZmJjZWFhM2FkNjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSPgdthYTT45d/M40Hy2WY4FhWW2qx1DpF4BPKJWF8vIBmg9rkkGvefIR7B
jXTm1bW4fQiQn7KJ4D6C1pfZXh7kmhj5ALO/fvTXcK+46bxmqM1P89REzRnrJ0Qa
l0Uf8Ot8MJHKNTJpf33kiw0VH12nvVSRRud1lUv1Q3Xa7Sp6O9a51KsMw5FLn9dw
X/w7KxausOQn/6TnXLKRHVxq73qGLFgYYw2PhbXEm25Qklk7xI8lhjNMizvmYVqI
guRbx+XYkWnAzboUq6hLPHeu1RGke0GgnncM6vd4iYuDGLVfX67UFzM7LAnJhExU
tOw6EZ87YevkQ5vNqgECRAU3iocCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTFU59M
d/92G/E2DSSxUTxo8A0oVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RiZTcwYjktODgwNy00MzgyLWIwZGItNzUzZGZiZTY5MDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQA8UJnl74CJSylqs82gG3+GPjgF+gKc7P7nCI2h
kxTHg9ufd3/IQv3BhJYSa13SpkgsaBXIDRo+mZZtN9IyHuKCJ9cUn1sJz/B9WBSO
ZVp9O0BsAsne8z9ndFmauvBtrzJL24OMv/FsOyklRM1kAKs+yIGWfDgsQVKJ17/U
VFyDMUb42Q4U+8C+t7tZDWLKo3inhc1tn0r4mD2gfqydr/jfHvsnbOlVxevDGYPy
7QOTy4g9Y+Y2aJWnmCuuqhDs7IDPGNySUAdyv7OoEU+dIo2o7aoKn5WmC7yubcVd
O5XRUmA07I5DNt/n6oEf+Xv9nYJhAFgKoBOCKKn0FOD9T7EF
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:55:25 2025 by rpki-client