Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
File: 8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa (raw, json)
Hash identifier: jd6drtailrI/NQLFaSbhmOBJXZNPwPA+nnRjMur4eWg=
Subject key identifier: 72:64:BC:AE:F1:7E:A2:D8:60:A8:46:48:FF:7E:DD:3C:76:DD:9D:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 18A7C202C042561C5A1544D9909CAAA5564CD1A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
Signing time: Tue 05 Aug 2025 20:20:09 +0000
ROA not before: Tue 05 Aug 2025 20:20:09 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d028::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:a7:c2:02:c0:42:56:1c:5a:15:44:d9:90:9c:aa:a5:56:4c:d1:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:20:09 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=4019be86600e4673410a29d76a4483ef23742ac745710c8ad72e06e62e0e52ff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a3:14:07:76:f4:1b:5c:5e:b6:95:79:a7:13:
93:8f:e9:fe:65:a5:cd:b6:38:5e:bc:4f:ce:2e:59:
d6:40:ca:28:82:91:af:37:88:06:92:b9:7f:60:15:
1a:08:42:bb:13:68:cf:16:4d:01:8e:9b:52:d2:f6:
47:dd:05:eb:ef:3c:6e:e9:10:dc:9f:2d:f9:f4:9a:
fe:7b:31:f6:c3:c2:2b:73:3a:0d:4b:c2:c8:01:11:
10:8f:76:97:48:3a:80:eb:e8:35:31:91:b4:c4:20:
e2:42:28:e7:e3:bd:05:3f:69:54:f9:52:3c:13:12:
50:56:9b:25:e8:83:98:16:91:58:8b:d7:93:82:06:
33:23:fc:a3:2c:a7:be:db:bd:0c:68:1c:dc:fe:1d:
e3:51:4c:03:57:aa:51:d5:8e:50:01:c1:ba:37:89:
d4:b2:66:f8:c6:aa:ea:c5:cd:67:99:19:1f:45:ba:
47:c4:de:cb:63:25:ef:12:97:4c:cc:5e:e4:d7:2a:
75:28:3d:79:85:40:c3:35:9d:b8:c8:b6:1e:89:f5:
ed:47:86:d8:7b:d5:e3:c9:f1:52:a4:14:7b:37:de:
86:c4:f6:3d:05:76:ff:18:01:4c:b4:89:3d:da:14:
12:44:70:cd:6b:fc:bc:68:53:27:12:00:a8:17:03:
82:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:64:BC:AE:F1:7E:A2:D8:60:A8:46:48:FF:7E:DD:3C:76:DD:9D:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d028::/36
Signature Algorithm: sha256WithRSAEncryption
ac:90:87:9a:45:dc:c5:8a:55:cd:39:bd:d9:5c:21:89:3e:f2:
0f:54:11:06:a9:33:1c:8f:fa:d7:1e:20:7f:71:cb:0e:0d:9c:
cb:55:f3:ba:1c:c6:8b:88:23:ad:68:de:59:62:6e:dd:8d:4d:
c9:c1:8c:b5:3b:08:68:56:1b:f1:91:1b:8a:8c:ad:dd:b5:43:
6c:de:a4:7d:b7:df:35:47:13:57:05:b1:8d:40:71:be:c1:dd:
32:ee:eb:5c:aa:a8:d3:0a:8f:8f:88:c9:99:f4:40:ef:9f:db:
15:f8:6e:e7:2e:fe:ba:3b:82:9a:6b:12:c1:1e:3e:2d:cd:5c:
99:69:f7:af:78:ec:eb:97:09:84:53:6c:b1:a7:64:e7:fe:de:
6a:22:2e:9b:7b:70:c3:87:bf:94:67:26:51:70:f1:38:8d:c9:
aa:b0:e6:25:ce:cb:69:25:91:6d:25:82:8a:9e:4e:75:ce:ab:
7f:e1:2e:e2:7a:f4:33:4d:a4:58:ac:25:bd:b4:b2:2c:70:a2:
26:1b:36:fd:dc:f5:74:3c:e1:00:4a:03:53:ec:9e:88:d9:0e:
d9:82:7c:e4:7a:68:0c:58:33:17:2c:85:ce:fd:b2:8d:7a:62:
37:31:3a:69:79:f7:19:1c:ea:ae:70:df:2d:21:4f:87:6f:b4:
4a:f1:a5:2a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGKfCAsBCVhxaFUTZkJyqpVZM0aAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDIwMDlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwMTliZTg2NjAwZTQ2NzM0MTBhMjlkNzZhNDQ4M2VmMjM3NDJhYzc0NTcx
MGM4YWQ3MmUwNmU2MmUwZTUyZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIqjFAd29BtcXraVeacTk4/p/mWlzbY4XrxPzi5Z1kDKKIKRrzeIBpK5f2AV
GghCuxNozxZNAY6bUtL2R90F6+88bukQ3J8t+fSa/nsx9sPCK3M6DUvCyAEREI92
l0g6gOvoNTGRtMQg4kIo5+O9BT9pVPlSPBMSUFabJeiDmBaRWIvXk4IGMyP8oyyn
vtu9DGgc3P4d41FMA1eqUdWOUAHBujeJ1LJm+Maq6sXNZ5kZH0W6R8Tey2Ml7xKX
TMxe5NcqdSg9eYVAwzWduMi2Hon17UeG2HvV48nxUqQUezfehsT2PQV2/xgBTLSJ
PdoUEkRwzWv8vGhTJxIAqBcDgg0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRyZLyu
8X6i2GCoRkj/ft08dt2dQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODAxNWZkYzQtZTc5ZC00NDAwLWE3ODYtYzcwYWIzZjEwZDJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CgA
MA0GCSqGSIb3DQEBCwUAA4IBAQCskIeaRdzFilXNOb3ZXCGJPvIPVBEGqTMcj/rX
HiB/ccsODZzLVfO6HMaLiCOtaN5ZYm7djU3JwYy1OwhoVhvxkRuKjK3dtUNs3qR9
t981RxNXBbGNQHG+wd0y7utcqqjTCo+PiMmZ9EDvn9sV+G7nLv66O4KaaxLBHj4t
zVyZafeveOzrlwmEU2yxp2Tn/t5qIi6be3DDh7+UZyZRcPE4jcmqsOYlzstpJZFt
JYKKnk51zqt/4S7ievQzTaRYrCW9tLIscKImGzb93PV0POEASgNT7J6I2Q7Zgnzk
emgMWDMXLIXO/bKNemI3MTppefcZHOqucN8tIU+Hb7RK8aUq
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:02 2025 by rpki-client