Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c99b00e-290a-4618-8076-435475c3020f.roa
File: 8c99b00e-290a-4618-8076-435475c3020f.roa (raw, json)
Hash identifier: gtn0FM2idBDX+McW9+ryS/UpHO7Z3Pp6LFeYV6a24Ao=
Subject key identifier: 40:F0:2F:AB:43:B5:C9:5F:FF:C9:2C:C2:6B:F6:77:ED:63:D6:25:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 709F195D75C24469BC54C7FA404FA7832F915744
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c99b00e-290a-4618-8076-435475c3020f.roa
Signing time: Mon 16 Jun 2025 20:21:18 +0000
ROA not before: Mon 16 Jun 2025 20:21:18 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:9f:19:5d:75:c2:44:69:bc:54:c7:fa:40:4f:a7:83:2f:91:57:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:21:18 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=d05f3075fb03c9399b21889265d9641385b48d529923775bcf5ddb9ca65e2e25, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1b:dc:dd:64:d8:59:0f:8b:9a:28:db:8e:f4:
c1:99:09:04:ff:27:41:2f:ed:78:9c:8d:c8:01:e9:
87:24:13:5a:99:9e:0a:4b:9f:41:0d:cc:05:eb:73:
78:d1:5d:b2:38:ea:ba:30:6a:52:71:49:e9:15:b9:
25:d0:ed:0f:2d:97:b8:50:e5:bb:6e:d4:93:e6:87:
e0:96:a5:ea:97:8a:b3:5b:0c:24:7a:27:11:eb:35:
64:b5:02:bc:3f:e8:ee:76:84:ec:8e:75:ca:ad:b5:
0b:ba:3a:8a:ce:e0:b5:94:1e:c6:54:63:c2:c1:d0:
98:4d:2a:3a:fa:af:4e:66:f5:03:e7:f1:95:08:7d:
0a:bf:f3:5f:74:f1:1a:1e:6d:56:37:f7:e0:9e:d5:
68:95:2b:9a:8a:be:24:34:5b:19:59:3f:5f:01:8a:
71:f5:e2:55:65:91:36:54:f9:26:c1:49:af:02:0e:
a6:96:72:5d:70:e4:ca:82:d2:32:f6:a9:6a:20:08:
1a:c1:7e:f1:58:81:e4:55:8f:84:7e:f3:c9:ce:18:
24:c6:52:d0:d4:58:5e:be:2e:57:c3:f6:74:f4:9b:
e5:70:ff:fe:07:a4:d5:6e:75:f9:74:7d:d7:e7:55:
02:f1:9f:0a:c5:2d:d9:8f:90:d5:bf:df:3f:29:07:
f6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F0:2F:AB:43:B5:C9:5F:FF:C9:2C:C2:6B:F6:77:ED:63:D6:25:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c99b00e-290a-4618-8076-435475c3020f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c080::/48
Signature Algorithm: sha256WithRSAEncryption
9a:42:71:38:18:60:81:ec:33:80:91:23:5f:13:ff:cd:92:15:
bf:b5:e3:f1:e5:fd:04:78:e2:8e:62:f7:37:8f:04:3f:36:07:
55:a4:87:18:f8:d4:8b:00:b5:d1:1f:1c:6e:4e:fe:62:e4:2a:
17:ab:e4:43:ce:b7:fe:14:7d:20:35:b7:bb:5b:9a:91:55:9f:
b9:5d:ed:b9:1f:02:1d:86:35:ec:71:24:32:2a:1a:ed:d2:3a:
d4:ba:ce:7e:6e:4b:25:3d:14:61:d0:78:59:44:24:22:df:3f:
ae:bd:3a:e7:43:19:0f:f7:10:27:c6:fe:e3:6e:e2:ab:61:1d:
83:b0:63:96:94:30:11:50:1e:88:01:02:80:85:f0:13:da:37:
67:e5:3c:31:70:62:69:63:47:85:41:17:99:88:5f:83:6b:ce:
3f:37:7b:84:54:d4:ba:45:5a:61:51:3f:e5:0a:75:33:fa:50:
74:3c:6a:bb:dd:6c:3a:b4:a1:01:28:0f:d4:a1:c2:e7:3e:f2:
21:b3:25:84:a6:e8:ca:6b:a2:ea:03:48:64:7e:27:e8:00:61:
2b:46:75:50:ee:12:00:14:b0:38:2b:ed:f7:b3:22:86:04:7a:
33:03:72:88:3d:26:86:ae:e6:f5:b8:98:d4:08:2e:e8:de:af:
c3:32:45:85
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcJ8ZXXXCRGm8VMf6QE+ngy+RV0QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIxMThaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwNWYzMDc1ZmIwM2M5Mzk5YjIxODg5MjY1ZDk2NDEzODViNDhkNTI5OTIz
Nzc1YmNmNWRkYjljYTY1ZTJlMjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkb3N1k2FkPi5oo2470wZkJBP8nQS/teJyNyAHphyQTWpmeCkufQQ3MBetz
eNFdsjjqujBqUnFJ6RW5JdDtDy2XuFDlu27Uk+aH4Jal6peKs1sMJHonEes1ZLUC
vD/o7naE7I51yq21C7o6is7gtZQexlRjwsHQmE0qOvqvTmb1A+fxlQh9Cr/zX3Tx
Gh5tVjf34J7VaJUrmoq+JDRbGVk/XwGKcfXiVWWRNlT5JsFJrwIOppZyXXDkyoLS
MvapaiAIGsF+8ViB5FWPhH7zyc4YJMZS0NRYXr4uV8P2dPSb5XD//gek1W51+XR9
1+dVAvGfCsUt2Y+Q1b/fPykH9kcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRA8C+r
Q7XJX//JLMJr9nftY9YlWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGM5OWIwMGUtMjkwYS00NjE4LTgwNzYtNDM1NDc1YzMwMjBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADA
gDANBgkqhkiG9w0BAQsFAAOCAQEAmkJxOBhggewzgJEjXxP/zZIVv7Xj8eX9BHji
jmL3N48EPzYHVaSHGPjUiwC10R8cbk7+YuQqF6vkQ863/hR9IDW3u1uakVWfuV3t
uR8CHYY17HEkMioa7dI61LrOfm5LJT0UYdB4WUQkIt8/rr0650MZD/cQJ8b+427i
q2Edg7BjlpQwEVAeiAECgIXwE9o3Z+U8MXBiaWNHhUEXmYhfg2vOPzd7hFTUukVa
YVE/5Qp1M/pQdDxqu91sOrShASgP1KHC5z7yIbMlhKboymui6gNIZH4n6ABhK0Z1
UO4SABSwOCvt97MihgR6MwNyiD0mhq7m9biY1Agu6N6vwzJFhQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:18:23 2025 by rpki-client