Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8cd111d-bddb-47e0-af43-fc5a8d930376.roa
File: a8cd111d-bddb-47e0-af43-fc5a8d930376.roa (raw, json)
Hash identifier: mGMX8BDfgAyQnWU1S3jiRinEWWCXynrYP7ZB3UONXmw=
Subject key identifier: 97:F0:4D:89:01:CD:DE:D9:F5:53:0F:A5:F6:DD:F7:D3:6D:E7:02:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F843017A8E47E76C4BB64822A7E2E58AC95A93C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8cd111d-bddb-47e0-af43-fc5a8d930376.roa
Signing time: Mon 16 Jun 2025 20:00:17 +0000
ROA not before: Mon 16 Jun 2025 20:00:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:84:30:17:a8:e4:7e:76:c4:bb:64:82:2a:7e:2e:58:ac:95:a9:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=5351deeb9866900b92b87ea7ee30b09d72755ff8fcd3d920ea8d50fc214de090, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:82:36:e8:42:3d:f0:34:6b:76:30:f8:35:5f:
73:5a:9b:a6:ad:88:66:05:21:60:52:a7:61:0a:31:
ef:5f:6c:09:ed:c7:7e:91:6b:14:ab:ac:79:c7:85:
97:08:40:42:45:5b:bd:82:16:91:88:56:52:a2:20:
f9:21:9e:0e:76:08:4b:4b:c6:52:c2:21:83:6d:4b:
57:4e:52:9f:ee:2f:0a:6b:ee:f8:46:13:c4:8c:3d:
3f:4a:91:31:b5:a4:ad:28:72:63:84:26:8b:b8:2d:
fc:55:ef:c3:08:a3:83:29:fc:36:89:7e:3d:37:6b:
c1:69:fc:45:b2:08:dc:bb:b5:ec:f1:06:8e:60:33:
54:16:cc:8f:d1:86:79:a9:3a:00:a9:94:0e:24:27:
50:b0:20:18:a5:09:75:5b:8d:14:96:85:a2:04:a9:
83:a8:ba:f4:54:1c:15:b8:d6:9e:74:d5:fb:cf:eb:
9d:90:44:8b:de:90:36:05:da:72:47:07:33:b5:08:
3c:0f:c4:97:98:73:38:96:29:ee:fa:71:0a:55:4d:
b7:6e:4d:0d:11:5f:97:81:d6:38:de:73:fb:24:fd:
3c:fc:89:b3:78:d5:32:c4:2a:e4:f4:28:e2:d0:10:
77:a0:23:a2:72:21:ff:0e:e5:eb:83:0e:95:33:09:
15:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F0:4D:89:01:CD:DE:D9:F5:53:0F:A5:F6:DD:F7:D3:6D:E7:02:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8cd111d-bddb-47e0-af43-fc5a8d930376.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:1000::/40
Signature Algorithm: sha256WithRSAEncryption
0e:31:80:01:d8:5d:dc:2a:8a:a3:d8:0a:ea:cf:34:36:c0:df:
66:f6:b2:7e:02:f2:bf:e3:e0:2d:da:91:43:e0:c4:db:e9:c4:
ce:82:f9:e6:5c:24:e6:32:bb:6e:b3:dd:ed:4a:6e:c8:27:0e:
0a:25:4e:31:59:cf:7a:84:14:87:bb:09:45:49:d4:69:c8:41:
ac:47:4c:88:29:e5:09:0b:be:62:ce:02:f1:ac:87:0c:2f:d6:
35:ab:a9:19:e0:dc:14:37:81:2a:78:09:a6:a2:85:18:ab:38:
08:a8:40:c5:3f:56:c5:91:ad:40:71:79:5b:6a:1d:b6:09:fd:
9e:20:6b:67:54:14:6b:16:66:f1:2c:82:05:3d:35:c9:b0:92:
5a:b2:dd:a7:4c:b9:b1:39:b7:be:18:94:96:ad:d9:8d:06:da:
26:d7:07:62:c7:b9:b7:3f:1e:77:1e:92:65:36:58:43:f4:ab:
77:bd:75:14:da:dc:e6:93:89:a1:c0:bb:df:5c:a7:52:ba:88:
b8:49:d8:bd:33:06:93:2f:5f:de:2f:01:a4:d3:3a:f6:e2:cf:
6f:01:65:97:1e:d1:65:66:77:44:13:64:73:ad:b6:7b:8e:c9:
3a:f1:65:f9:b4:67:f6:95:a9:6a:a7:1b:06:34:05:57:ef:8f:
5d:63:4f:d3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf4QwF6jkfnbEu2SCKn4uWKyVqTwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzNTFkZWViOTg2NjkwMGI5MmI4N2VhN2VlMzBiMDlkNzI3NTVmZjhmY2Qz
ZDkyMGVhOGQ1MGZjMjE0ZGUwOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6CNuhCPfA0a3Yw+DVfc1qbpq2IZgUhYFKnYQox719sCe3HfpFrFKuseceF
lwhAQkVbvYIWkYhWUqIg+SGeDnYIS0vGUsIhg21LV05Sn+4vCmvu+EYTxIw9P0qR
MbWkrShyY4Qmi7gt/FXvwwijgyn8Nol+PTdrwWn8RbII3Lu17PEGjmAzVBbMj9GG
eak6AKmUDiQnULAgGKUJdVuNFJaFogSpg6i69FQcFbjWnnTV+8/rnZBEi96QNgXa
ckcHM7UIPA/El5hzOJYp7vpxClVNt25NDRFfl4HWON5z+yT9PPyJs3jVMsQq5PQo
4tAQd6AjonIh/w7l64MOlTMJFXMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSX8E2J
Ac3e2fVTD6X23ffTbecCJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YThjZDExMWQtYmRkYi00N2UwLWFmNDMtZmM1YThkOTMwMzc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAOMYAB2F3cKoqj2ArqzzQ2wN9m9rJ+AvK/4+At
2pFD4MTb6cTOgvnmXCTmMrtus93tSm7IJw4KJU4xWc96hBSHuwlFSdRpyEGsR0yI
KeUJC75izgLxrIcML9Y1q6kZ4NwUN4EqeAmmooUYqzgIqEDFP1bFka1AcXlbah22
Cf2eIGtnVBRrFmbxLIIFPTXJsJJast2nTLmxObe+GJSWrdmNBtom1wdix7m3Px53
HpJlNlhD9Kt3vXUU2tzmk4mhwLvfXKdSuoi4Sdi9MwaTL1/eLwGk0zr24s9vAWWX
HtFlZndEE2RzrbZ7jsk68WX5tGf2lalqpxsGNAVX749dY0/T
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:30:16 2025 by rpki-client