Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
File: ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa (raw, json)
Hash identifier: qajeJf8kvH4cLVIuOF4fbffoZ6b96p2FGXTSwkzE09c=
Subject key identifier: 1A:E4:A3:0A:D1:CE:20:67:D2:68:1E:33:49:E7:4E:F1:2B:64:E0:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79FADD967153FF4D25449975BDB1F3FEE893693B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
Signing time: Mon 16 Jun 2025 19:50:19 +0000
ROA not before: Mon 16 Jun 2025 19:50:19 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:fa:dd:96:71:53:ff:4d:25:44:99:75:bd:b1:f3:fe:e8:93:69:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:50:19 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=ad571505c1b252613fe8204550077e5fd55cd3c04dc8cdcfb83e5949ba714e4e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2d:94:56:b8:88:f4:fc:ee:04:74:d4:7a:8e:
b6:cd:68:67:19:ba:bc:60:7f:d6:aa:21:7b:5e:a1:
57:57:24:12:7b:22:64:c3:4d:41:c3:ea:0e:e0:4e:
a0:3e:25:79:91:6d:d6:d0:d7:b3:f1:5e:9e:e5:59:
e1:86:82:52:03:80:59:d8:c3:ad:22:88:e3:0a:fb:
c5:45:4c:a2:b8:1d:51:c0:7f:a8:7b:c0:0f:e0:4e:
9d:43:a4:6a:49:33:f3:90:38:7e:52:51:16:50:bf:
30:54:4e:6c:8c:26:8a:c7:78:fa:ad:2e:90:b4:e0:
1a:ef:2e:d1:6b:0b:1a:27:bd:eb:f9:c9:4c:93:b5:
0a:07:44:3d:68:de:19:29:95:16:b4:2e:25:15:08:
c7:e5:09:7d:75:47:de:e7:b4:56:ba:bb:24:52:7a:
51:5c:6b:1d:b0:9c:a1:cf:f6:c4:20:86:b4:59:09:
d7:53:cc:a1:44:ba:6f:42:af:dc:3c:3e:f9:b0:81:
1c:45:6c:53:cb:eb:a1:65:19:fd:c8:9f:d5:36:a8:
7c:ee:ea:e2:15:f0:37:2f:65:2f:09:28:71:4a:06:
6d:52:4a:cd:db:a2:3c:17:ab:73:95:ba:47:9f:18:
28:b8:8c:6a:10:1c:de:68:43:b4:df:56:01:e3:7b:
21:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E4:A3:0A:D1:CE:20:67:D2:68:1E:33:49:E7:4E:F1:2B:64:E0:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
27:5c:7b:c6:f4:39:75:69:9d:5c:b1:43:e5:8c:87:e9:98:30:
0a:e4:26:50:7d:8c:7b:a8:c4:8e:9c:6d:58:e8:d3:a3:6f:db:
68:7c:94:e2:8c:46:b6:4f:77:39:94:7a:2e:53:b3:c3:f4:bc:
bc:2c:33:eb:89:c5:b6:eb:75:a7:64:9e:d2:ea:57:39:49:1a:
36:28:69:68:54:3f:23:47:ca:97:93:e5:0c:32:30:6f:b4:00:
cf:9f:3b:e6:6a:54:d6:b8:94:63:37:d2:4c:e9:e9:f8:9f:c2:
1d:30:e1:cd:ea:9b:48:3b:2f:25:aa:79:94:df:5d:41:7d:01:
09:e0:a6:ba:b9:bb:fc:66:4d:7c:eb:8a:33:fc:38:22:c0:3e:
73:0a:db:85:7c:20:63:2e:a6:68:de:de:96:b8:59:23:13:aa:
60:90:5d:7f:bc:f9:94:0b:a2:09:25:6b:11:ab:87:78:07:02:
c2:83:53:ea:b4:99:a1:68:25:d8:5c:b0:84:7f:39:05:e5:33:
e3:ae:b9:ef:75:ca:cc:b4:ff:0a:67:3c:1f:17:de:6f:fa:ba:
2f:a9:89:50:c4:bb:ad:18:f2:f6:0b:44:18:ab:63:63:5b:b5:
0d:c1:ff:d7:78:51:eb:ac:d6:4b:02:ab:1c:d0:fb:c5:b1:71:
04:d3:69:79
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUefrdlnFT/00lRJl1vbHz/uiTaTswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUwMTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkNTcxNTA1YzFiMjUyNjEzZmU4MjA0NTUwMDc3ZTVmZDU1Y2QzYzA0ZGM4
Y2RjZmI4M2U1OTQ5YmE3MTRlNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMctlFa4iPT87gR01HqOts1oZxm6vGB/1qohe16hV1ckEnsiZMNNQcPqDuBO
oD4leZFt1tDXs/FenuVZ4YaCUgOAWdjDrSKI4wr7xUVMorgdUcB/qHvAD+BOnUOk
akkz85A4flJRFlC/MFRObIwmisd4+q0ukLTgGu8u0WsLGie96/nJTJO1CgdEPWje
GSmVFrQuJRUIx+UJfXVH3ue0Vrq7JFJ6UVxrHbCcoc/2xCCGtFkJ11PMoUS6b0Kv
3Dw++bCBHEVsU8vroWUZ/cif1TaofO7q4hXwNy9lLwkocUoGbVJKzduiPBerc5W6
R58YKLiMahAc3mhDtN9WAeN7IdcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQa5KMK
0c4gZ9JoHjNJ507xK2TgUDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIxZmRjNGEtZmExYS00ODEzLTgyNzItOTYwMWEzZDc1NWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAJ1x7xvQ5dWmdXLFD5YyH6ZgwCuQmUH2Me6jE
jpxtWOjTo2/baHyU4oxGtk93OZR6LlOzw/S8vCwz64nFtut1p2Se0upXOUkaNihp
aFQ/I0fKl5PlDDIwb7QAz5875mpU1riUYzfSTOnp+J/CHTDhzeqbSDsvJap5lN9d
QX0BCeCmurm7/GZNfOuKM/w4IsA+cwrbhXwgYy6maN7elrhZIxOqYJBdf7z5lAui
CSVrEauHeAcCwoNT6rSZoWgl2FywhH85BeUz466573XKzLT/Cmc8Hxfeb/q6L6mJ
UMS7rRjy9gtEGKtjY1u1DcH/13hR66zWSwKrHND7xbFxBNNpeQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:20 2025 by rpki-client