Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
File: ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa (raw, json)
Hash identifier: gIaEaW2ssHKj4bmk40toNL2t/mqDeDYDCK9ssEkWKLI=
Subject key identifier: 4B:A2:4A:F1:F3:89:9C:84:43:3A:8E:16:B5:45:26:85:1F:33:C5:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23EB4247EC9BE1CA94284C42FB84522DE6C7AF6A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
Signing time: Mon 16 Jun 2025 20:11:36 +0000
ROA not before: Mon 16 Jun 2025 20:11:36 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:eb:42:47:ec:9b:e1:ca:94:28:4c:42:fb:84:52:2d:e6:c7:af:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:11:36 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=824c4ef605578c5dc8b0e35feeb3d7fe473ff25746cad90ad91bed4ac1b3ef21, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:38:68:b6:ce:63:88:a3:88:d4:1b:20:93:81:
7b:8e:fd:92:a8:06:74:19:19:86:69:98:cc:5d:cd:
fe:40:9d:22:ca:0c:7b:90:0e:3b:3b:ed:9e:27:0b:
17:bd:5c:93:37:21:f8:c7:4e:cb:95:24:70:ab:01:
43:08:fa:32:14:cb:4b:15:32:ec:60:48:24:6d:29:
25:29:47:0a:d7:a8:d7:39:13:e0:11:80:00:4d:65:
b9:c3:c3:cb:cc:05:8a:74:b8:fa:3a:0a:f7:6d:a7:
7c:5e:ea:09:ec:12:c4:11:cb:99:db:aa:f9:33:11:
cb:6d:07:14:ef:e8:5a:d4:1c:fa:b5:bd:0d:1f:9d:
2f:b5:38:e7:df:ed:2c:41:2e:2e:30:67:9c:bd:26:
34:e6:b8:ff:61:e6:d8:bc:92:80:b6:70:b9:bb:94:
9f:64:17:db:07:41:67:0b:07:f2:a7:72:fd:1d:14:
d0:df:5d:b7:9d:e7:d6:dd:e6:32:0b:43:f9:1d:37:
43:ba:72:95:d0:db:95:76:b3:83:24:11:9e:d8:0a:
d8:2b:9b:36:91:b8:ca:3f:53:ac:b8:a8:58:92:39:
44:78:53:72:4a:e0:97:ce:82:69:b3:d7:98:72:0d:
92:a1:d8:1d:0f:bb:56:cb:5f:60:66:aa:33:35:cf:
2c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A2:4A:F1:F3:89:9C:84:43:3A:8E:16:B5:45:26:85:1F:33:C5:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
76:fc:a9:a1:23:96:74:0c:4a:e2:3a:03:fd:9e:4c:28:06:41:
ab:8c:5b:78:b0:24:9d:08:06:b9:bb:32:b9:18:5e:54:a2:28:
03:52:e3:8f:d9:af:17:76:60:ba:c4:b5:6b:28:74:f4:1e:a7:
de:95:c3:c3:c3:9e:4b:10:15:21:40:5b:de:b6:c8:55:19:78:
91:7e:2b:5d:21:9d:9e:05:cd:b6:91:d3:c3:99:0b:b1:0d:c6:
58:30:6e:65:43:d0:3d:4e:67:b9:f3:ae:35:4e:73:a1:6d:4d:
d5:43:59:f1:5c:0b:54:76:53:98:47:15:f2:f8:32:95:fc:ed:
d9:c7:4d:ef:b7:cd:98:eb:4d:00:0d:69:95:c5:8c:4b:2e:b6:
ca:c0:10:32:63:a7:59:f6:d3:2c:f2:04:c1:80:4a:ed:fd:95:
af:75:fb:fd:b9:be:3e:46:c9:f6:55:44:dc:df:49:3d:63:9f:
72:65:60:48:ec:0a:48:69:6b:a5:18:f0:1f:20:b8:66:a5:73:
eb:60:13:6b:52:00:82:80:d5:75:a6:27:d7:98:31:35:1b:11:
3f:6a:d5:af:86:de:e7:3e:72:ae:45:7a:a3:5c:73:76:37:0e:
6e:ff:0f:d8:01:c0:f6:f0:4f:6a:43:3e:20:60:4f:d2:3b:74:
2e:64:f3:6a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUI+tCR+yb4cqUKExC+4RSLebHr2owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDExMzZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyNGM0ZWY2MDU1NzhjNWRjOGIwZTM1ZmVlYjNkN2ZlNDczZmYyNTc0NmNh
ZDkwYWQ5MWJlZDRhYzFiM2VmMjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOw4aLbOY4ijiNQbIJOBe479kqgGdBkZhmmYzF3N/kCdIsoMe5AOOzvtnicL
F71ckzch+MdOy5UkcKsBQwj6MhTLSxUy7GBIJG0pJSlHCteo1zkT4BGAAE1lucPD
y8wFinS4+joK922nfF7qCewSxBHLmduq+TMRy20HFO/oWtQc+rW9DR+dL7U459/t
LEEuLjBnnL0mNOa4/2Hm2LySgLZwubuUn2QX2wdBZwsH8qdy/R0U0N9dt53n1t3m
MgtD+R03Q7pyldDblXazgyQRntgK2CubNpG4yj9TrLioWJI5RHhTckrgl86CabPX
mHINkqHYHQ+7VstfYGaqMzXPLNsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRLokrx
84mchEM6jha1RSaFHzPFXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIyMzJiODYtOWJkNi00MDljLThkZTUtOTJiZmZmMmE4YjVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
wDANBgkqhkiG9w0BAQsFAAOCAQEAdvypoSOWdAxK4joD/Z5MKAZBq4xbeLAknQgG
ubsyuRheVKIoA1Ljj9mvF3ZgusS1ayh09B6n3pXDw8OeSxAVIUBb3rbIVRl4kX4r
XSGdngXNtpHTw5kLsQ3GWDBuZUPQPU5nufOuNU5zoW1N1UNZ8VwLVHZTmEcV8vgy
lfzt2cdN77fNmOtNAA1plcWMSy62ysAQMmOnWfbTLPIEwYBK7f2Vr3X7/bm+PkbJ
9lVE3N9JPWOfcmVgSOwKSGlrpRjwHyC4ZqVz62ATa1IAgoDVdaYn15gxNRsRP2rV
r4be5z5yrkV6o1xzdjcObv8P2AHA9vBPakM+IGBP0jt0LmTzag==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:12 2025 by rpki-client