Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
File: af189eff-34de-4652-a029-d682c90d1fc5.roa (raw, json)
Hash identifier: /3UC8suLssTwqevSV/6eaq8YWfeECjjNGz/MWX8dYdc=
Subject key identifier: 52:0A:E9:61:EB:DA:FF:18:24:F7:47:24:09:11:83:9B:B2:A1:76:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49A3F5EE590A65F7EF6E1E0EB1E027FD24C752AF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
Signing time: Tue 05 Aug 2025 19:31:30 +0000
ROA not before: Tue 05 Aug 2025 19:31:30 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:a3:f5:ee:59:0a:65:f7:ef:6e:1e:0e:b1:e0:27:fd:24:c7:52:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:30 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=2107880b83cb16d996c21bb616bbe7f3cdf8d3b6f768537504a7ba72d942e3d3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8b:a5:4e:67:f6:17:47:c1:a8:95:c4:99:4a:
20:02:0d:59:b8:9c:83:e4:57:46:25:c1:a0:ab:d8:
27:77:a2:8b:bc:0d:6c:2f:31:94:ad:21:b5:54:18:
4d:58:76:5b:a0:8f:2d:f8:ef:b1:ae:c8:ba:8b:f7:
f6:70:78:82:6a:44:88:f1:74:f5:35:75:b9:4b:6d:
3c:58:9f:69:22:d5:85:e3:bb:2a:fe:e4:e6:e8:e8:
04:e2:4c:8c:a3:23:3a:87:67:cf:16:3d:3e:9d:29:
12:a6:94:7e:ec:99:5b:c3:78:13:1a:53:41:0f:bb:
96:17:21:07:40:9f:8e:7e:59:33:a3:d3:c9:67:f8:
3e:ff:39:e8:c2:ef:62:09:dd:81:e7:0b:1f:b8:6a:
61:c2:de:48:24:47:39:29:62:70:a2:d5:8e:ba:83:
b4:f0:bd:58:64:cb:c0:7a:91:49:72:75:e0:5e:9b:
4b:0c:5a:1a:c0:74:b6:06:1f:1a:cf:79:79:6c:a1:
c4:a8:2e:01:ea:27:54:a2:9b:ab:9f:ea:e5:e4:c6:
dd:83:d7:cb:98:cc:7a:e8:66:b9:4b:85:04:cd:b4:
a3:8c:a4:7d:6d:a9:e7:b5:68:2c:56:ab:35:18:4b:
b0:52:f5:6d:11:f6:93:ed:7f:6d:e1:e2:6f:e0:4e:
a8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:0A:E9:61:EB:DA:FF:18:24:F7:47:24:09:11:83:9B:B2:A1:76:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
bb:ca:65:ab:c0:df:19:d7:95:f6:c0:c8:58:60:4a:7a:6d:94:
39:f7:19:98:bd:ce:fb:17:76:80:92:5f:4b:02:18:cf:c2:39:
2e:88:ac:cb:a9:68:22:66:a2:6f:61:e0:16:ec:f4:15:b0:f4:
3f:dc:4a:3f:73:ef:a0:e4:38:94:a0:e5:2e:04:15:c3:07:79:
0b:ef:73:b9:57:48:53:07:7b:e2:1a:00:9c:26:41:64:a4:65:
c4:88:26:48:b5:a2:be:f6:d4:0c:44:c1:53:bb:38:6d:ca:bc:
c2:df:f4:1e:eb:01:c2:ac:5c:54:c1:4c:ce:f8:6b:ff:4d:4e:
36:37:de:3b:55:7d:3a:7e:0e:43:3d:ea:49:30:fe:00:45:07:
ad:c3:01:78:aa:d3:bc:ba:52:a5:a6:4e:c0:f7:2e:77:0b:75:
55:15:5a:dc:3a:d8:c9:91:9d:83:30:37:b0:bb:c6:a1:fd:44:
2c:e1:73:59:c0:98:08:7b:48:b9:f4:77:c3:13:b9:e9:7f:b8:
ca:89:21:8f:63:79:e0:d4:cf:dc:78:f9:a5:2e:87:39:42:46:
40:15:36:dc:be:48:bb:91:bd:21:bf:b1:69:47:dc:01:8c:a8:
25:ab:bf:06:7a:d6:cd:28:fd:e1:b0:30:60:af:2d:9d:63:ab:
99:46:93:7b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSaP17lkKZffvbh4OseAn/STHUq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxMzBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxMDc4ODBiODNjYjE2ZDk5NmMyMWJiNjE2YmJlN2YzY2RmOGQzYjZmNzY4
NTM3NTA0YTdiYTcyZDk0MmUzZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIWLpU5n9hdHwaiVxJlKIAINWbicg+RXRiXBoKvYJ3eii7wNbC8xlK0htVQY
TVh2W6CPLfjvsa7Iuov39nB4gmpEiPF09TV1uUttPFifaSLVheO7Kv7k5ujoBOJM
jKMjOodnzxY9Pp0pEqaUfuyZW8N4ExpTQQ+7lhchB0Cfjn5ZM6PTyWf4Pv856MLv
YgndgecLH7hqYcLeSCRHOSlicKLVjrqDtPC9WGTLwHqRSXJ14F6bSwxaGsB0tgYf
Gs95eWyhxKguAeonVKKbq5/q5eTG3YPXy5jMeuhmuUuFBM20o4ykfW2p57VoLFar
NRhLsFL1bRH2k+1/beHib+BOqCkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRSCulh
69r/GCT3RyQJEYObsqF2ADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWYxODllZmYtMzRkZS00NjUyLWEwMjktZDY4MmM5MGQxZmM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
wDANBgkqhkiG9w0BAQsFAAOCAQEAu8plq8DfGdeV9sDIWGBKem2UOfcZmL3O+xd2
gJJfSwIYz8I5Loisy6loImaib2HgFuz0FbD0P9xKP3PvoOQ4lKDlLgQVwwd5C+9z
uVdIUwd74hoAnCZBZKRlxIgmSLWivvbUDETBU7s4bcq8wt/0HusBwqxcVMFMzvhr
/01ONjfeO1V9On4OQz3qSTD+AEUHrcMBeKrTvLpSpaZOwPcudwt1VRVa3DrYyZGd
gzA3sLvGof1ELOFzWcCYCHtIufR3wxO56X+4yokhj2N54NTP3Hj5pS6HOUJGQBU2
3L5Iu5G9Ib+xaUfcAYyoJau/BnrWzSj94bAwYK8tnWOrmUaTew==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:04 2025 by rpki-client