Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa
File: b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa (raw, json)
Hash identifier: NZX4RONwVV9el6xg9haNFokqpMWKiKn5PL4mg89ZkPs=
Subject key identifier: EA:5C:B2:E6:90:6D:36:0C:4A:E2:D8:D5:A6:08:A9:1C:19:04:A3:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A607004B9F27C73707562ED26F93B3B56089850
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa
Signing time: Mon 16 Jun 2025 20:10:10 +0000
ROA not before: Mon 16 Jun 2025 20:10:10 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:60:70:04:b9:f2:7c:73:70:75:62:ed:26:f9:3b:3b:56:08:98:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:10:10 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=5cd0e6a62fa8bb35b97c81021fcff3f9bcd579f219366f622381735ee070f02f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:52:3f:fb:cf:16:60:de:d6:11:35:3d:e8:42:
f5:7e:48:93:29:d5:d6:8b:0a:65:86:bc:18:25:88:
25:df:8f:73:f0:39:ba:91:47:48:9a:03:ac:a8:31:
09:5b:e4:d2:dd:1b:4e:6a:15:f2:28:4d:65:e7:42:
33:1f:56:c5:5c:bc:56:e8:0d:ee:7e:6c:a7:d2:a4:
77:b0:95:58:61:3d:88:d0:8c:2d:8e:f6:1e:f5:e4:
14:b6:25:4c:2a:39:d9:a3:a8:86:0c:98:a7:c9:d0:
e9:ec:b6:1b:75:36:59:80:d8:1e:01:60:48:6a:76:
0f:ae:58:93:cb:35:0c:56:14:73:ca:5e:d1:21:8a:
29:ba:72:a6:b7:d0:22:ae:12:3d:05:dd:6e:e3:12:
ee:1a:7f:77:f0:57:ae:59:70:63:97:e7:2d:46:31:
7a:bc:7a:54:09:45:bc:3f:cc:99:79:6a:6b:7e:be:
7d:dd:0d:82:c4:22:a1:f2:2b:7d:8c:7f:d1:4d:f8:
e5:18:19:75:f6:0d:c5:b4:88:55:91:d2:c2:e6:89:
6a:1a:4f:ca:fd:48:30:9d:be:ee:9b:37:a7:bf:50:
22:ed:24:7e:31:0a:c5:f5:3a:2a:8c:a0:12:52:b8:
97:b9:dd:25:ed:23:64:15:b0:7f:e3:b3:48:a4:63:
db:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:5C:B2:E6:90:6D:36:0C:4A:E2:D8:D5:A6:08:A9:1C:19:04:A3:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
ab:c8:b4:85:a0:36:6b:2e:50:c8:6f:38:33:8d:49:e1:3b:5a:
2a:15:90:6c:20:45:ee:3a:9c:29:d8:e7:05:b4:1f:ad:2a:c7:
aa:6a:0a:26:ba:e5:1f:2b:e1:c4:5e:7e:94:02:a4:c4:90:8b:
dc:d8:e8:4e:ad:75:2e:1a:36:b6:52:65:80:67:ad:db:4c:14:
c5:f7:ce:33:f4:c2:21:e7:47:15:13:da:64:21:3e:df:4a:13:
40:7d:15:5d:43:8e:2b:5c:41:a5:be:58:04:00:97:b4:68:08:
74:a3:4a:ee:a4:14:2c:d4:6d:da:36:54:87:ca:93:f1:78:2e:
57:ee:f2:1c:37:31:07:73:d9:20:34:e0:00:ca:b9:2c:00:a3:
a1:2d:5e:29:01:f1:74:5f:f8:48:74:83:5b:d4:e1:73:21:bb:
32:7e:3c:90:13:dd:2c:98:d6:06:6b:9a:16:dd:f2:94:e7:40:
ea:05:43:5f:7f:19:0d:2f:fc:df:4e:d3:57:30:41:2d:6a:04:
4e:9d:f5:cf:93:1b:90:ce:83:2a:ef:78:f5:a6:5b:5b:15:7e:
73:40:1e:e8:2c:ff:43:00:f0:65:d4:b8:00:d3:e5:c3:53:30:
71:7e:da:90:e4:51:7d:7d:bd:dc:9f:8e:8d:b3:87:49:6d:96:
9b:39:7c:a3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUamBwBLnyfHNwdWLtJvk7O1YImFAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDEwMTBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjZDBlNmE2MmZhOGJiMzViOTdjODEwMjFmY2ZmM2Y5YmNkNTc5ZjIxOTM2
NmY2MjIzODE3MzVlZTA3MGYwMmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJSP/vPFmDe1hE1PehC9X5IkynV1osKZYa8GCWIJd+Pc/A5upFHSJoDrKgx
CVvk0t0bTmoV8ihNZedCMx9WxVy8VugN7n5sp9Kkd7CVWGE9iNCMLY72HvXkFLYl
TCo52aOohgyYp8nQ6ey2G3U2WYDYHgFgSGp2D65Yk8s1DFYUc8pe0SGKKbpyprfQ
Iq4SPQXdbuMS7hp/d/BXrllwY5fnLUYxerx6VAlFvD/MmXlqa36+fd0NgsQiofIr
fYx/0U345RgZdfYNxbSIVZHSwuaJahpPyv1IMJ2+7ps3p79QIu0kfjEKxfU6Koyg
ElK4l7ndJe0jZBWwf+OzSKRj2zcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTqXLLm
kG02DEri2NWmCKkcGQSj5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBjYjY2MWMtNDNjMy00YzJhLTg2ZTMtY2M4ODY0MmQ2MzE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEg
wDANBgkqhkiG9w0BAQsFAAOCAQEAq8i0haA2ay5QyG84M41J4TtaKhWQbCBF7jqc
KdjnBbQfrSrHqmoKJrrlHyvhxF5+lAKkxJCL3NjoTq11Lho2tlJlgGet20wUxffO
M/TCIedHFRPaZCE+30oTQH0VXUOOK1xBpb5YBACXtGgIdKNK7qQULNRt2jZUh8qT
8XguV+7yHDcxB3PZIDTgAMq5LACjoS1eKQHxdF/4SHSDW9ThcyG7Mn48kBPdLJjW
BmuaFt3ylOdA6gVDX38ZDS/8307TVzBBLWoETp31z5MbkM6DKu949aZbWxV+c0Ae
6Cz/QwDwZdS4ANPlw1MwcX7akORRfX293J+OjbOHSW2Wmzl8ow==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:42 2025 by rpki-client