Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b41919f2-4e07-4adf-8fc6-43f8940080d4.roa
File: b41919f2-4e07-4adf-8fc6-43f8940080d4.roa (raw, json)
Hash identifier: XIDTaSDl2xNsDARX1RUrcelWyKr+7h6IBaNRKDmyxHo=
Subject key identifier: 2F:16:C7:FB:B4:0C:94:0B:B7:71:90:66:D6:45:FB:2C:1E:BA:2E:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C9364A476E6D0A2C9750FBF90B23330EC123AFB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b41919f2-4e07-4adf-8fc6-43f8940080d4.roa
Signing time: Fri 22 Aug 2025 15:11:06 +0000
ROA not before: Fri 22 Aug 2025 15:11:06 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:93:64:a4:76:e6:d0:a2:c9:75:0f:bf:90:b2:33:30:ec:12:3a:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:11:06 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=e65ef859613025a449bd9a9a5c4fa85d9a360900f1e49a28d80778a36f3140e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:41:d6:de:6f:7c:da:2f:14:40:fe:62:88:3a:
7a:14:af:e5:5a:1a:c9:df:1f:34:95:32:1f:59:e8:
7c:91:d8:45:5c:be:02:4a:7d:c2:2c:e4:14:b2:0f:
8d:b8:e8:06:86:e8:91:08:87:c1:f1:19:c0:31:e1:
c5:a4:da:21:1b:21:03:d7:bb:e3:8e:1a:f4:1e:ad:
f4:da:90:9c:37:81:0e:08:56:22:93:4e:b0:86:1d:
6a:c4:67:eb:06:5e:ff:db:84:f2:90:51:37:93:8f:
9a:57:aa:54:45:fb:3d:3f:2f:98:d9:f8:99:27:5d:
34:ef:7b:ae:26:0b:0f:9a:d1:b5:f2:72:56:a8:7c:
94:58:2f:91:a1:d0:f5:a2:89:45:0f:5e:62:d7:34:
0f:34:cd:3d:31:a4:9f:80:d3:6c:89:29:fa:f6:78:
80:df:9f:69:2a:17:90:0c:fc:35:15:23:2e:a5:63:
77:3d:35:ba:0c:e9:b7:18:a8:dd:7f:f1:49:51:56:
21:22:4c:12:4c:ba:72:e4:19:8d:44:52:a9:48:7a:
d4:04:0f:76:71:0b:f3:c8:b6:62:b2:a9:d5:08:a7:
4e:95:f9:fb:bc:f4:0a:f2:dc:9f:40:3f:95:d6:95:
d6:75:b6:dd:e7:89:8a:c2:84:54:96:57:fb:af:db:
c4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:16:C7:FB:B4:0C:94:0B:B7:71:90:66:D6:45:FB:2C:1E:BA:2E:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b41919f2-4e07-4adf-8fc6-43f8940080d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:9000::/40
Signature Algorithm: sha256WithRSAEncryption
58:94:12:9c:81:aa:9f:81:09:b3:53:dc:d9:02:8f:ad:f4:90:
38:81:80:d1:67:fa:2d:7a:c7:6e:ab:b2:0b:03:57:c2:32:a7:
25:84:6e:63:b4:6c:5b:78:50:d9:b1:45:65:b4:06:5c:89:4c:
67:7a:02:b7:7c:70:7e:f0:43:bc:d9:3c:b8:48:6e:51:91:45:
54:a9:82:57:a4:d6:fb:42:97:4f:f5:34:51:63:90:41:4e:90:
cc:bd:e5:3d:3f:21:bb:ac:d5:c5:56:72:30:84:c0:24:3a:f7:
16:ec:c9:98:2b:19:85:18:25:34:d6:77:07:79:c1:ec:f2:b5:
2a:08:2a:eb:db:49:15:d4:e4:e1:7a:f2:44:64:ed:1b:e1:da:
21:2c:ee:af:2f:1b:8b:13:93:a9:78:02:e3:c7:66:9f:5b:4c:
ca:2f:35:9a:ec:6d:67:42:67:97:ed:4c:b3:28:e1:f1:eb:11:
2a:84:15:68:ae:2f:38:8d:81:ad:5e:c8:4f:c5:ab:e1:92:ac:
37:f1:57:df:88:b3:b8:8e:b3:54:26:f1:f5:30:6f:66:12:2a:
7a:79:e4:44:21:56:d8:08:1d:50:ed:f8:55:3c:b7:a8:94:fb:
6e:0d:b1:b9:b4:31:aa:f7:16:ed:50:18:18:d4:70:9a:a6:cc:
c3:ed:6b:38
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHJNkpHbm0KLJdQ+/kLIzMOwSOvswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTExMDZaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2NWVmODU5NjEzMDI1YTQ0OWJkOWE5YTVjNGZhODVkOWEzNjA5MDBmMWU0
OWEyOGQ4MDc3OGEzNmYzMTQwZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBB1t5vfNovFED+Yog6ehSv5Voayd8fNJUyH1nofJHYRVy+Akp9wizkFLIP
jbjoBobokQiHwfEZwDHhxaTaIRshA9e7444a9B6t9NqQnDeBDghWIpNOsIYdasRn
6wZe/9uE8pBRN5OPmleqVEX7PT8vmNn4mSddNO97riYLD5rRtfJyVqh8lFgvkaHQ
9aKJRQ9eYtc0DzTNPTGkn4DTbIkp+vZ4gN+faSoXkAz8NRUjLqVjdz01ugzptxio
3X/xSVFWISJMEky6cuQZjURSqUh61AQPdnEL88i2YrKp1QinTpX5+7z0CvLcn0A/
ldaV1nW23eeJisKEVJZX+6/bxOcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQvFsf7
tAyUC7dxkGbWRfssHrou/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjQxOTE5ZjItNGUwNy00YWRmLThmYzYtNDNmODk0MDA4MGQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBYlBKcgaqfgQmzU9zZAo+t9JA4gYDRZ/otesdu
q7ILA1fCMqclhG5jtGxbeFDZsUVltAZciUxnegK3fHB+8EO82Ty4SG5RkUVUqYJX
pNb7QpdP9TRRY5BBTpDMveU9PyG7rNXFVnIwhMAkOvcW7MmYKxmFGCU01ncHecHs
8rUqCCrr20kV1OThevJEZO0b4dohLO6vLxuLE5OpeALjx2afW0zKLzWa7G1nQmeX
7UyzKOHx6xEqhBVori84jYGtXshPxavhkqw38VffiLO4jrNUJvH1MG9mEip6eeRE
IVbYCB1Q7fhVPLeolPtuDbG5tDGq9xbtUBgY1HCapszD7Ws4
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:49:36 2025 by rpki-client