Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
File: ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa (raw, json)
Hash identifier: P8u/8Too0ab85vGF85H5293vElDlHLDhQwMAuuSBe7o=
Subject key identifier: 95:DC:34:DD:99:35:AF:BC:DD:79:60:E5:80:02:A2:09:B6:42:42:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 244ABC290CD020AC981DAF9848E20C124C2E1EA4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
Signing time: Tue 05 Aug 2025 20:10:14 +0000
ROA not before: Tue 05 Aug 2025 20:10:14 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:4a:bc:29:0c:d0:20:ac:98:1d:af:98:48:e2:0c:12:4c:2e:1e:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:10:14 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=b35e2892d6cb7612fd832c64f117de17a0ecdd04cfd2ad8176454a39c8f06adb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ed:2c:bf:91:13:f4:ae:98:d6:01:56:0b:55:
7b:26:a7:01:f0:95:cc:d0:2c:6b:99:8e:2f:45:af:
c1:e5:8a:c5:d5:a8:73:b6:99:14:7f:62:47:74:0e:
5e:5b:4d:ac:1d:7b:be:35:69:33:2f:38:fb:15:58:
7d:0e:59:db:69:a6:09:18:1c:e0:e4:8a:4d:e7:1d:
80:5d:87:d9:02:9e:a1:80:07:be:50:80:5d:08:f5:
44:91:2b:f0:d1:2e:36:ed:cf:fe:87:91:1b:5f:3e:
27:32:19:64:4f:ad:b2:23:75:29:8d:71:db:e5:c9:
60:f3:6e:a2:3a:6c:f3:99:86:28:1d:af:4a:25:f6:
83:99:06:b2:49:ff:db:b2:bc:c4:b1:48:91:76:49:
b2:20:e7:2d:48:46:6a:4f:cc:f5:31:f9:51:f9:2c:
d5:ed:e1:d1:60:e2:de:be:26:50:9c:53:51:91:32:
76:a1:f3:8c:59:e6:c1:af:8a:d4:04:b2:90:41:25:
af:ca:ce:42:2b:d7:06:c6:b7:39:bb:c1:57:75:65:
52:38:09:cd:7b:f2:ab:cf:59:fd:a5:5c:af:65:dc:
bb:5e:35:37:ed:7c:08:a4:9f:5c:10:a8:c8:9d:d3:
50:69:eb:a1:a7:85:aa:99:b4:0f:50:9e:41:17:4c:
5e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:DC:34:DD:99:35:AF:BC:DD:79:60:E5:80:02:A2:09:B6:42:42:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:800::/38
Signature Algorithm: sha256WithRSAEncryption
2e:39:3c:68:5b:db:8e:81:ba:44:91:7c:24:46:0b:13:ea:03:
49:cc:c3:3a:97:44:af:68:e5:35:6c:44:04:ce:98:e1:ef:5a:
ff:25:d7:d7:f2:b3:3f:ec:97:9c:f4:45:ec:43:39:2b:63:87:
1d:bd:9a:69:ce:81:96:60:6e:9c:78:d5:f1:f8:2e:5e:7e:1a:
2e:9f:4e:77:1c:bf:97:be:24:c3:9e:60:41:15:5d:f6:6d:e7:
a1:b8:c6:b3:27:c3:14:88:6d:70:5c:28:49:e9:80:9e:9a:5b:
d9:e4:f0:60:44:7d:30:95:ba:54:49:3e:18:3d:d5:fc:ff:3a:
93:97:fc:86:43:f7:3d:2c:2f:56:57:9b:9a:a3:2a:74:61:e7:
f8:ad:e9:81:a0:a8:98:ba:23:05:12:e9:69:fa:68:86:6f:df:
c9:30:cf:a6:9a:38:3e:1f:31:f9:0c:d9:ce:af:47:83:93:e5:
1c:3d:f5:f8:64:ff:bb:b7:03:1d:1c:0b:28:24:79:60:24:f4:
33:1a:7e:05:8d:b8:c4:fa:38:23:23:b4:d2:aa:fb:51:a1:0e:
ce:a4:ef:55:86:18:54:e1:a7:55:b3:2c:97:58:63:ce:40:16:
eb:5c:c0:de:91:a6:9b:9d:b8:9f:99:72:3b:fb:fe:4b:39:39:
74:52:5f:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJEq8KQzQIKyYHa+YSOIMEkwuHqQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDEwMTRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzNWUyODkyZDZjYjc2MTJmZDgzMmM2NGYxMTdkZTE3YTBlY2RkMDRjZmQy
YWQ4MTc2NDU0YTM5YzhmMDZhZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKztLL+RE/SumNYBVgtVeyanAfCVzNAsa5mOL0WvweWKxdWoc7aZFH9iR3QO
XltNrB17vjVpMy84+xVYfQ5Z22mmCRgc4OSKTecdgF2H2QKeoYAHvlCAXQj1RJEr
8NEuNu3P/oeRG18+JzIZZE+tsiN1KY1x2+XJYPNuojps85mGKB2vSiX2g5kGskn/
27K8xLFIkXZJsiDnLUhGak/M9TH5Ufks1e3h0WDi3r4mUJxTUZEydqHzjFnmwa+K
1ASykEElr8rOQivXBsa3ObvBV3VlUjgJzXvyq89Z/aVcr2Xcu141N+18CKSfXBCo
yJ3TUGnroaeFqpm0D1CeQRdMXoMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSV3DTd
mTWvvN15YOWAAqIJtkJCXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmEwZTY5OTMtZTliZC00NGMwLWFhNDgtNDc2NTcwOGU1ZmYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEI
MA0GCSqGSIb3DQEBCwUAA4IBAQAuOTxoW9uOgbpEkXwkRgsT6gNJzMM6l0SvaOU1
bEQEzpjh71r/JdfX8rM/7Jec9EXsQzkrY4cdvZppzoGWYG6ceNXx+C5efhoun053
HL+XviTDnmBBFV32beehuMazJ8MUiG1wXChJ6YCemlvZ5PBgRH0wlbpUST4YPdX8
/zqTl/yGQ/c9LC9WV5uaoyp0Yef4remBoKiYuiMFEulp+miGb9/JMM+mmjg+HzH5
DNnOr0eDk+UcPfX4ZP+7twMdHAsoJHlgJPQzGn4FjbjE+jgjI7TSqvtRoQ7OpO9V
hhhU4adVsyyXWGPOQBbrXMDekaabnbifmXI7+/5LOTl0Ul+i
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:31 2025 by rpki-client