Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
File: bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa (raw, json)
Hash identifier: NwU7+2e/RLqci4f3PqvsG7Bkq9GTpKqmsMdLe593aMY=
Subject key identifier: 81:15:2B:60:CB:0C:46:DC:1A:78:CC:A9:E7:D0:66:CB:A8:80:2B:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A3A1E51FBCAE182036AAFC2E762AB49394FBDCB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
Signing time: Fri 22 Aug 2025 15:10:12 +0000
ROA not before: Fri 22 Aug 2025 15:10:12 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:3a:1e:51:fb:ca:e1:82:03:6a:af:c2:e7:62:ab:49:39:4f:bd:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:12 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=0bb28d3ac98c2d454df33fe17afc33fe3f66baf503b7cff496f046a0ef7013b7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ac:6c:32:0c:4b:37:0f:6d:eb:85:9b:8e:aa:
63:10:bc:c8:9e:65:4f:61:99:fe:67:5d:23:19:fa:
04:9a:13:4e:b8:b0:ce:35:62:9a:fb:6a:a9:d5:1a:
7d:2a:9a:60:75:ae:d2:c3:8a:48:b2:16:3e:19:a1:
8e:5e:f4:15:aa:d9:3d:59:39:34:05:50:96:4a:06:
7a:41:48:84:37:3f:2f:38:4a:c0:16:67:b9:67:c1:
26:79:9b:19:2a:6b:89:7e:c6:f4:e0:93:90:9f:e4:
ad:da:6a:25:33:2a:50:7b:f6:45:b6:9b:09:f9:26:
44:8e:ca:18:0a:4f:2a:88:3a:ec:73:cf:b2:a3:55:
f4:28:b7:e5:d9:14:a5:6a:d8:f2:20:68:45:0f:e3:
4a:2f:38:31:7c:9f:90:02:87:2a:d3:58:3f:42:de:
fd:87:01:71:21:87:2a:15:e9:20:d2:11:3d:0c:a0:
1d:10:45:72:bd:cd:3c:a5:a2:db:bf:aa:c3:84:12:
cd:eb:bb:9a:9e:a7:25:ba:51:88:4b:87:d7:3a:fd:
e0:af:b8:45:2b:17:75:9b:10:34:01:ef:bf:01:5c:
e4:59:58:a7:67:f4:a8:f0:4a:2d:b2:63:4b:af:64:
80:fe:84:a6:ea:46:74:ec:7c:f1:a5:8a:01:68:80:
ee:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:15:2B:60:CB:0C:46:DC:1A:78:CC:A9:E7:D0:66:CB:A8:80:2B:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:b000::/40
Signature Algorithm: sha256WithRSAEncryption
90:d4:ed:17:d7:0f:91:82:13:1c:31:24:ee:81:ee:af:01:c8:
ad:1c:40:c7:ec:a1:0f:15:f1:dd:dc:c5:37:43:42:df:63:3c:
9c:85:7a:33:22:7c:84:c7:22:47:72:a3:52:e4:3b:b4:89:13:
55:2e:83:de:77:f8:01:e7:11:d9:fd:72:ca:58:26:51:84:e0:
c5:d2:72:19:1a:03:ea:c4:09:42:17:ec:0e:71:56:96:84:67:
a2:ee:49:6c:ca:94:31:38:db:e7:28:0e:41:18:32:f0:11:32:
0f:f1:9a:a6:74:c8:08:d7:ac:61:b7:9e:4b:cd:da:5c:a6:73:
18:92:d4:fe:fd:4f:ba:70:17:0c:7c:de:1f:62:3a:ad:fc:79:
d1:20:e3:59:c6:c3:c2:70:ad:e0:c5:42:2a:8c:ac:59:84:d1:
ee:1e:cf:48:27:f2:d6:ad:5d:cb:fe:d5:55:d3:80:46:65:fa:
bd:c2:36:d0:e2:fc:88:d8:35:82:79:b3:d3:5a:cc:3e:e4:e2:
7e:1e:c2:15:45:1d:da:e6:df:82:56:29:f5:d5:c4:b8:86:86:
42:8e:4f:2b:f7:7d:11:88:d7:8c:fb:42:50:4d:9d:28:53:63:
fc:28:f1:88:7c:3e:a5:e4:80:81:64:e7:2b:6a:e4:29:74:d5:
77:d5:96:a9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCjoeUfvK4YIDaq/C52KrSTlPvcswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwMTJaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiYjI4ZDNhYzk4YzJkNDU0ZGYzM2ZlMTdhZmMzM2ZlM2Y2NmJhZjUwM2I3
Y2ZmNDk2ZjA0NmEwZWY3MDEzYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALasbDIMSzcPbeuFm46qYxC8yJ5lT2GZ/mddIxn6BJoTTriwzjVimvtqqdUa
fSqaYHWu0sOKSLIWPhmhjl70FarZPVk5NAVQlkoGekFIhDc/LzhKwBZnuWfBJnmb
GSpriX7G9OCTkJ/krdpqJTMqUHv2RbabCfkmRI7KGApPKog67HPPsqNV9Ci35dkU
pWrY8iBoRQ/jSi84MXyfkAKHKtNYP0Le/YcBcSGHKhXpINIRPQygHRBFcr3NPKWi
27+qw4QSzeu7mp6nJbpRiEuH1zr94K+4RSsXdZsQNAHvvwFc5FlYp2f0qPBKLbJj
S69kgP6EpupGdOx88aWKAWiA7lECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSBFStg
ywxG3Bp4zKnn0GbLqIArfDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRhYTZkZTYtMDBkMy00ZDE4LThhYTAtMGJmODI4ODhkMzZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCw
MA0GCSqGSIb3DQEBCwUAA4IBAQCQ1O0X1w+RghMcMSTuge6vAcitHEDH7KEPFfHd
3MU3Q0LfYzychXozInyExyJHcqNS5Du0iRNVLoPed/gB5xHZ/XLKWCZRhODF0nIZ
GgPqxAlCF+wOcVaWhGei7klsypQxONvnKA5BGDLwETIP8ZqmdMgI16xht55Lzdpc
pnMYktT+/U+6cBcMfN4fYjqt/HnRIONZxsPCcK3gxUIqjKxZhNHuHs9IJ/LWrV3L
/tVV04BGZfq9wjbQ4vyI2DWCebPTWsw+5OJ+HsIVRR3a5t+CVin11cS4hoZCjk8r
930RiNeM+0JQTZ0oU2P8KPGIfD6l5ICBZOcrauQpdNV31Zap
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:56 2025 by rpki-client