Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
File: c153f994-19fd-4682-b6f7-f4e92e6144ea.roa (raw, json)
Hash identifier: D5D7FSGDQRYw2UjYM97VIHLGnitEEFskGHWhQ/+BmGU=
Subject key identifier: 9C:5A:20:08:8A:3B:59:04:CF:96:AA:43:FC:2B:6E:21:76:0C:3E:EA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 557E17DA010D8754BB892AF30687991C268EB6AE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
Signing time: Mon 16 Jun 2025 21:30:15 +0000
ROA not before: Mon 16 Jun 2025 21:30:15 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:7e:17:da:01:0d:87:54:bb:89:2a:f3:06:87:99:1c:26:8e:b6:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:30:15 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=c3e7bf8bf30010b063dabc60c6d5bb83fdd30ca5a7ccf8261a684ed6792e040f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ea:26:4c:fb:db:a9:91:19:a9:3b:1f:52:dd:
cd:93:74:85:50:fd:c4:9e:64:8a:f9:26:4c:1d:d6:
60:e9:c7:c1:3f:f7:a1:f4:25:22:37:8a:06:e3:4d:
c5:15:4f:99:5a:90:b6:16:de:fb:5c:a0:a7:6a:5d:
22:ff:53:61:f9:12:56:33:db:2f:f3:31:ac:53:b7:
b7:71:df:bd:9d:c8:63:d0:61:a2:13:9b:c7:eb:1c:
cf:6a:43:c9:b1:7b:5f:3c:de:30:d5:57:c8:3b:06:
2e:06:82:59:69:07:c0:b2:01:13:dc:42:dd:e1:34:
21:8a:a4:26:59:c9:e4:7b:0d:8a:d2:89:fa:a5:fe:
d5:c8:8d:bf:42:58:fd:a3:d2:20:3b:c2:4b:53:ca:
6b:0d:0e:6b:93:a7:62:04:3e:06:66:68:99:7a:ee:
a5:f0:30:dc:83:88:32:90:ab:63:48:1f:45:56:d9:
92:56:a4:b9:77:da:26:0f:86:8a:b9:07:31:94:cf:
cb:74:b8:d2:c0:8e:2e:74:46:75:1c:9d:81:3f:a1:
75:69:0f:47:70:e7:a5:bc:c7:17:5d:93:e1:87:9a:
87:5f:cf:d8:4a:5a:b7:41:bf:78:44:92:5f:94:e4:
19:da:fa:03:75:09:70:51:ae:52:ac:9b:1c:37:90:
42:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:5A:20:08:8A:3B:59:04:CF:96:AA:43:FC:2B:6E:21:76:0C:3E:EA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:c00::/38
Signature Algorithm: sha256WithRSAEncryption
08:89:0f:cc:10:1f:66:10:13:25:03:b1:87:4b:bf:d4:7f:87:
a5:95:29:0c:76:17:19:7d:92:22:07:60:b8:0e:b7:6b:10:b9:
78:34:aa:63:68:af:e7:ce:82:0a:24:2e:45:31:14:a3:eb:11:
1b:f5:e9:cb:7f:45:9a:b1:37:bd:ae:b5:64:e3:83:90:a5:f7:
4c:00:6d:6a:6f:0c:61:55:96:89:d9:c9:fb:63:9a:49:8d:69:
a0:12:27:e2:c3:bf:65:bc:bd:c5:52:aa:7d:f7:6f:34:cf:9e:
80:83:bc:7c:4f:39:59:0c:23:f1:86:d5:95:da:5c:e0:13:d1:
5a:23:be:32:97:f1:7e:d2:0c:b2:ca:5c:1d:79:3d:58:d6:82:
23:43:9a:20:13:4d:74:1a:a4:d0:0f:c6:c1:f0:42:c1:c5:a4:
83:3b:ce:71:a7:58:3f:cf:33:e3:f0:58:99:a4:fd:9f:42:a0:
72:86:65:8d:0b:11:75:e4:89:17:05:6d:85:6a:9f:24:3e:a5:
90:9a:df:4c:00:99:52:8f:9c:30:70:a7:3e:c6:f1:dc:72:55:
70:bb:fd:60:62:13:ac:65:c6:c0:af:0f:b8:43:6f:e8:69:ff:
5a:df:bd:14:36:b1:84:00:e8:42:60:42:d6:0f:84:80:ab:90:
5d:ad:85:0a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVX4X2gENh1S7iSrzBoeZHCaOtq4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMwMTVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzZTdiZjhiZjMwMDEwYjA2M2RhYmM2MGM2ZDViYjgzZmRkMzBjYTVhN2Nj
ZjgyNjFhNjg0ZWQ2NzkyZTA0MGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXqJkz726mRGak7H1LdzZN0hVD9xJ5kivkmTB3WYOnHwT/3ofQlIjeKBuNN
xRVPmVqQthbe+1ygp2pdIv9TYfkSVjPbL/MxrFO3t3HfvZ3IY9BhohObx+scz2pD
ybF7XzzeMNVXyDsGLgaCWWkHwLIBE9xC3eE0IYqkJlnJ5HsNitKJ+qX+1ciNv0JY
/aPSIDvCS1PKaw0Oa5OnYgQ+BmZomXrupfAw3IOIMpCrY0gfRVbZklakuXfaJg+G
irkHMZTPy3S40sCOLnRGdRydgT+hdWkPR3DnpbzHF12T4Yeah1/P2Epat0G/eESS
X5TkGdr6A3UJcFGuUqybHDeQQmkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBScWiAI
ijtZBM+WqkP8K24hdgw+6jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzE1M2Y5OTQtMTlmZC00NjgyLWI2ZjctZjRlOTJlNjE0NGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwM
MA0GCSqGSIb3DQEBCwUAA4IBAQAIiQ/MEB9mEBMlA7GHS7/Uf4ellSkMdhcZfZIi
B2C4DrdrELl4NKpjaK/nzoIKJC5FMRSj6xEb9enLf0WasTe9rrVk44OQpfdMAG1q
bwxhVZaJ2cn7Y5pJjWmgEifiw79lvL3FUqp99280z56Ag7x8TzlZDCPxhtWV2lzg
E9FaI74yl/F+0gyyylwdeT1Y1oIjQ5ogE010GqTQD8bB8ELBxaSDO85xp1g/zzPj
8FiZpP2fQqByhmWNCxF15IkXBW2Fap8kPqWQmt9MAJlSj5wwcKc+xvHcclVwu/1g
YhOsZcbArw+4Q2/oaf9a370UNrGEAOhCYELWD4SAq5BdrYUK
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:30:55 2025 by rpki-client