Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6ce96a4-eb6b-4bed-b15b-b1e3cdcac418.roa
File: c6ce96a4-eb6b-4bed-b15b-b1e3cdcac418.roa (raw, json)
Hash identifier: +BOlTFAZUuL2OmACgWzog5+c0Ab9ggmOjXluzwFzifA=
Subject key identifier: 97:25:55:E1:E6:F8:FC:E6:50:4F:6A:1F:25:2C:28:19:E9:59:A2:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1EEEC0A6C41A2CBBB6F8CEEC5EE3571CE44AC57D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6ce96a4-eb6b-4bed-b15b-b1e3cdcac418.roa
Signing time: Mon 16 Jun 2025 21:40:05 +0000
ROA not before: Mon 16 Jun 2025 21:40:05 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:ee:c0:a6:c4:1a:2c:bb:b6:f8:ce:ec:5e:e3:57:1c:e4:4a:c5:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:40:05 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=2508d6fdd74f81f05482c03e366d534f8465e73559a27d0cb6e24be8c0ad8b7a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d1:6d:9a:12:bf:54:dc:ea:46:bd:10:2e:ee:
cb:2e:cf:47:66:33:55:8e:c9:b8:9e:e5:60:fb:d8:
da:e0:2e:bc:fd:4d:1d:57:25:ac:74:e5:dc:bf:bf:
3f:7d:8f:17:16:03:72:b5:51:e8:cb:0f:47:93:32:
bc:fe:6c:e1:df:ad:8c:70:a5:12:9e:97:5d:f6:7f:
5b:44:a0:62:dc:fa:f3:de:12:fe:cd:ca:da:e9:2a:
ee:86:a5:8f:d0:8a:4c:d1:90:97:2b:0d:6b:77:11:
ce:ba:a2:ba:53:d3:11:7a:86:ab:0b:0a:c9:fc:ff:
1a:14:49:dc:ce:05:55:bd:75:64:ef:22:e1:b7:a7:
a4:c2:98:97:09:47:94:e4:06:30:74:47:87:d6:1d:
ba:62:26:ae:91:b7:f6:69:36:d2:64:b6:17:43:1c:
4e:75:f2:ba:b4:f4:1f:b8:f8:d1:4b:90:fe:ba:20:
e2:98:d7:0b:dc:18:be:35:b0:db:a0:bb:3c:e7:16:
6e:85:80:be:6c:49:d1:c6:90:6b:22:17:df:95:b6:
3a:a9:98:77:0c:58:00:38:56:b4:53:9b:e8:d7:14:
bf:fb:21:d8:a8:65:6e:55:a2:a4:c3:6f:a0:7e:d6:
65:4e:57:d2:c2:07:0b:15:24:3a:be:1b:3a:5a:f8:
ee:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:25:55:E1:E6:F8:FC:E6:50:4F:6A:1F:25:2C:28:19:E9:59:A2:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6ce96a4-eb6b-4bed-b15b-b1e3cdcac418.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018::/38
Signature Algorithm: sha256WithRSAEncryption
3a:fb:a4:bf:db:43:60:6f:72:5a:e4:be:95:e9:80:87:ee:ee:
04:96:82:83:c5:15:b5:04:de:42:6b:72:f1:a4:8f:d9:a1:10:
0e:ec:c0:e9:5f:6d:fc:34:c2:15:cf:3c:ce:92:08:cc:d9:b3:
71:12:44:1a:65:b0:99:1d:5f:12:50:28:9d:ae:da:6b:b6:32:
c5:b5:22:7a:ba:28:70:3f:6c:8d:c3:5e:c4:8e:65:4f:03:33:
4a:22:6e:69:b7:3f:40:77:1a:46:93:4f:0d:cd:69:14:8f:18:
a4:97:b4:2c:73:c0:54:d4:aa:aa:83:b3:73:a3:94:fb:d7:5c:
75:56:61:3b:32:f4:a7:f5:44:77:20:04:47:62:b4:0b:95:8b:
1e:4d:d5:dd:76:d3:bf:34:f4:aa:70:7f:c0:7c:92:e6:d4:45:
32:57:de:8c:ba:18:b9:58:1e:09:38:f2:95:37:03:4f:4b:36:
c3:d7:67:87:29:6f:ea:e9:f9:61:86:3b:27:ed:b2:e8:08:33:
f7:c4:07:86:58:1a:5e:48:f8:3b:85:e1:15:d5:45:0c:7e:c7:
45:ba:8f:a9:62:a3:73:2b:78:1f:98:27:a6:11:09:ba:c9:e6:
8e:3e:12:b3:c1:5e:4e:92:04:70:f6:d7:0c:52:12:59:42:92:
ac:b6:de:61
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHu7ApsQaLLu2+M7sXuNXHORKxX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQwMDVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1MDhkNmZkZDc0ZjgxZjA1NDgyYzAzZTM2NmQ1MzRmODQ2NWU3MzU1OWEy
N2QwY2I2ZTI0YmU4YzBhZDhiN2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXRbZoSv1Tc6ka9EC7uyy7PR2YzVY7JuJ7lYPvY2uAuvP1NHVclrHTl3L+/
P32PFxYDcrVR6MsPR5MyvP5s4d+tjHClEp6XXfZ/W0SgYtz6894S/s3K2ukq7oal
j9CKTNGQlysNa3cRzrqiulPTEXqGqwsKyfz/GhRJ3M4FVb11ZO8i4benpMKYlwlH
lOQGMHRHh9YdumImrpG39mk20mS2F0McTnXyurT0H7j40UuQ/rog4pjXC9wYvjWw
26C7POcWboWAvmxJ0caQayIX35W2OqmYdwxYADhWtFOb6NcUv/sh2KhlblWipMNv
oH7WZU5X0sIHCxUkOr4bOlr47rcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSXJVXh
5vj85lBPah8lLCgZ6Vmi9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzZjZTk2YTQtZWI2Yi00YmVkLWIxNWItYjFlM2NkY2FjNDE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgA
MA0GCSqGSIb3DQEBCwUAA4IBAQA6+6S/20Ngb3Ja5L6V6YCH7u4EloKDxRW1BN5C
a3LxpI/ZoRAO7MDpX238NMIVzzzOkgjM2bNxEkQaZbCZHV8SUCidrtprtjLFtSJ6
uihwP2yNw17EjmVPAzNKIm5ptz9AdxpGk08NzWkUjxikl7Qsc8BU1Kqqg7Nzo5T7
11x1VmE7MvSn9UR3IARHYrQLlYseTdXddtO/NPSqcH/AfJLm1EUyV96Muhi5WB4J
OPKVNwNPSzbD12eHKW/q6flhhjsn7bLoCDP3xAeGWBpeSPg7heEV1UUMfsdFuo+p
YqNzK3gfmCemEQm6yeaOPhKzwV5OkgRw9tcMUhJZQpKstt5h
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:34:49 2025 by rpki-client