Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
File: e396d806-dffa-4609-8ae4-1e8fdbde728e.roa (raw, json)
Hash identifier: iLaO5bBJEan9aTRTtj+7QZg7Oir5yj5vuMTwT31ANBQ=
Subject key identifier: C5:E5:A4:CA:11:23:96:42:41:E0:5C:64:BD:FA:2D:B5:75:9B:70:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6524557890C1D3912BC437C823DE605DAD64B454
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
Signing time: Tue 05 Aug 2025 19:01:02 +0000
ROA not before: Tue 05 Aug 2025 19:01:02 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:24:55:78:90:c1:d3:91:2b:c4:37:c8:23:de:60:5d:ad:64:b4:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:01:02 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=7e6b6fa373935cfc4ea32aa02e14bc4fb3e2c663bf9e0a8c72c226d9cd351663, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f6:57:05:8e:b9:62:ef:c0:da:80:7e:d5:dc:
bf:ca:6f:d6:f6:2a:5d:12:09:f4:cd:a0:36:84:ba:
83:95:16:93:72:1f:06:ce:8e:15:7a:31:dd:9f:8d:
2f:30:70:65:50:a7:34:8e:b8:5d:c9:e8:fa:b8:87:
b7:df:74:16:e7:82:5c:3d:9a:d6:9f:1d:3b:4f:0c:
85:df:31:9f:ea:d0:69:37:d0:1f:87:aa:6e:ea:c4:
30:8a:28:97:e8:07:7f:dd:93:b5:52:11:5f:e8:f7:
ae:cd:b8:9b:d3:dc:2a:0b:53:8e:87:e8:9f:45:5e:
03:fb:30:65:d7:f6:7b:d5:aa:02:ee:c8:8f:0b:9c:
5e:fd:a4:f7:de:67:e8:17:2c:9f:c1:9e:c8:f7:11:
8d:bc:1a:ee:f5:9a:3c:6a:40:1d:0c:dc:7a:64:62:
fe:d2:bf:8a:ba:8d:5f:9d:4d:65:fc:2e:65:fb:72:
8b:78:bc:99:8e:42:e0:17:f2:04:ba:3f:4c:d7:20:
8e:43:56:02:74:87:ce:71:f2:d1:9a:a6:fb:e6:4f:
b3:c1:c0:42:f3:bc:59:08:b2:a1:e9:2a:a5:04:69:
c5:0c:3c:66:a7:30:d7:61:9f:a0:7e:d7:0b:13:ad:
5d:05:8c:62:2b:3b:70:f1:6c:fd:c9:f1:00:d7:af:
1d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E5:A4:CA:11:23:96:42:41:E0:5C:64:BD:FA:2D:B5:75:9B:70:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
9f:61:5b:c5:b9:3d:3d:88:bb:6c:6c:f7:58:ec:e6:68:56:a3:
19:1e:a2:f3:a4:22:ee:3c:57:df:a7:a7:4f:5a:17:e5:ee:bb:
11:1d:1a:e0:f7:27:1e:56:c8:76:83:c4:a3:4c:4e:9a:d3:83:
ee:40:e2:9e:43:9f:f9:48:3e:46:cc:40:0a:05:ae:ca:bc:29:
d0:7f:3d:d7:f7:13:97:70:40:af:fd:2f:e2:bd:4a:47:e6:8b:
a0:d2:9f:8c:b5:35:9d:ce:59:c0:c3:91:b7:69:8a:29:c7:48:
b5:22:1b:b5:35:84:ca:a3:da:f5:7b:ab:83:d4:fe:61:ad:50:
45:53:fb:f5:c2:1d:84:9b:ff:ae:a0:35:f4:57:69:a0:10:d1:
ce:6a:a2:e9:21:4c:cd:93:d1:a1:08:7e:1e:3d:86:1c:7e:d9:
bf:81:a3:49:22:4a:81:d9:86:18:e1:ad:d4:20:81:7b:d0:91:
51:71:34:0a:65:19:bd:da:b2:b3:50:5c:4b:00:4a:19:9d:c3:
95:38:33:36:aa:80:8a:a9:e6:5f:28:b7:3b:ca:e1:3b:84:a7:
fc:67:fe:16:10:fb:92:f3:d8:b0:de:b6:23:3a:13:09:19:25:
71:af:15:80:14:66:47:07:d1:ae:f2:4e:52:20:2c:3e:62:5a:
14:fa:51:74
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZSRVeJDB05ErxDfII95gXa1ktFQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAxMDJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlNmI2ZmEzNzM5MzVjZmM0ZWEzMmFhMDJlMTRiYzRmYjNlMmM2NjNiZjll
MGE4YzcyYzIyNmQ5Y2QzNTE2NjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKr2VwWOuWLvwNqAftXcv8pv1vYqXRIJ9M2gNoS6g5UWk3IfBs6OFXox3Z+N
LzBwZVCnNI64Xcno+riHt990FueCXD2a1p8dO08Mhd8xn+rQaTfQH4eqburEMIoo
l+gHf92TtVIRX+j3rs24m9PcKgtTjofon0VeA/swZdf2e9WqAu7IjwucXv2k995n
6Bcsn8GeyPcRjbwa7vWaPGpAHQzcemRi/tK/irqNX51NZfwuZftyi3i8mY5C4Bfy
BLo/TNcgjkNWAnSHznHy0Zqm++ZPs8HAQvO8WQiyoekqpQRpxQw8Zqcw12GfoH7X
CxOtXQWMYis7cPFs/cnxANevHfcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTF5aTK
ESOWQkHgXGS9+i21dZtwXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTM5NmQ4MDYtZGZmYS00NjA5LThhZTQtMWU4ZmRiZGU3MjhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
wDANBgkqhkiG9w0BAQsFAAOCAQEAn2Fbxbk9PYi7bGz3WOzmaFajGR6i86Qi7jxX
36enT1oX5e67ER0a4PcnHlbIdoPEo0xOmtOD7kDinkOf+Ug+RsxACgWuyrwp0H89
1/cTl3BAr/0v4r1KR+aLoNKfjLU1nc5ZwMORt2mKKcdItSIbtTWEyqPa9Xurg9T+
Ya1QRVP79cIdhJv/rqA19FdpoBDRzmqi6SFMzZPRoQh+Hj2GHH7Zv4GjSSJKgdmG
GOGt1CCBe9CRUXE0CmUZvdqys1BcSwBKGZ3DlTgzNqqAiqnmXyi3O8rhO4Sn/Gf+
FhD7kvPYsN62IzoTCRklca8VgBRmRwfRrvJOUiAsPmJaFPpRdA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:48:21 2025 by rpki-client