Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
File: ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa (raw, json)
Hash identifier: XhynePXBWFGTRF+cPIrriBcJbTx+b2ssawszdWrmpxw=
Subject key identifier: 6A:C8:90:63:77:76:9C:48:14:E0:89:D4:8C:10:5C:AB:FE:86:06:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1FC389CC3EC957E95B39070A1EA293B6B74434CD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
Signing time: Tue 05 Aug 2025 19:51:35 +0000
ROA not before: Tue 05 Aug 2025 19:51:35 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:c3:89:cc:3e:c9:57:e9:5b:39:07:0a:1e:a2:93:b6:b7:44:34:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:51:35 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=409db785de127e304665525e1ba164acfcdbd3d0c9b4b34a8d92013899d5906e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f5:1a:05:6e:95:0b:24:9d:40:4f:5b:07:7c:
ae:ff:8d:0c:c3:e0:47:ac:d0:d3:47:8c:73:a8:89:
92:21:76:b3:5a:3f:68:bf:c9:7f:29:17:ac:bd:cc:
5d:60:26:f5:c3:6a:84:e7:1a:88:e1:a2:46:62:e1:
3c:20:89:bc:93:8a:c0:f5:a2:4e:85:9d:c1:2f:d5:
a2:15:d8:1a:97:cb:84:3d:de:94:8b:59:f9:49:b9:
53:ce:25:76:5e:a7:2c:a5:27:98:79:11:28:8c:bf:
2f:03:3e:a2:d3:b5:57:7d:49:46:83:5d:57:a7:60:
2e:b8:2e:b3:48:53:52:5a:e1:d8:3c:c7:ea:ea:52:
c5:09:57:e9:24:03:57:16:fc:f2:60:f6:63:f3:b8:
de:7f:3f:3f:e4:1a:41:11:0c:01:fd:c1:71:2c:49:
fa:5a:b7:92:89:8e:3c:7d:18:10:69:9d:03:54:6d:
4d:37:fd:8f:3a:92:db:2d:de:e8:20:6b:30:fb:9a:
c2:3b:6e:53:b1:42:fa:82:34:2e:75:f5:4f:93:e8:
ff:a9:5d:5f:54:f8:85:49:a1:c2:bb:dd:2f:fa:ec:
c8:6e:94:20:02:34:4d:bd:b2:23:fd:76:8d:5e:6d:
05:42:f5:b1:56:f7:fc:64:5f:54:ad:b1:86:13:6d:
7e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C8:90:63:77:76:9C:48:14:E0:89:D4:8C:10:5C:AB:FE:86:06:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:5000::/40
Signature Algorithm: sha256WithRSAEncryption
2d:c6:4f:6a:ca:c1:5f:09:9c:23:bf:35:13:09:15:c2:a7:b0:
0c:a4:80:21:72:18:d7:3a:16:b5:ff:87:98:9b:40:8b:01:6c:
44:ba:52:b2:da:47:6a:51:14:66:ac:63:ab:c6:fe:1f:de:76:
f0:38:92:45:7c:e7:8e:0f:25:45:61:8e:0b:f8:5a:61:b8:cc:
7a:88:1f:6e:f1:cd:92:2f:14:d0:89:a6:c0:0e:2c:96:01:a3:
b6:ef:82:72:a0:4b:ee:87:25:90:76:61:48:e9:14:f9:02:66:
31:72:9b:33:d4:58:f5:f6:cc:04:ac:71:32:64:cc:df:55:d3:
ca:36:53:77:5a:b1:d1:a7:4b:9b:57:7b:a3:11:12:5d:fa:52:
5b:b6:c0:2c:c1:8e:58:c5:cd:87:9f:79:88:c0:01:3d:e7:7f:
86:c7:fb:2a:8d:ea:b7:22:ab:f9:eb:66:d7:ae:c6:90:fb:db:
de:bc:8a:29:c5:1f:4c:82:84:a4:5d:74:fa:da:7b:62:1f:3f:
34:23:96:fa:6f:33:6d:4a:29:d6:cf:07:b4:f4:7a:12:ab:11:
78:57:84:cc:74:bb:10:f8:ec:59:18:ab:05:22:04:05:36:57:
fd:10:c6:e0:c7:30:88:37:34:98:ff:a1:2a:32:89:3e:79:95:
b1:45:6d:15
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH8OJzD7JV+lbOQcKHqKTtrdENM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUxMzVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwOWRiNzg1ZGUxMjdlMzA0NjY1NTI1ZTFiYTE2NGFjZmNkYmQzZDBjOWI0
YjM0YThkOTIwMTM4OTlkNTkwNmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJj1GgVulQsknUBPWwd8rv+NDMPgR6zQ00eMc6iJkiF2s1o/aL/JfykXrL3M
XWAm9cNqhOcaiOGiRmLhPCCJvJOKwPWiToWdwS/VohXYGpfLhD3elItZ+Um5U84l
dl6nLKUnmHkRKIy/LwM+otO1V31JRoNdV6dgLrgus0hTUlrh2DzH6upSxQlX6SQD
Vxb88mD2Y/O43n8/P+QaQREMAf3BcSxJ+lq3komOPH0YEGmdA1RtTTf9jzqS2y3e
6CBrMPuawjtuU7FC+oI0LnX1T5Po/6ldX1T4hUmhwrvdL/rsyG6UIAI0Tb2yI/12
jV5tBUL1sVb3/GRfVK2xhhNtfgcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRqyJBj
d3acSBTgidSMEFyr/oYGKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWExMGRhYzUtMzJjZS00YWFmLTgyOTctZmZkMWRiYzg1MjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DpQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAtxk9qysFfCZwjvzUTCRXCp7AMpIAhchjXOha1
/4eYm0CLAWxEulKy2kdqURRmrGOrxv4f3nbwOJJFfOeODyVFYY4L+FphuMx6iB9u
8c2SLxTQiabADiyWAaO274JyoEvuhyWQdmFI6RT5AmYxcpsz1Fj19swErHEyZMzf
VdPKNlN3WrHRp0ubV3ujERJd+lJbtsAswY5Yxc2Hn3mIwAE953+Gx/sqjeq3Iqv5
62bXrsaQ+9vevIopxR9MgoSkXXT62ntiHz80I5b6bzNtSinWzwe09HoSqxF4V4TM
dLsQ+OxZGKsFIgQFNlf9EMbgxzCINzSY/6EqMok+eZWxRW0V
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:12 2025 by rpki-client