Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
File: ea271f77-763d-42f8-a315-60081847d059.roa (raw, json)
Hash identifier: l4AOXOtAyNJQjJxRi/EPLWmZ3eR9+ja95F4UvtKaCG0=
Subject key identifier: 63:99:8B:90:6F:88:FD:40:8F:D7:E3:5E:0A:D8:F1:F6:03:6A:85:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11B26964186D2A3B8B1EA2321D003FAC5D6D378E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
Signing time: Mon 16 Jun 2025 19:40:13 +0000
ROA not before: Mon 16 Jun 2025 19:40:13 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:b2:69:64:18:6d:2a:3b:8b:1e:a2:32:1d:00:3f:ac:5d:6d:37:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:40:13 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=1a2938fee51b87f210f229efbfdcd9325514de79bfd5f31ba24225a127293fb4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ca:e7:a9:13:5c:3f:c2:30:b7:4a:b3:3c:9b:
c7:15:9c:c9:14:59:a9:84:82:50:2c:5f:d3:18:50:
f4:2d:ec:a6:2b:b1:e7:81:99:71:da:c1:02:cb:64:
cf:84:43:f3:87:27:b1:52:8e:34:59:a5:5e:dc:52:
d2:50:40:86:4c:2f:bf:5e:a7:10:0d:b8:01:fd:be:
01:69:14:4f:a4:e8:38:c5:a9:00:53:6b:6b:4a:72:
67:07:5c:4b:ed:f0:dd:4a:1e:fd:d4:35:ec:94:b0:
77:7f:8b:46:7d:2b:7d:61:d9:75:e9:00:94:11:d1:
a4:46:a7:45:1b:9b:ab:84:94:10:37:05:48:b7:0d:
67:7f:76:82:79:68:c4:d6:92:f2:cb:81:b8:82:44:
fd:fd:66:5a:62:06:f4:10:0c:d1:b4:a8:64:63:73:
07:1d:d2:17:e4:6a:7b:f8:96:48:30:bf:7d:8e:bf:
f3:87:c2:cf:dc:f2:1e:9f:72:5f:34:db:f1:3e:59:
c2:05:7b:63:87:5b:31:67:f4:85:d6:c5:cd:16:11:
0d:74:9a:24:22:7c:bf:96:db:c8:1d:7b:19:d3:22:
6d:85:f0:5b:b8:ca:e3:5a:46:d7:0f:d6:6d:e7:8a:
37:54:76:03:b6:7f:bb:2c:45:eb:64:bd:12:2d:d5:
f7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:99:8B:90:6F:88:FD:40:8F:D7:E3:5E:0A:D8:F1:F6:03:6A:85:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e040::/48
Signature Algorithm: sha256WithRSAEncryption
10:e0:b4:20:3a:27:88:0c:96:bb:8b:73:c3:40:48:39:de:a8:
43:41:13:ed:b1:a1:f3:a6:03:f1:36:4d:15:d1:2d:71:11:dc:
c4:a7:9f:2f:43:a7:9a:dd:57:b9:e9:7f:9a:38:77:02:4f:2d:
df:66:48:dd:8f:b5:c5:7c:f8:e5:88:a6:76:ca:ac:54:87:35:
5a:00:0d:81:e6:86:1d:c5:fe:ce:1c:3b:7a:a0:fa:c9:84:57:
c2:df:4d:fb:dd:ff:ea:6b:9a:04:16:61:78:2d:c8:2d:63:5d:
af:d8:7d:ef:a9:a8:41:57:66:15:fb:9a:40:d7:74:28:ce:a9:
6f:71:1c:40:fb:02:01:f8:89:38:bb:37:e4:e4:ea:2b:7f:c6:
03:1a:4f:b9:97:38:f9:ea:c4:1f:1c:aa:c4:ec:78:58:db:8f:
76:f8:b8:3e:d8:3f:b8:05:9d:d0:2c:47:61:a4:f2:96:77:7f:
61:90:81:ad:34:40:63:e2:a6:4f:f2:23:15:61:2b:bc:75:9f:
d4:07:19:4e:fe:f2:f9:60:02:ed:a3:21:f4:6d:18:38:17:84:
dc:ce:a1:3d:f1:67:6d:63:28:ec:26:9f:01:92:d6:a2:28:cf:
78:89:ef:55:af:9d:eb:2c:f7:4f:b8:9b:41:98:92:09:53:4c:
e2:c8:e1:64
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEbJpZBhtKjuLHqIyHQA/rF1tN44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQwMTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhMjkzOGZlZTUxYjg3ZjIxMGYyMjllZmJmZGNkOTMyNTUxNGRlNzliZmQ1
ZjMxYmEyNDIyNWExMjcyOTNmYjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjK56kTXD/CMLdKszybxxWcyRRZqYSCUCxf0xhQ9C3spiux54GZcdrBAstk
z4RD84cnsVKONFmlXtxS0lBAhkwvv16nEA24Af2+AWkUT6ToOMWpAFNra0pyZwdc
S+3w3Uoe/dQ17JSwd3+LRn0rfWHZdekAlBHRpEanRRubq4SUEDcFSLcNZ392gnlo
xNaS8suBuIJE/f1mWmIG9BAM0bSoZGNzBx3SF+Rqe/iWSDC/fY6/84fCz9zyHp9y
XzTb8T5ZwgV7Y4dbMWf0hdbFzRYRDXSaJCJ8v5bbyB17GdMibYXwW7jK41pG1w/W
beeKN1R2A7Z/uyxF62S9Ei3V960CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRjmYuQ
b4j9QI/X414K2PH2A2qFQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWEyNzFmNzctNzYzZC00MmY4LWEzMTUtNjAwODE4NDdkMDU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg
QDANBgkqhkiG9w0BAQsFAAOCAQEAEOC0IDoniAyWu4tzw0BIOd6oQ0ET7bGh86YD
8TZNFdEtcRHcxKefL0Onmt1Xuel/mjh3Ak8t32ZI3Y+1xXz45YimdsqsVIc1WgAN
geaGHcX+zhw7eqD6yYRXwt9N+93/6muaBBZheC3ILWNdr9h976moQVdmFfuaQNd0
KM6pb3EcQPsCAfiJOLs35OTqK3/GAxpPuZc4+erEHxyqxOx4WNuPdvi4Ptg/uAWd
0CxHYaTylnd/YZCBrTRAY+KmT/IjFWErvHWf1AcZTv7y+WAC7aMh9G0YOBeE3M6h
PfFnbWMo7CafAZLWoijPeInvVa+d6yz3T7ibQZiSCVNM4sjhZA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:56:48 2025 by rpki-client