Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
File: fc452689-b0a6-4816-a48a-8c8854d225f8.roa (raw, json)
Hash identifier: wTNfQtfbqbrLvC7M0zUonmWS03WYaFkiDwPzbwDmHSk=
Subject key identifier: C5:22:B8:36:B5:B9:78:78:A5:B2:E3:EF:D0:E2:FC:24:46:5B:93:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 470694C5F41D177B76DDEBC0AEE66F8639DC44CC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
Signing time: Tue 19 Aug 2025 16:50:22 +0000
ROA not before: Tue 19 Aug 2025 16:50:22 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:06:94:c5:f4:1d:17:7b:76:dd:eb:c0:ae:e6:6f:86:39:dc:44:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:22 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=0cc2e9f8acf8a3b4b4b3adf2d8f93e13cc9f7255562d2cee012ef2b7cb150cbe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a0:b5:96:8b:87:fc:a1:2a:82:b2:b2:9e:3e:
93:ed:19:5f:f9:39:b9:04:df:a4:61:7a:2d:d0:c4:
5e:8a:32:20:01:e8:ad:16:22:ed:97:c6:81:20:08:
c7:11:ab:c1:b2:36:cd:cc:03:3c:d2:05:64:3f:d2:
f0:fd:46:08:c4:63:da:31:ed:0a:a6:81:9f:89:b2:
82:41:94:8a:51:67:aa:e9:00:21:c3:71:1a:ca:fd:
3e:81:54:cf:51:d8:26:60:91:0f:57:9b:33:16:f8:
1a:63:ef:34:aa:71:5b:c0:be:e0:33:82:9c:01:25:
76:20:f4:ad:6b:b3:71:a6:d1:de:4a:a7:77:e6:bc:
70:ff:cf:90:dc:92:2d:ea:66:a0:7b:76:1c:67:48:
30:e5:c4:52:df:d3:d0:24:18:b8:38:08:3c:0e:62:
a8:84:a7:12:77:1b:49:06:31:5a:38:b4:f5:41:03:
38:03:fe:bd:f3:e6:d5:93:e6:67:39:2a:ad:fd:01:
4c:28:71:3d:0b:e3:16:9a:f5:de:2f:b6:4a:f3:d1:
f6:56:c3:57:ad:91:bc:66:3f:c1:96:ab:a7:47:86:
87:bb:df:d2:10:41:13:e9:d8:12:3a:9a:c5:70:d0:
25:de:1b:17:58:56:f8:bf:6f:57:1d:3d:6d:7e:29:
84:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:22:B8:36:B5:B9:78:78:A5:B2:E3:EF:D0:E2:FC:24:46:5B:93:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c000::/40
Signature Algorithm: sha256WithRSAEncryption
14:c1:27:5e:04:6e:f5:13:d9:93:c0:4f:ab:44:72:ae:88:91:
64:61:e1:2d:5f:db:48:0a:95:6f:fb:c7:2c:91:51:ea:80:80:
33:a8:08:be:09:e6:89:12:6a:2c:4c:df:f4:e7:35:04:53:ef:
1c:31:8b:fd:d1:24:43:06:4e:34:ad:0a:29:50:fb:0d:db:ec:
59:a5:54:97:d6:39:7d:55:a1:8a:b5:e0:9a:b2:e3:f3:ac:a6:
10:25:9f:0e:75:0b:20:6b:b5:5e:45:05:7d:eb:04:11:0c:f5:
36:c4:08:1a:c3:dd:93:4d:c3:42:25:f7:04:5f:8d:8b:7b:4c:
a7:2a:12:93:50:89:6d:23:f6:90:ce:66:a3:63:a6:02:ab:cd:
b1:5b:24:3b:76:7d:e7:89:46:7f:50:5b:cb:8c:69:9b:b7:c2:
d7:d5:0c:41:34:96:01:bb:ac:71:da:d7:f7:31:64:29:ff:51:
99:33:85:a8:75:fc:c1:04:28:34:20:fd:0c:c7:41:97:51:6d:
9c:da:2a:cb:ed:84:00:69:8e:5c:47:76:c4:73:b7:30:96:4a:
b1:0e:ce:f7:54:1d:c5:95:03:29:87:ec:3b:ef:49:f1:55:cf:
d2:c1:ed:40:cc:45:40:6d:85:e3:27:86:c1:b1:46:c5:3f:fe:
24:dd:52:08
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURwaUxfQdF3t23evAruZvhjncRMwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwMjJaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjYzJlOWY4YWNmOGEzYjRiNGIzYWRmMmQ4ZjkzZTEzY2M5ZjcyNTU1NjJk
MmNlZTAxMmVmMmI3Y2IxNTBjYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOgtZaLh/yhKoKysp4+k+0ZX/k5uQTfpGF6LdDEXooyIAHorRYi7ZfGgSAI
xxGrwbI2zcwDPNIFZD/S8P1GCMRj2jHtCqaBn4mygkGUilFnqukAIcNxGsr9PoFU
z1HYJmCRD1ebMxb4GmPvNKpxW8C+4DOCnAEldiD0rWuzcabR3kqnd+a8cP/PkNyS
LepmoHt2HGdIMOXEUt/T0CQYuDgIPA5iqISnEncbSQYxWji09UEDOAP+vfPm1ZPm
Zzkqrf0BTChxPQvjFpr13i+2SvPR9lbDV62RvGY/wZarp0eGh7vf0hBBE+nYEjqa
xXDQJd4bF1hW+L9vVx09bX4phHUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTFIrg2
tbl4eKWy4+/Q4vwkRluThTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM0NTI2ODktYjBhNi00ODE2LWE0OGEtOGM4ODU0ZDIyNWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTA
MA0GCSqGSIb3DQEBCwUAA4IBAQAUwSdeBG71E9mTwE+rRHKuiJFkYeEtX9tICpVv
+8cskVHqgIAzqAi+CeaJEmosTN/05zUEU+8cMYv90SRDBk40rQopUPsN2+xZpVSX
1jl9VaGKteCasuPzrKYQJZ8OdQsga7VeRQV96wQRDPU2xAgaw92TTcNCJfcEX42L
e0ynKhKTUIltI/aQzmajY6YCq82xWyQ7dn3niUZ/UFvLjGmbt8LX1QxBNJYBu6xx
2tf3MWQp/1GZM4WodfzBBCg0IP0Mx0GXUW2c2irL7YQAaY5cR3bEc7cwlkqxDs73
VB3FlQMph+w770nxVc/Swe1AzEVAbYXjJ4bBsUbFP/4k3VII
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:39 2025 by rpki-client