Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcc2c855-ca62-4b4c-a1c6-8b4152bc7a05.roa
File: fcc2c855-ca62-4b4c-a1c6-8b4152bc7a05.roa (raw, json)
Hash identifier: 9E1IZZQet0YM49qsIgAvQcEANqQnQ+usTQWC922le7A=
Subject key identifier: 73:70:BC:97:CF:7C:B1:F0:10:38:01:84:F6:CB:D5:4C:39:74:89:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0167DD631B81BB3D33A22F80534BB99AA8BBA08A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcc2c855-ca62-4b4c-a1c6-8b4152bc7a05.roa
Signing time: Mon 16 Jun 2025 21:10:50 +0000
ROA not before: Mon 16 Jun 2025 21:10:50 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:67:dd:63:1b:81:bb:3d:33:a2:2f:80:53:4b:b9:9a:a8:bb:a0:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:10:50 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=3b0925e1decf8c2cfda0303f22f7ee3299b64c8626c3348431592a21628f60bd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:cd:b1:5b:9f:d8:70:6a:dc:60:8e:b8:2c:4b:
32:15:f7:03:59:7b:c4:55:17:d2:fc:25:71:7b:ea:
fb:52:19:52:24:75:f6:2f:9b:7a:1b:bc:3f:71:30:
c0:55:f0:20:bd:79:71:12:2c:e7:69:47:f7:56:c0:
e6:59:9d:b8:91:c3:68:7c:31:0c:cf:b0:48:b3:32:
f2:14:1f:52:d8:24:2b:9f:86:e7:64:8c:e9:2e:9c:
af:1b:ae:5b:7c:6d:b8:ac:5f:00:57:2f:77:b2:a8:
21:b7:eb:50:21:85:07:e4:b2:74:48:82:51:bc:45:
61:73:36:72:84:88:ed:1f:5e:9c:35:1d:0a:4a:5b:
24:c3:02:51:73:ed:6d:52:96:cc:ca:b4:03:5a:1b:
65:2f:35:5e:a1:5b:4f:cd:59:16:98:b6:1a:82:46:
fe:e8:ed:04:13:64:d1:89:2e:0a:e3:9a:94:6b:8c:
08:80:01:e4:e4:fd:6c:ee:35:7c:4c:b3:90:25:99:
f6:77:69:08:bc:a5:47:6b:04:01:5b:16:13:11:fd:
e2:b3:07:5c:31:6c:d5:9b:0c:1a:3c:b7:54:25:99:
5c:4a:25:a2:2d:5e:3c:32:df:86:e9:51:0f:b8:e2:
6e:68:f8:a9:61:f3:af:98:71:a5:16:2a:68:3b:ae:
ff:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:70:BC:97:CF:7C:B1:F0:10:38:01:84:F6:CB:D5:4C:39:74:89:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcc2c855-ca62-4b4c-a1c6-8b4152bc7a05.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:c000::/40
Signature Algorithm: sha256WithRSAEncryption
84:4b:69:ba:91:4e:5c:ec:4d:83:fa:60:39:14:8f:7b:ef:1a:
a8:21:23:fb:6d:50:c7:6b:40:1d:7d:a3:92:ad:5a:e5:48:48:
a7:cf:fc:0b:7b:c4:ae:fc:d4:db:6f:56:69:7b:fe:12:ba:60:
24:a6:74:0e:c1:20:6b:3a:f9:4a:22:a7:a1:4e:52:2b:0c:14:
db:c6:9f:5a:4c:94:8a:3a:c5:e1:96:8f:e3:ee:49:a4:20:c0:
3e:1a:4d:1f:09:db:81:9e:51:00:aa:a1:35:48:b2:d2:09:5a:
ab:ef:47:bf:06:67:e5:3c:6e:80:44:2a:2d:c5:c7:42:92:61:
5a:7f:45:df:85:ea:01:88:6c:55:10:5e:65:1c:90:32:d6:a2:
a0:f5:6f:23:4d:14:b5:b1:8d:ab:8b:35:86:b7:e1:ee:cb:36:
fc:81:44:1b:bd:f1:43:0e:6b:71:af:fc:2d:aa:55:09:c0:01:
3f:57:f7:d5:a1:3a:b5:e7:69:ec:25:46:70:2e:7d:e2:3a:b5:
c5:5c:9a:14:4c:3d:ce:cd:bf:23:79:41:c1:ed:94:26:23:14:
80:35:94:5c:be:b9:dc:1a:bb:62:18:13:b7:45:be:37:cc:e8:
95:19:bb:6c:8f:8f:44:a0:e1:8e:eb:c9:a0:0d:dc:be:dc:e5:
b4:25:ba:ed
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAWfdYxuBuz0zoi+AU0u5mqi7oIowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTEwNTBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiMDkyNWUxZGVjZjhjMmNmZGEwMzAzZjIyZjdlZTMyOTliNjRjODYyNmMz
MzQ4NDMxNTkyYTIxNjI4ZjYwYmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3NsVuf2HBq3GCOuCxLMhX3A1l7xFUX0vwlcXvq+1IZUiR19i+behu8P3Ew
wFXwIL15cRIs52lH91bA5lmduJHDaHwxDM+wSLMy8hQfUtgkK5+G52SM6S6crxuu
W3xtuKxfAFcvd7KoIbfrUCGFB+SydEiCUbxFYXM2coSI7R9enDUdCkpbJMMCUXPt
bVKWzMq0A1obZS81XqFbT81ZFpi2GoJG/ujtBBNk0YkuCuOalGuMCIAB5OT9bO41
fEyzkCWZ9ndpCLylR2sEAVsWExH94rMHXDFs1ZsMGjy3VCWZXEoloi1ePDLfhulR
D7jibmj4qWHzr5hxpRYqaDuu/6kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRzcLyX
z3yx8BA4AYT2y9VMOXSJgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNjMmM4NTUtY2E2Mi00YjRjLWExYzYtOGI0MTUyYmM3YTA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HXA
MA0GCSqGSIb3DQEBCwUAA4IBAQCES2m6kU5c7E2D+mA5FI977xqoISP7bVDHa0Ad
faOSrVrlSEinz/wLe8Su/NTbb1Zpe/4SumAkpnQOwSBrOvlKIqehTlIrDBTbxp9a
TJSKOsXhlo/j7kmkIMA+Gk0fCduBnlEAqqE1SLLSCVqr70e/BmflPG6ARCotxcdC
kmFaf0XfheoBiGxVEF5lHJAy1qKg9W8jTRS1sY2rizWGt+Huyzb8gUQbvfFDDmtx
r/wtqlUJwAE/V/fVoTq152nsJUZwLn3iOrXFXJoUTD3Ozb8jeUHB7ZQmIxSANZRc
vrncGrtiGBO3Rb43zOiVGbtsj49EoOGO68mgDdy+3OW0Jbrt
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:15 2025 by rpki-client