Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa
File: 130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa (raw, json)
Hash identifier: kJMYUiEaRorCyqyNCZl4kOfc/MDArooPVe+I3niEgcw=
Subject key identifier: 02:5C:F3:16:B6:B0:2F:46:ED:AA:19:D8:69:5E:D9:98:38:04:FC:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A629F3477FD41AC8B64D106A8F1176E85CAFF8D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa
Signing time: Fri 25 Jul 2025 16:50:41 +0000
ROA not before: Fri 25 Jul 2025 16:50:41 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:62:9f:34:77:fd:41:ac:8b:64:d1:06:a8:f1:17:6e:85:ca:ff:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:50:41 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=4a27bc29c0184dcfafec87a54b0f6372740e00c07e4a5c28eb6b0fa9afcf324a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:06:cc:7f:5e:24:d8:ff:44:b0:6e:bc:04:d2:
91:93:5c:bc:e4:7b:6f:c9:66:f5:5e:cc:e3:6f:25:
66:33:91:ce:d0:75:93:fe:75:e8:b9:34:77:e1:33:
cb:5d:9d:f2:31:aa:02:76:da:84:76:70:37:5d:62:
fd:9d:10:ba:62:82:56:e5:a1:ac:60:f8:8d:29:02:
bb:08:70:c0:aa:49:66:7a:27:c9:9d:a9:1b:85:4b:
df:b6:ff:9e:22:32:48:98:f4:f1:84:34:09:44:d6:
c6:5a:93:41:40:df:e8:85:82:d0:c4:5d:16:cc:dc:
2e:aa:b8:e8:3a:7f:1d:f1:17:f0:90:52:72:d6:7f:
7a:f4:fc:4a:18:f7:ca:bc:d0:35:94:a3:0a:29:70:
4e:b0:ea:31:4d:ea:07:6d:76:68:2a:b5:85:2f:3e:
93:e9:90:91:e0:72:12:07:b8:45:c6:43:25:93:dc:
c1:ae:aa:31:ca:9f:5f:53:71:0f:40:ff:99:2d:fb:
86:01:92:fd:c3:39:5e:87:17:80:8b:dd:a3:c2:48:
34:4e:57:0b:13:b5:bc:be:3a:d5:03:26:f7:85:dd:
0a:a3:03:ee:21:01:a7:95:ae:5a:3e:59:f7:7d:c8:
97:23:38:b8:af:1f:69:fb:15:48:48:d0:d1:fb:ab:
8e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:5C:F3:16:B6:B0:2F:46:ED:AA:19:D8:69:5E:D9:98:38:04:FC:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:e000::/40
Signature Algorithm: sha256WithRSAEncryption
33:e8:c7:01:bb:54:53:a6:79:c0:7d:88:e1:db:1a:2a:f3:36:
a3:6a:ec:7f:d3:cc:44:31:af:f0:05:86:40:e6:c6:54:79:8d:
da:85:19:2e:e3:af:f0:63:23:18:07:85:d7:a0:62:f8:a3:78:
b8:f0:7c:25:3b:59:71:d5:e9:5b:69:bc:0c:7e:72:77:cb:8c:
8a:e7:d3:fb:5c:9d:bd:f0:74:b8:52:ff:e5:63:e4:df:df:83:
ec:a0:5c:a6:7b:26:1c:e4:7e:a2:53:bf:8b:53:26:d7:28:3f:
e0:d7:e2:f7:b3:1e:88:3c:eb:68:93:3e:a2:48:96:a2:1c:b0:
5e:8e:c1:5e:95:0e:24:f5:5a:09:ff:ca:e4:d9:98:22:8c:0b:
5f:0c:c9:3a:db:9f:4c:20:66:07:fe:98:e8:b5:da:ec:22:b3:
7c:c0:f5:48:c3:44:83:4d:f5:be:e1:d9:f1:c4:ea:20:6f:a0:
42:92:21:21:8a:1b:90:96:03:21:70:a0:b3:a5:03:5d:bf:73:
2f:49:41:1f:f3:d3:23:64:ae:a1:45:2f:99:d8:58:18:97:71:
dc:71:c9:7a:42:ab:85:98:67:6f:76:2d:0e:3a:67:67:34:86:
c0:bf:6d:61:cd:c1:f1:40:92:fe:ad:ea:f4:21:1d:5c:33:db:
58:a9:66:98
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWmKfNHf9QayLZNEGqPEXboXK/40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUwNDFaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhMjdiYzI5YzAxODRkY2ZhZmVjODdhNTRiMGY2MzcyNzQwZTAwYzA3ZTRh
NWMyOGViNmIwZmE5YWZjZjMyNGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMoGzH9eJNj/RLBuvATSkZNcvOR7b8lm9V7M428lZjORztB1k/516Lk0d+Ez
y12d8jGqAnbahHZwN11i/Z0QumKCVuWhrGD4jSkCuwhwwKpJZnonyZ2pG4VL37b/
niIySJj08YQ0CUTWxlqTQUDf6IWC0MRdFszcLqq46Dp/HfEX8JBSctZ/evT8Shj3
yrzQNZSjCilwTrDqMU3qB212aCq1hS8+k+mQkeByEge4RcZDJZPcwa6qMcqfX1Nx
D0D/mS37hgGS/cM5XocXgIvdo8JINE5XCxO1vL461QMm94XdCqMD7iEBp5WuWj5Z
933IlyM4uK8fafsVSEjQ0furjiECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQCXPMW
trAvRu2qGdhpXtmYOAT8BjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTMwYmI1MTgtY2EzNi00M2VkLWI4ZGQtMDM0NWY1YzFiM2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fng
MA0GCSqGSIb3DQEBCwUAA4IBAQAz6McBu1RTpnnAfYjh2xoq8zajaux/08xEMa/w
BYZA5sZUeY3ahRku46/wYyMYB4XXoGL4o3i48HwlO1lx1elbabwMfnJ3y4yK59P7
XJ298HS4Uv/lY+Tf34PsoFymeyYc5H6iU7+LUybXKD/g1+L3sx6IPOtokz6iSJai
HLBejsFelQ4k9VoJ/8rk2ZgijAtfDMk6259MIGYH/pjotdrsIrN8wPVIw0SDTfW+
4dnxxOogb6BCkiEhihuQlgMhcKCzpQNdv3MvSUEf89MjZK6hRS+Z2FgYl3Hcccl6
QquFmGdvdi0OOmdnNIbAv21hzcHxQJL+rer0IR1cM9tYqWaY
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:22:27 2025 by rpki-client