Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
File: 190e1645-8146-4d32-be0a-feed324f8efa.roa (raw, json)
Hash identifier: Hy7gJL8eNoVB8rpjsP4DcrGmsia/YxRAxRzQ72FgSTU=
Subject key identifier: 00:67:E2:F5:59:9F:DA:D0:D4:8C:84:38:56:CD:D8:5F:ED:4F:E6:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 745B1A298DDB532CBEA98C704F0344096C377673
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
Signing time: Fri 11 Jul 2025 20:11:12 +0000
ROA not before: Fri 11 Jul 2025 20:11:12 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:5b:1a:29:8d:db:53:2c:be:a9:8c:70:4f:03:44:09:6c:37:76:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:11:12 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=cf48bc4050cdac569560b4e6a469c5e19e834daab71d87a300ffb7b8e996efd8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9a:03:e0:e1:68:f2:92:ed:8a:c0:a6:7c:8e:
0a:9e:ab:fc:3a:9a:5a:60:4e:10:94:e9:3d:a4:16:
f8:d9:08:6d:a3:37:c9:0a:6f:1d:79:70:84:57:b3:
66:8e:04:dc:3b:4c:c3:b1:60:a1:6c:38:0d:c8:6a:
98:11:51:3f:ef:42:c9:7e:70:5d:cf:f0:8f:35:3b:
3c:32:d6:14:22:ed:a9:45:f1:8f:32:95:f8:80:8f:
0e:c7:60:c0:04:ec:97:67:b7:22:43:39:4d:09:88:
ae:c5:a8:32:d4:b2:5b:e3:bd:ae:cc:71:62:37:a0:
12:5b:47:b7:14:e9:61:17:5f:7d:5b:1f:d8:0c:7c:
e3:1d:c1:24:a3:38:c2:ab:ed:4b:c1:22:ed:c5:e8:
45:57:04:c7:3e:85:cf:8b:46:a5:3c:89:e6:95:08:
3c:08:ac:21:71:f7:58:fa:4d:85:5a:b0:75:b7:65:
f0:b5:5d:5a:e7:bc:97:89:c1:fd:9b:a6:3c:97:d5:
38:60:38:e1:c6:e4:e3:ca:61:df:00:82:99:66:60:
72:cc:6f:d1:8f:fc:1c:7e:05:29:72:1a:bf:f0:3c:
39:a6:16:dd:2d:ee:6c:94:b6:8d:6e:cd:6a:9c:45:
b0:e4:2e:18:9d:05:af:7d:6b:b1:42:07:a8:2e:a4:
a9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:67:E2:F5:59:9F:DA:D0:D4:8C:84:38:56:CD:D8:5F:ED:4F:E6:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:a000::/40
Signature Algorithm: sha256WithRSAEncryption
25:af:07:03:79:a6:4c:c5:88:71:d4:f1:32:55:05:eb:17:01:
16:74:cc:58:62:1d:cb:66:0f:18:2e:62:4a:4f:97:38:94:af:
b4:3b:3e:26:67:0b:a2:e6:0a:af:1b:8f:82:b8:52:28:82:46:
51:1c:72:c8:48:9a:b0:be:05:69:71:e8:c6:26:43:83:95:eb:
73:e0:ed:e5:cf:0e:b2:32:a7:4e:fe:27:20:20:38:8b:72:4c:
49:78:c2:22:73:cf:da:b6:0d:30:51:c7:7a:ee:a7:e0:04:39:
26:e4:1b:b6:f4:fb:1f:60:74:52:df:5a:79:a4:80:8e:ac:3f:
a8:a9:1c:e8:db:85:b5:13:7c:a1:b6:df:f0:ed:73:ba:75:29:
92:53:48:c9:76:24:89:74:af:b2:46:ea:1c:28:3a:fa:16:1c:
85:a2:59:6c:e9:1a:79:96:19:32:c4:4b:cb:04:35:80:50:c9:
c3:5b:2c:93:2f:7f:68:6c:e8:da:7f:66:57:18:62:2e:ab:ed:
c0:30:06:ad:61:52:9e:e8:fd:17:d8:f4:10:d4:d8:ee:f7:7f:
4b:06:cb:9d:4a:a9:6e:ab:b9:93:50:b7:5f:0c:d0:15:26:76:
d8:4d:66:76:68:94:93:63:cc:1e:f8:75:19:84:14:44:2d:72:
70:09:de:cb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdFsaKY3bUyy+qYxwTwNECWw3dnMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDExMTJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmNDhiYzQwNTBjZGFjNTY5NTYwYjRlNmE0NjljNWUxOWU4MzRkYWFiNzFk
ODdhMzAwZmZiN2I4ZTk5NmVmZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJyaA+DhaPKS7YrApnyOCp6r/DqaWmBOEJTpPaQW+NkIbaM3yQpvHXlwhFez
Zo4E3DtMw7FgoWw4DchqmBFRP+9CyX5wXc/wjzU7PDLWFCLtqUXxjzKV+ICPDsdg
wATsl2e3IkM5TQmIrsWoMtSyW+O9rsxxYjegEltHtxTpYRdffVsf2Ax84x3BJKM4
wqvtS8Ei7cXoRVcExz6Fz4tGpTyJ5pUIPAisIXH3WPpNhVqwdbdl8LVdWue8l4nB
/ZumPJfVOGA44cbk48ph3wCCmWZgcsxv0Y/8HH4FKXIav/A8OaYW3S3ubJS2jW7N
apxFsOQuGJ0Fr31rsUIHqC6kqSsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQAZ+L1
WZ/a0NSMhDhWzdhf7U/mrDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTkwZTE2NDUtODE0Ni00ZDMyLWJlMGEtZmVlZDMyNGY4ZWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSg
MA0GCSqGSIb3DQEBCwUAA4IBAQAlrwcDeaZMxYhx1PEyVQXrFwEWdMxYYh3LZg8Y
LmJKT5c4lK+0Oz4mZwui5gqvG4+CuFIogkZRHHLISJqwvgVpcejGJkODletz4O3l
zw6yMqdO/icgIDiLckxJeMIic8/atg0wUcd67qfgBDkm5Bu29PsfYHRS31p5pICO
rD+oqRzo24W1E3yhtt/w7XO6dSmSU0jJdiSJdK+yRuocKDr6FhyFolls6Rp5lhky
xEvLBDWAUMnDWyyTL39obOjaf2ZXGGIuq+3AMAatYVKe6P0X2PQQ1Nju939LBsud
Sqluq7mTULdfDNAVJnbYTWZ2aJSTY8we+HUZhBRELXJwCd7L
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:09 2025 by rpki-client