Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
File: 53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa (raw, json)
Hash identifier: by6LSfwbjbtK7XVoE6DJZ5rSUlfqCJqbbyW/tv8V+2c=
Subject key identifier: BF:78:CE:B5:2A:A6:3A:A6:06:5D:6B:A1:11:81:7A:AC:74:01:45:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 106E65FFC7AFA41A791E71BFD0F52C64E1370293
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
Signing time: Mon 28 Jul 2025 16:11:07 +0000
ROA not before: Mon 28 Jul 2025 16:11:07 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:6e:65:ff:c7:af:a4:1a:79:1e:71:bf:d0:f5:2c:64:e1:37:02:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:11:07 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=252603589411543c78ec2e28e0bdc7f88924a014c6da1a12ed5bf491a5f91ffc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5d:30:f4:7b:d3:d0:1a:0b:f3:dc:5f:8b:2b:
c0:7a:59:1e:f2:68:e4:5b:30:8a:f2:21:66:61:46:
76:df:1d:70:94:67:9f:a4:63:3c:e0:67:a2:f1:ac:
95:3c:04:2f:2a:c9:b9:3d:6e:46:f8:bf:31:53:c7:
78:e1:ab:7c:a4:c1:6b:7b:e6:9b:23:08:47:ba:c4:
a6:68:94:8e:7b:75:21:3b:f8:71:7f:fb:8d:dd:a3:
43:39:59:d6:de:1e:01:48:02:0b:0a:63:e1:9f:f5:
dd:74:f4:5b:90:f2:cc:21:7b:8f:b0:cb:0e:9c:74:
ed:97:f4:4f:26:f9:73:02:83:66:a5:3b:28:50:d0:
e6:26:64:d7:43:6a:32:cd:ac:d0:c9:ad:d9:ce:01:
71:c0:98:3f:d6:16:7f:7a:eb:18:41:12:4e:ce:d0:
69:9f:e9:73:b6:81:2f:95:b0:50:b4:76:99:2f:b5:
05:18:6d:c0:8c:6a:b9:39:b3:09:ca:d2:08:d3:86:
83:a0:77:e7:87:14:06:4e:60:de:83:db:a6:88:ad:
b8:f4:6c:08:74:37:43:ec:60:2c:17:e4:ea:39:bb:
56:9d:85:82:d6:c5:44:79:16:8d:44:84:a1:c5:fc:
9e:18:0f:01:70:df:fe:8d:bf:f4:cb:31:1d:ce:06:
8f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:78:CE:B5:2A:A6:3A:A6:06:5D:6B:A1:11:81:7A:AC:74:01:45:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:2000::/40
Signature Algorithm: sha256WithRSAEncryption
8b:f9:9e:72:4e:0b:56:63:fc:9b:30:48:fb:67:35:e9:37:c2:
11:94:8f:2d:28:6b:cc:bd:42:9f:15:15:3b:8f:4d:64:8a:5e:
66:c3:7c:7c:1a:c5:f2:d7:a0:8d:28:97:d6:35:9b:73:9c:c3:
58:34:cb:dd:98:77:a5:35:e9:5f:4f:27:c0:ce:db:32:9a:ae:
e9:57:9c:65:cf:9c:aa:b3:f0:74:1e:32:17:e1:74:66:a7:e7:
42:5f:07:6d:d1:0d:b2:4a:c3:11:c7:74:24:f5:1a:c9:69:d3:
0c:33:b4:b7:ec:6c:3d:7d:ac:7c:12:5e:b6:c6:b3:5a:fe:9a:
18:05:77:f5:4d:f2:eb:d4:c7:ac:db:4c:27:6d:c9:88:ab:bd:
9a:a9:78:59:32:4a:6c:0e:6f:38:a2:92:82:b3:4f:c9:1b:59:
9d:07:1a:f0:fe:0a:16:ed:09:7f:0f:0e:66:56:26:23:a2:6b:
84:82:0c:58:8c:5c:7f:28:41:f3:b7:e7:26:5c:3b:e9:db:cd:
f8:31:cd:36:9f:fd:dd:e1:41:c9:67:59:62:5c:81:13:b5:70:
67:44:f6:df:92:c8:8f:70:56:01:b3:e8:b1:7e:59:65:a7:6f:
4a:c6:9f:07:15:3b:23:cb:d9:74:e7:e6:c5:08:a0:ad:5a:ea:
22:1f:14:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEG5l/8evpBp5HnG/0PUsZOE3ApMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjExMDdaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1MjYwMzU4OTQxMTU0M2M3OGVjMmUyOGUwYmRjN2Y4ODkyNGEwMTRjNmRh
MWExMmVkNWJmNDkxYTVmOTFmZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVdMPR709AaC/PcX4srwHpZHvJo5FswivIhZmFGdt8dcJRnn6RjPOBnovGs
lTwELyrJuT1uRvi/MVPHeOGrfKTBa3vmmyMIR7rEpmiUjnt1ITv4cX/7jd2jQzlZ
1t4eAUgCCwpj4Z/13XT0W5DyzCF7j7DLDpx07Zf0Tyb5cwKDZqU7KFDQ5iZk10Nq
Ms2s0Mmt2c4BccCYP9YWf3rrGEESTs7QaZ/pc7aBL5WwULR2mS+1BRhtwIxquTmz
CcrSCNOGg6B354cUBk5g3oPbpoituPRsCHQ3Q+xgLBfk6jm7Vp2FgtbFRHkWjUSE
ocX8nhgPAXDf/o2/9MsxHc4Gj5kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS/eM61
KqY6pgZda6ERgXqsdAFFVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTNmZGQzNTQtMGViOC00MDRiLTgyMDMtYjVlODIxMWIyYjdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYg
MA0GCSqGSIb3DQEBCwUAA4IBAQCL+Z5yTgtWY/ybMEj7ZzXpN8IRlI8tKGvMvUKf
FRU7j01kil5mw3x8GsXy16CNKJfWNZtznMNYNMvdmHelNelfTyfAztsymq7pV5xl
z5yqs/B0HjIX4XRmp+dCXwdt0Q2ySsMRx3Qk9RrJadMMM7S37Gw9fax8El62xrNa
/poYBXf1TfLr1Mes20wnbcmIq72aqXhZMkpsDm84opKCs0/JG1mdBxrw/goW7Ql/
Dw5mViYjomuEggxYjFx/KEHzt+cmXDvp2834Mc02n/3d4UHJZ1liXIETtXBnRPbf
ksiPcFYBs+ixflllp29Kxp8HFTsjy9l05+bFCKCtWuoiHxT+
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:48 2025 by rpki-client