Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
File: 5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa (raw, json)
Hash identifier: 7t3bEkygO0kP8dbXynChPjvGvw11FnHKGzo8I97Yemw=
Subject key identifier: 8C:93:E5:B0:8C:9A:90:8C:8B:D2:7A:81:20:95:D2:23:60:AC:4C:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2BEE8165C01E36B96055C3FE7BA330330B1F34DE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
Signing time: Mon 28 Jul 2025 16:10:05 +0000
ROA not before: Mon 28 Jul 2025 16:10:05 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:ee:81:65:c0:1e:36:b9:60:55:c3:fe:7b:a3:30:33:0b:1f:34:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:05 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=c54479f7d6aec16d58d2aeccf1b43c1cf75ff859904fb99f2a5060e17758d79c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:78:50:88:03:8d:90:e7:2f:b8:b9:4b:01:2c:
55:44:28:42:17:62:88:d6:13:c6:f0:47:86:ea:e4:
6f:bc:f0:25:1b:68:c6:49:c6:8a:e4:e4:41:d1:c0:
ee:72:73:db:70:66:dd:95:b3:96:77:9a:f1:a7:23:
08:59:06:64:04:7e:80:5b:63:5c:b1:ec:f2:08:8e:
37:5f:89:41:3a:19:f7:1f:bf:dd:fc:80:78:ec:d3:
e0:cc:d9:1f:82:03:fa:2b:82:e8:e4:fe:6d:35:13:
0f:01:73:dc:2d:58:52:49:37:ba:75:68:1c:e5:a0:
6a:45:4d:0a:5d:1a:c6:8c:77:cd:f1:99:0a:71:9b:
29:70:44:e9:bc:b4:8c:50:e7:05:0b:41:de:01:50:
10:cc:64:40:89:25:8c:05:4f:e6:c2:3e:0f:ea:1b:
37:f2:7d:cd:2d:ca:55:87:57:94:2b:12:da:eb:9d:
5a:76:34:ff:19:cc:9f:31:a1:87:0b:42:74:86:63:
f9:56:72:58:2c:6c:7d:a8:e5:fe:18:9f:aa:0b:a0:
f2:71:b0:2f:88:a9:01:b0:66:d5:00:d1:0e:9c:0c:
5b:ca:d3:54:2c:6f:34:b7:92:79:09:84:3e:cd:2e:
d5:17:61:57:8a:f9:57:86:10:e2:7e:2b:89:e4:07:
02:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:93:E5:B0:8C:9A:90:8C:8B:D2:7A:81:20:95:D2:23:60:AC:4C:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:8000::/40
Signature Algorithm: sha256WithRSAEncryption
68:00:00:52:ed:c0:7d:c5:4e:8f:6d:13:57:49:24:79:54:20:
15:12:82:0f:a0:88:73:69:a1:9f:e7:61:7b:56:e2:cb:8c:ac:
0f:fd:6b:7d:53:00:02:9b:10:ee:18:15:2e:1c:30:59:78:e8:
44:ac:02:2f:03:2e:5a:d8:28:51:bd:8f:84:4d:35:c5:55:c5:
8b:8f:4e:20:34:1d:a8:3b:73:1b:0e:ad:18:8f:79:a1:37:07:
8f:01:37:dc:68:18:e0:e9:0e:c0:57:fa:30:e1:12:cb:45:b1:
09:83:80:97:ec:db:f7:41:7f:2b:27:dd:f6:4d:cb:d2:aa:df:
ec:b7:58:63:a1:ff:a9:b8:b3:64:76:16:4e:dc:37:3c:b5:41:
8e:04:cf:c2:81:d7:50:5a:34:bf:af:a1:cf:90:93:93:ad:dd:
87:83:ca:b5:d4:fd:4e:c3:a3:c4:65:96:66:f1:35:e7:c1:41:
97:49:f2:b6:43:f2:d1:8a:fa:09:da:8e:7c:08:99:58:cf:a4:
0e:b4:3f:84:83:a0:58:a2:fa:6d:81:85:a0:9e:48:11:84:b7:
b9:01:e4:c1:6f:03:a5:b1:a7:82:d0:e6:71:a1:e4:05:4c:d3:
66:9b:0c:47:56:5b:bb:74:0e:b2:f4:15:7e:14:c3:20:cb:8e:
75:32:70:5c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK+6BZcAeNrlgVcP+e6MwMwsfNN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMDVaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1NDQ3OWY3ZDZhZWMxNmQ1OGQyYWVjY2YxYjQzYzFjZjc1ZmY4NTk5MDRm
Yjk5ZjJhNTA2MGUxNzc1OGQ3OWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIt4UIgDjZDnL7i5SwEsVUQoQhdiiNYTxvBHhurkb7zwJRtoxknGiuTkQdHA
7nJz23Bm3ZWzlnea8acjCFkGZAR+gFtjXLHs8giON1+JQToZ9x+/3fyAeOzT4MzZ
H4ID+iuC6OT+bTUTDwFz3C1YUkk3unVoHOWgakVNCl0axox3zfGZCnGbKXBE6by0
jFDnBQtB3gFQEMxkQIkljAVP5sI+D+obN/J9zS3KVYdXlCsS2uudWnY0/xnMnzGh
hwtCdIZj+VZyWCxsfajl/hifqgug8nGwL4ipAbBm1QDRDpwMW8rTVCxvNLeSeQmE
Ps0u1RdhV4r5V4YQ4n4rieQHAgcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSMk+Ww
jJqQjIvSeoEgldIjYKxMXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWI4Zjk4MzItZGY5Yi00ZmM4LTk0ZGEtNWU4ODNlMGQ2ZTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCA
MA0GCSqGSIb3DQEBCwUAA4IBAQBoAABS7cB9xU6PbRNXSSR5VCAVEoIPoIhzaaGf
52F7VuLLjKwP/Wt9UwACmxDuGBUuHDBZeOhErAIvAy5a2ChRvY+ETTXFVcWLj04g
NB2oO3MbDq0Yj3mhNwePATfcaBjg6Q7AV/ow4RLLRbEJg4CX7Nv3QX8rJ932TcvS
qt/st1hjof+puLNkdhZO3Dc8tUGOBM/CgddQWjS/r6HPkJOTrd2Hg8q11P1Ow6PE
ZZZm8TXnwUGXSfK2Q/LRivoJ2o58CJlYz6QOtD+Eg6BYovptgYWgnkgRhLe5AeTB
bwOlsaeC0OZxoeQFTNNmmwxHVlu7dA6y9BV+FMMgy451MnBc
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:35 2025 by rpki-client