Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/689f17ea-2ccc-4beb-bf91-0695da802222.roa
File: 689f17ea-2ccc-4beb-bf91-0695da802222.roa (raw, json)
Hash identifier: XbDGTRsrF7p23Ht9FnCAiAb4Wng3a5xLAfkaebWELms=
Subject key identifier: CB:09:D1:74:C1:E1:6E:4C:91:38:0E:F0:43:EC:F3:CD:63:2F:3D:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F2E8BBDF9118EBA83F971F1699394B4C5FBB416
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/689f17ea-2ccc-4beb-bf91-0695da802222.roa
Signing time: Mon 28 Jul 2025 16:10:02 +0000
ROA not before: Mon 28 Jul 2025 16:10:02 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:2e:8b:bd:f9:11:8e:ba:83:f9:71:f1:69:93:94:b4:c5:fb:b4:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:02 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=6bf4b99934179707d128930facb041c0da20bb62319b9ec81f52d74d23485739, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f2:ad:45:f3:45:df:1e:4d:10:f2:f4:ba:0a:
bc:7b:6d:91:67:7c:0f:36:ec:6e:eb:97:d9:bb:ff:
d6:1d:da:54:c6:5a:66:55:16:87:8b:a9:86:5b:05:
8b:72:fe:82:0b:86:8d:15:ed:e6:af:75:fd:6f:b6:
08:21:65:29:4f:c0:d8:d3:91:82:5d:2b:cb:9d:e6:
af:84:15:ee:48:9c:ee:88:5e:f8:db:6f:d2:41:6a:
6a:76:6a:b5:d1:db:e3:2a:1d:8b:b7:18:2a:16:4e:
4c:5b:c4:d0:a0:82:50:57:47:cf:4a:66:8e:1a:a5:
ec:8c:f5:3a:ef:75:3a:01:56:ad:1f:39:cb:1a:bb:
c7:33:d4:27:05:b6:0a:3f:91:69:6a:ff:74:b9:b1:
c6:b2:fe:3c:93:49:46:0d:b6:28:d8:82:ce:17:d6:
59:f3:75:4c:4c:82:7d:4d:b2:07:5e:0d:d8:b5:c2:
9e:a3:8a:ab:60:c2:55:54:91:e1:94:b8:87:f8:50:
c1:78:c3:ee:a0:da:14:74:43:d2:18:89:b5:b6:13:
ba:35:76:fc:47:f4:a9:75:42:16:2a:cf:33:05:5d:
d8:9b:88:ba:51:2a:bf:12:fa:53:c2:f3:a2:50:96:
58:0a:0b:6e:ce:3e:c6:6b:df:93:dd:b7:91:35:79:
c3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:09:D1:74:C1:E1:6E:4C:91:38:0E:F0:43:EC:F3:CD:63:2F:3D:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/689f17ea-2ccc-4beb-bf91-0695da802222.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:1000::/40
Signature Algorithm: sha256WithRSAEncryption
b8:7c:ff:fa:a4:47:3b:1e:1d:dc:0e:cf:63:fc:89:02:ff:11:
c8:d3:22:b2:ae:57:9a:6a:90:7f:84:f0:6f:ba:72:19:ff:85:
a1:4c:5e:fc:d1:81:9d:8e:d8:77:e0:ef:fb:7c:2a:d4:e4:71:
28:c4:98:59:a1:53:d5:99:d4:c5:5e:c1:53:20:4e:b4:af:ae:
27:d0:66:69:a0:5b:ce:bd:cf:37:15:6c:bc:53:06:8e:20:1b:
3f:37:d5:8e:2c:94:ce:8f:9a:94:d4:b7:64:35:47:44:38:3c:
52:8d:17:5d:46:30:3c:82:df:b9:fd:62:c8:83:a3:af:08:e0:
57:bb:fa:6e:3b:0d:85:26:f5:95:aa:a0:dd:63:ee:ea:21:3c:
69:8c:3f:dd:fa:c8:98:63:d3:f3:69:d2:f6:91:bb:64:c3:bd:
93:31:58:ef:77:58:49:91:e8:6d:14:b7:23:a9:f1:a6:f9:7d:
0a:fa:f8:60:b7:79:16:e8:54:5e:59:96:b6:08:80:3c:c1:21:
e8:6d:05:ff:c9:f6:be:a7:bc:72:cd:40:09:f6:1c:ab:34:18:
ac:77:04:49:77:6f:7f:a1:b2:ee:11:79:b0:5c:3a:6e:b5:f7:
c4:f8:10:8d:57:78:9f:20:b1:bf:40:b2:92:d2:96:30:ae:a1:
75:7c:a2:6b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXy6LvfkRjrqD+XHxaZOUtMX7tBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMDJaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiZjRiOTk5MzQxNzk3MDdkMTI4OTMwZmFjYjA0MWMwZGEyMGJiNjIzMTli
OWVjODFmNTJkNzRkMjM0ODU3MzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7yrUXzRd8eTRDy9LoKvHttkWd8DzbsbuuX2bv/1h3aVMZaZlUWh4uphlsF
i3L+gguGjRXt5q91/W+2CCFlKU/A2NORgl0ry53mr4QV7kic7ohe+Ntv0kFqanZq
tdHb4yodi7cYKhZOTFvE0KCCUFdHz0pmjhql7Iz1Ou91OgFWrR85yxq7xzPUJwW2
Cj+RaWr/dLmxxrL+PJNJRg22KNiCzhfWWfN1TEyCfU2yB14N2LXCnqOKq2DCVVSR
4ZS4h/hQwXjD7qDaFHRD0hiJtbYTujV2/Ef0qXVCFirPMwVd2JuIulEqvxL6U8Lz
olCWWAoLbs4+xmvfk923kTV5w5UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTLCdF0
weFuTJE4DvBD7PPNYy89fDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njg5ZjE3ZWEtMmNjYy00YmViLWJmOTEtMDY5NWRhODAyMjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC4fP/6pEc7Hh3cDs9j/IkC/xHI0yKyrleaapB/
hPBvunIZ/4WhTF780YGdjth34O/7fCrU5HEoxJhZoVPVmdTFXsFTIE60r64n0GZp
oFvOvc83FWy8UwaOIBs/N9WOLJTOj5qU1LdkNUdEODxSjRddRjA8gt+5/WLIg6Ov
COBXu/puOw2FJvWVqqDdY+7qITxpjD/d+siYY9PzadL2kbtkw72TMVjvd1hJkeht
FLcjqfGm+X0K+vhgt3kW6FReWZa2CIA8wSHobQX/yfa+p7xyzUAJ9hyrNBisdwRJ
d29/obLuEXmwXDputffE+BCNV3ifILG/QLKS0pYwrqF1fKJr
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:24 2025 by rpki-client