Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/715ce244-d76a-4faa-8b30-81259801a7e8.roa
File: 715ce244-d76a-4faa-8b30-81259801a7e8.roa (raw, json)
Hash identifier: RiCiGPKpy5n/euciI7nP0w/uUevgrpseHALjBcjxXNY=
Subject key identifier: 37:83:64:56:EF:EC:82:E5:73:75:16:12:61:19:C3:C9:C2:25:9A:09
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7938FC6BF7C6B956D6B2A20795670A5A3B0F271A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/715ce244-d76a-4faa-8b30-81259801a7e8.roa
Signing time: Fri 25 Jul 2025 16:50:03 +0000
ROA not before: Fri 25 Jul 2025 16:50:03 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:38:fc:6b:f7:c6:b9:56:d6:b2:a2:07:95:67:0a:5a:3b:0f:27:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:50:03 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=aed13323c680dc04cd053f3bc99fd649d78aa015490d0439d816295ad27591e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3b:db:cb:13:cc:a9:58:29:a8:a2:8b:12:76:
8d:c6:d6:ca:16:e6:2a:cc:7b:c0:78:68:d5:cf:ed:
ba:4a:8f:1e:87:1a:2a:95:7f:70:83:16:a9:b1:92:
d7:b4:eb:37:9c:59:13:36:be:b6:66:11:2d:2f:8d:
0d:a2:cf:aa:d1:be:bf:4d:d1:1c:3f:62:fb:cf:b4:
4b:79:16:fa:be:4c:b1:5c:8a:92:ac:64:35:01:b7:
d3:12:68:73:75:5c:7f:77:09:dd:c8:95:97:4b:36:
2d:29:7e:bb:1b:54:55:69:79:e5:5b:14:36:74:d9:
61:94:53:9b:01:e6:0f:8f:8d:35:0c:e5:6d:c7:ed:
37:b4:17:01:51:ce:c4:0b:ff:c7:f0:a7:fc:f0:58:
88:48:6e:0b:33:be:0d:b2:5a:18:b9:83:26:cb:bb:
a2:a2:a1:10:b8:57:bc:75:45:5e:6d:f2:ae:bc:f8:
9f:4c:69:89:61:7f:33:bf:80:8e:ea:ad:7b:df:fe:
77:1d:97:eb:f6:b3:43:a6:d2:f7:f1:e4:c3:bb:bb:
f9:84:bb:53:a9:ef:73:8f:9d:9a:f1:b0:d4:70:29:
7c:f0:11:f9:33:ef:65:c1:ce:92:05:1a:48:d9:62:
14:15:72:36:a0:34:71:a2:d4:3a:28:dd:17:50:c1:
d0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:83:64:56:EF:EC:82:E5:73:75:16:12:61:19:C3:C9:C2:25:9A:09
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/715ce244-d76a-4faa-8b30-81259801a7e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:6000::/40
Signature Algorithm: sha256WithRSAEncryption
af:47:ed:a9:7a:7e:62:bd:41:40:d1:b6:d4:5f:f7:2a:dc:28:
cd:d7:51:7b:73:98:ab:be:7c:46:16:23:59:1a:09:3b:3c:87:
45:4e:09:1a:15:ab:fa:dd:e2:f5:2b:7d:3a:78:ab:4b:98:bf:
2f:47:4c:37:83:62:b5:da:09:af:d0:5a:7e:ca:10:b1:59:b8:
ca:4e:8a:ae:72:3d:0d:fa:ed:dd:24:d8:f6:45:f3:5d:8c:a7:
f5:65:86:61:5e:3e:f3:38:ef:76:e4:72:fd:bd:0b:93:b4:34:
be:ca:00:fb:78:1f:8f:4e:c8:63:48:3b:08:79:23:45:a8:5f:
fd:6c:c7:11:22:45:eb:17:fc:1e:b8:c3:f6:a3:ab:fc:2c:37:
af:90:51:58:7f:03:1e:4e:fa:19:55:22:7e:60:97:73:11:23:
7e:74:58:f9:f3:18:69:f7:ba:6d:44:94:4a:1f:d7:43:3a:b7:
83:42:63:06:08:64:b6:e2:ca:c9:50:52:22:19:e8:5d:f6:2b:
85:d5:68:76:f2:55:27:73:c3:4a:be:fb:96:13:cd:e0:c9:8a:
7f:22:a9:a0:01:46:b0:e6:ee:c2:9c:15:aa:73:cb:37:3b:bc:
77:72:ab:2e:e4:a0:83:91:e3:73:c0:5c:c5:a2:b5:a8:0e:dd:
dd:d9:f9:6a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeTj8a/fGuVbWsqIHlWcKWjsPJxowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUwMDNaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlZDEzMzIzYzY4MGRjMDRjZDA1M2YzYmM5OWZkNjQ5ZDc4YWEwMTU0OTBk
MDQzOWQ4MTYyOTVhZDI3NTkxZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKA728sTzKlYKaiiixJ2jcbWyhbmKsx7wHho1c/tukqPHocaKpV/cIMWqbGS
17TrN5xZEza+tmYRLS+NDaLPqtG+v03RHD9i+8+0S3kW+r5MsVyKkqxkNQG30xJo
c3Vcf3cJ3ciVl0s2LSl+uxtUVWl55VsUNnTZYZRTmwHmD4+NNQzlbcftN7QXAVHO
xAv/x/Cn/PBYiEhuCzO+DbJaGLmDJsu7oqKhELhXvHVFXm3yrrz4n0xpiWF/M7+A
juqte9/+dx2X6/azQ6bS9/Hkw7u7+YS7U6nvc4+dmvGw1HApfPAR+TPvZcHOkgUa
SNliFBVyNqA0caLUOijdF1DB0N8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3g2RW
7+yC5XN1FhJhGcPJwiWaCTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzE1Y2UyNDQtZDc2YS00ZmFhLThiMzAtODEyNTk4MDFhN2U4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Flg
MA0GCSqGSIb3DQEBCwUAA4IBAQCvR+2pen5ivUFA0bbUX/cq3CjN11F7c5irvnxG
FiNZGgk7PIdFTgkaFav63eL1K306eKtLmL8vR0w3g2K12gmv0Fp+yhCxWbjKToqu
cj0N+u3dJNj2RfNdjKf1ZYZhXj7zOO925HL9vQuTtDS+ygD7eB+PTshjSDsIeSNF
qF/9bMcRIkXrF/weuMP2o6v8LDevkFFYfwMeTvoZVSJ+YJdzESN+dFj58xhp97pt
RJRKH9dDOreDQmMGCGS24srJUFIiGehd9iuF1Wh28lUnc8NKvvuWE83gyYp/Iqmg
AUaw5u7CnBWqc8s3O7x3cqsu5KCDkeNzwFzForWoDt3d2flq
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:57:57 2025 by rpki-client