Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8bc6184b-4b16-4844-96e2-71541ff10974.roa
File: 8bc6184b-4b16-4844-96e2-71541ff10974.roa (raw, json)
Hash identifier: 8meDu4+/g/EPYIN61HhlIa7UUuvcCSVzmP5iBOCWuU8=
Subject key identifier: 4E:8A:A8:D0:35:55:1A:E1:45:9C:B5:38:BA:B1:1C:6E:47:7F:D2:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1BDCA9A3DDC7C89B68A9B46E85011C32C3149C53
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8bc6184b-4b16-4844-96e2-71541ff10974.roa
Signing time: Fri 25 Jul 2025 16:50:45 +0000
ROA not before: Fri 25 Jul 2025 16:50:45 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:dc:a9:a3:dd:c7:c8:9b:68:a9:b4:6e:85:01:1c:32:c3:14:9c:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:50:45 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=dd1daec9bb7f158a05814dedf4f815fc9917c8d4a4f426fddd55d4d36cc78261, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:79:58:85:c7:d8:bb:04:41:bf:da:34:61:09:
9e:81:ae:48:50:dc:25:f3:80:e2:ef:8e:9c:a8:a7:
bb:99:69:fd:3a:46:84:17:b3:3a:c0:2a:aa:5f:bf:
14:dd:43:8e:1c:b3:c8:5c:1b:87:e4:95:bd:6b:6a:
4f:71:e3:95:32:12:09:fa:1d:ec:b6:0c:b6:dd:67:
d0:df:f8:6c:c7:86:08:fe:87:01:58:1a:69:30:26:
81:51:04:23:11:15:01:57:56:6c:52:b9:22:fa:5e:
5b:fe:28:ca:3a:c3:6e:7c:7e:e0:3e:ca:9b:81:5a:
e2:a0:26:3f:1b:78:5c:59:80:6c:ef:22:b9:35:f3:
ab:29:74:46:6e:93:5c:a9:eb:3d:28:5f:52:3d:2b:
52:b6:4b:5b:56:73:c7:40:02:9a:c9:36:0c:cb:3c:
c3:b0:9c:b9:b9:aa:26:d2:92:45:b1:d2:4b:fa:8f:
0c:0d:3d:77:c5:ea:24:87:d3:1b:3f:d5:c2:99:4e:
97:f4:d2:4a:a0:4b:61:2f:78:7a:ee:bb:fc:5a:cd:
57:45:cc:19:41:36:bd:87:ce:ec:f3:dc:40:e3:9c:
51:ee:89:18:32:63:fe:e4:e0:78:e8:3f:5b:4d:9d:
08:b6:28:59:ef:bb:d2:c4:46:89:42:6d:84:d9:89:
2e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:8A:A8:D0:35:55:1A:E1:45:9C:B5:38:BA:B1:1C:6E:47:7F:D2:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8bc6184b-4b16-4844-96e2-71541ff10974.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c000::/40
Signature Algorithm: sha256WithRSAEncryption
15:55:0d:7a:9c:24:8c:2c:db:d5:4a:11:45:85:50:a6:03:7a:
8d:ba:3d:fa:75:6a:08:6c:b9:d3:28:df:56:a9:6a:ba:42:b0:
d7:36:89:a1:12:e4:21:b4:ff:e1:ea:57:54:9c:c7:07:93:c1:
60:20:8d:1d:f8:73:1f:03:46:0a:e2:b2:81:8c:c1:da:78:f1:
ef:ae:ac:29:7f:3a:4f:69:f8:f9:fd:6e:b2:44:09:8d:f5:8e:
00:b1:c0:f1:63:cb:c0:9f:37:6a:51:ac:8d:e0:9f:e7:7c:27:
66:da:98:5f:c4:ea:10:a2:d3:eb:2d:21:3f:20:eb:f3:ef:20:
ef:f3:b9:51:48:51:00:69:b2:50:b1:b7:b1:02:54:0e:0f:e9:
68:0f:02:2c:81:0f:98:8a:9d:be:fb:22:4b:38:74:b9:84:80:
9a:53:d5:cc:4c:d2:12:7e:e3:49:b5:d5:e0:5b:5d:13:71:f4:
71:c7:b5:b6:0a:d5:cf:4a:d6:8f:74:6d:76:81:9b:74:0b:a5:
12:02:fe:99:da:dd:96:c7:11:e2:5c:db:b2:a9:59:62:bd:30:
c5:e6:c5:bd:7c:d7:7d:62:16:7a:8f:a4:1a:d9:75:97:f8:c6:
de:8b:2f:30:3e:53:89:1b:e5:e2:20:6a:b7:4a:73:85:b6:40:
fd:7e:77:c5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG9ypo93HyJtoqbRuhQEcMsMUnFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUwNDVaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkMWRhZWM5YmI3ZjE1OGEwNTgxNGRlZGY0ZjgxNWZjOTkxN2M4ZDRhNGY0
MjZmZGRkNTVkNGQzNmNjNzgyNjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZ5WIXH2LsEQb/aNGEJnoGuSFDcJfOA4u+OnKinu5lp/TpGhBezOsAqql+/
FN1DjhyzyFwbh+SVvWtqT3HjlTISCfod7LYMtt1n0N/4bMeGCP6HAVgaaTAmgVEE
IxEVAVdWbFK5IvpeW/4oyjrDbnx+4D7Km4Fa4qAmPxt4XFmAbO8iuTXzqyl0Rm6T
XKnrPShfUj0rUrZLW1Zzx0ACmsk2DMs8w7CcubmqJtKSRbHSS/qPDA09d8XqJIfT
Gz/VwplOl/TSSqBLYS94eu67/FrNV0XMGUE2vYfO7PPcQOOcUe6JGDJj/uTgeOg/
W02dCLYoWe+70sRGiUJthNmJLhMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBROiqjQ
NVUa4UWctTi6sRxuR3/SdjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGJjNjE4NGItNGIxNi00ODQ0LTk2ZTItNzE1NDFmZjEwOTc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTA
MA0GCSqGSIb3DQEBCwUAA4IBAQAVVQ16nCSMLNvVShFFhVCmA3qNuj36dWoIbLnT
KN9WqWq6QrDXNomhEuQhtP/h6ldUnMcHk8FgII0d+HMfA0YK4rKBjMHaePHvrqwp
fzpPafj5/W6yRAmN9Y4AscDxY8vAnzdqUayN4J/nfCdm2phfxOoQotPrLSE/IOvz
7yDv87lRSFEAabJQsbexAlQOD+loDwIsgQ+Yip2++yJLOHS5hICaU9XMTNISfuNJ
tdXgW10TcfRxx7W2CtXPStaPdG12gZt0C6USAv6Z2t2WxxHiXNuyqVlivTDF5sW9
fNd9YhZ6j6Qa2XWX+Mbeiy8wPlOJG+XiIGq3SnOFtkD9fnfF
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:00:34 2025 by rpki-client