Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92b31fa2-be1a-423e-9acb-0e2168c2faa4.roa
File: 92b31fa2-be1a-423e-9acb-0e2168c2faa4.roa (raw, json)
Hash identifier: z6fTLD1U3F0U3roksjXto1o2jYDSbag8oI2w3OcbFrY=
Subject key identifier: 8C:EF:FD:6F:DA:8E:77:C0:D7:71:36:0D:F5:E4:B1:86:7A:54:05:43
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 42C4046F8C9D722D79E482AB2FE40EAB0D3D6DCD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92b31fa2-be1a-423e-9acb-0e2168c2faa4.roa
Signing time: Mon 21 Jul 2025 16:40:49 +0000
ROA not before: Mon 21 Jul 2025 16:40:49 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:4040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:c4:04:6f:8c:9d:72:2d:79:e4:82:ab:2f:e4:0e:ab:0d:3d:6d:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:40:49 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=f31938e5376dc8db4e4d77666478b00775fb7484b5b053787b2424d82eb5f057, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:90:be:85:a1:87:e0:e8:3b:da:09:4b:be:29:
19:60:5b:c0:ce:86:78:ca:1b:eb:bb:e9:02:7f:34:
c9:bf:b8:1f:ca:ec:9f:3c:86:b5:d7:51:0e:1e:cf:
32:f5:6e:68:d3:ad:b5:75:e6:31:13:fd:95:2a:53:
e7:72:51:4d:0f:34:48:18:d4:9b:1a:59:78:e2:6a:
eb:85:9b:34:22:01:8c:67:ad:22:21:a9:17:1f:38:
40:b3:5b:50:7c:9f:05:ef:a4:05:8f:bb:ad:d4:fa:
b2:1c:52:46:2c:6f:13:04:e9:02:2b:79:4f:42:ef:
de:c6:f7:b3:e0:eb:03:56:91:73:d8:27:5b:19:78:
e7:af:4c:24:4d:ed:55:84:2b:ac:20:7d:3a:8c:2d:
51:73:a3:08:aa:ce:25:1e:cd:d9:98:f1:f8:50:82:
de:10:3f:fb:a5:91:29:28:e2:56:93:ad:6c:15:34:
f8:90:e0:da:6e:a6:71:3a:d8:ac:df:be:40:1b:cf:
d7:41:ad:d7:9e:40:f5:c5:7a:f8:57:05:5b:3c:8d:
3c:f4:28:51:9f:32:70:59:4e:2b:d0:6a:f0:05:26:
ca:7a:bf:78:7c:eb:af:96:c0:74:a8:68:db:c1:85:
5a:ac:fa:a5:7b:41:fd:02:b1:7e:41:31:ee:44:b6:
e3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:EF:FD:6F:DA:8E:77:C0:D7:71:36:0D:F5:E4:B1:86:7A:54:05:43
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92b31fa2-be1a-423e-9acb-0e2168c2faa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:4040::/46
Signature Algorithm: sha256WithRSAEncryption
25:79:49:5b:7c:d4:02:2b:ac:a7:ea:33:38:67:21:38:65:1e:
85:f6:71:3f:9e:e5:35:eb:6e:af:d6:a3:78:f1:aa:e9:13:85:
b2:f5:27:de:e8:0b:33:6c:de:6e:9c:4e:38:95:3d:e9:40:b6:
34:5d:91:59:12:16:26:92:54:29:81:8d:5f:c1:b5:ad:67:6f:
0a:04:76:c2:f7:96:8f:0d:97:e5:eb:2a:56:ee:15:26:d7:31:
93:30:b9:d8:f4:a9:2c:39:e3:93:e2:da:e1:8c:e2:f9:01:15:
e1:d4:ab:3c:db:bb:18:e9:7d:fe:39:84:79:2f:0d:20:3e:39:
22:2f:9e:81:39:7c:5d:c8:e7:5c:4d:d1:6a:00:d1:4b:49:34:
2a:13:6e:4b:cd:66:38:43:30:b2:85:b8:bd:01:b9:5a:01:bd:
19:00:16:1a:06:2b:73:99:11:68:8f:af:15:c5:c0:71:0f:35:
9f:9e:15:9d:ba:ca:48:36:eb:eb:38:32:f5:55:dc:eb:e7:6d:
2d:2b:44:e6:78:a3:a2:96:24:ec:13:32:7c:4e:f2:b0:49:59:
27:53:35:70:65:b8:0e:fa:ea:6d:42:76:23:1b:ef:d3:ec:f0:
38:2b:a9:58:0b:a0:f5:76:1f:80:29:38:33:da:1e:95:11:7c:
31:a7:63:c4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQsQEb4ydci155IKrL+QOqw09bc0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjQwNDlaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzMTkzOGU1Mzc2ZGM4ZGI0ZTRkNzc2NjY0NzhiMDA3NzVmYjc0ODRiNWIw
NTM3ODdiMjQyNGQ4MmViNWYwNTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJmQvoWhh+DoO9oJS74pGWBbwM6GeMob67vpAn80yb+4H8rsnzyGtddRDh7P
MvVuaNOttXXmMRP9lSpT53JRTQ80SBjUmxpZeOJq64WbNCIBjGetIiGpFx84QLNb
UHyfBe+kBY+7rdT6shxSRixvEwTpAit5T0Lv3sb3s+DrA1aRc9gnWxl4569MJE3t
VYQrrCB9OowtUXOjCKrOJR7N2Zjx+FCC3hA/+6WRKSjiVpOtbBU0+JDg2m6mcTrY
rN++QBvP10Gt155A9cV6+FcFWzyNPPQoUZ8ycFlOK9Bq8AUmynq/eHzrr5bAdKho
28GFWqz6pXtB/QKxfkEx7kS241UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSM7/1v
2o53wNdxNg315LGGelQFQzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTJiMzFmYTItYmUxYS00MjNlLTlhY2ItMGUyMTY4YzJmYWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNA
QDANBgkqhkiG9w0BAQsFAAOCAQEAJXlJW3zUAiusp+ozOGchOGUehfZxP57lNetu
r9ajePGq6ROFsvUn3ugLM2zebpxOOJU96UC2NF2RWRIWJpJUKYGNX8G1rWdvCgR2
wveWjw2X5esqVu4VJtcxkzC52PSpLDnjk+La4Yzi+QEV4dSrPNu7GOl9/jmEeS8N
ID45Ii+egTl8XcjnXE3RagDRS0k0KhNuS81mOEMwsoW4vQG5WgG9GQAWGgYrc5kR
aI+vFcXAcQ81n54VnbrKSDbr6zgy9VXc6+dtLStE5nijopYk7BMyfE7ysElZJ1M1
cGW4DvrqbUJ2Ixvv0+zwOCupWAug9XYfgCk4M9oelRF8MadjxA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:45 2025 by rpki-client