Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa
File: 9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa (raw, json)
Hash identifier: F/dA52S3YK5ezxUdtASxakWaj7ofZbLW433q4OqD4c8=
Subject key identifier: D3:92:7F:F5:D5:EC:54:6A:86:1C:F1:67:FA:81:6D:AB:B9:68:DE:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1875003C693E6327A6379166D2722E0AC94734E0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa
Signing time: Tue 29 Jul 2025 18:30:08 +0000
ROA not before: Tue 29 Jul 2025 18:30:08 +0000
ROA not after: Tue 02 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:a000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:75:00:3c:69:3e:63:27:a6:37:91:66:d2:72:2e:0a:c9:47:34:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 29 18:30:08 2025 GMT
Not After : Sep 2 23:59:59 2025 GMT
Subject: serialNumber=1fe5bf86c6aaf60a89d6b467acee4c9682c481edc161f7e56c7f3f505e091477, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:79:dd:cb:1b:4c:15:ea:36:2c:4a:b0:72:b4:
6b:f3:ae:1e:e1:6e:b4:32:c1:f2:01:63:23:46:ca:
48:c2:8d:0e:dd:5d:1e:f7:24:44:e4:65:21:ce:24:
94:b9:d2:74:b1:b6:70:73:39:c9:ba:ce:8b:d4:0c:
c1:10:4a:2a:fd:cc:a6:3a:23:ae:38:29:77:a6:a5:
a3:17:c2:de:65:39:60:27:9a:ed:dd:e0:13:25:56:
2f:46:94:f4:79:fc:ca:8b:6c:65:07:74:24:5d:be:
8a:6b:68:0e:f0:b4:ec:c3:7b:4b:57:ae:f1:4f:c1:
54:bd:f9:ed:f0:92:6c:1e:b7:e7:ad:00:5e:38:f4:
35:0f:a7:46:07:67:15:37:d4:ca:35:97:df:b9:45:
94:5f:48:9b:ef:3d:0f:9b:61:39:f4:fc:0d:c9:68:
93:3c:d1:af:6a:84:b9:29:91:4f:c7:0c:ea:33:a4:
4a:2a:bd:33:68:00:42:0f:50:22:c7:a9:4a:09:43:
db:db:48:ff:c1:b8:6e:95:0c:82:01:ea:be:20:32:
75:32:90:cd:2b:cf:fb:65:69:09:5e:aa:69:ab:44:
10:11:62:8e:30:5f:99:1a:5c:e7:8f:f6:0d:c4:34:
9d:8b:51:39:cd:c0:cb:d5:1e:fe:7e:5a:3d:53:b9:
45:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:92:7F:F5:D5:EC:54:6A:86:1C:F1:67:FA:81:6D:AB:B9:68:DE:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:a000::/48
Signature Algorithm: sha256WithRSAEncryption
45:d3:f3:99:a9:e9:0f:b9:61:48:39:fe:15:44:8f:5e:f2:99:
55:6f:30:08:d5:68:00:25:84:4c:a8:1b:3e:9b:68:4e:c8:38:
05:df:ea:98:87:38:d8:b8:f0:15:54:63:7a:8a:cb:72:65:b1:
f0:fa:43:19:34:a7:a1:db:eb:79:1e:9a:e2:1c:98:ca:fb:90:
e7:11:a4:7a:45:42:c1:88:5c:ab:0d:28:11:57:ee:8f:ab:2e:
f4:43:ee:bd:af:b4:c5:79:e2:62:07:5c:63:4a:cf:a8:24:5d:
fd:5f:39:be:81:5c:f4:af:be:6d:f8:b0:c5:c8:69:20:74:9e:
59:98:cd:4c:f2:76:57:c3:85:60:8b:f4:c9:a8:55:8f:53:f1:
61:9d:3b:9e:8a:6f:35:39:6b:ea:08:57:70:a1:9f:0f:a8:94:
e6:57:7b:55:cd:df:15:bf:3a:bd:46:e6:e1:45:50:89:33:93:
66:22:4e:b6:87:f6:a3:ca:d0:fa:46:97:cd:0c:fd:f9:44:64:
a4:6c:f0:d7:52:d8:36:78:b3:36:38:3d:68:43:9a:4e:24:7c:
d2:25:bd:80:9d:59:8b:86:8f:9f:8f:98:90:25:e9:58:38:c3:
f9:98:ee:38:6f:99:97:0e:3b:a2:0b:b1:73:1a:b8:19:16:00:
e3:8b:c8:20
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGHUAPGk+YyemN5Fm0nIuCslHNOAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjkxODMwMDhaFw0yNTA5MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmZTViZjg2YzZhYWY2MGE4OWQ2YjQ2N2FjZWU0Yzk2ODJjNDgxZWRjMTYx
ZjdlNTZjN2YzZjUwNWUwOTE0NzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALh53csbTBXqNixKsHK0a/OuHuFutDLB8gFjI0bKSMKNDt1dHvckRORlIc4k
lLnSdLG2cHM5ybrOi9QMwRBKKv3Mpjojrjgpd6aloxfC3mU5YCea7d3gEyVWL0aU
9Hn8yotsZQd0JF2+imtoDvC07MN7S1eu8U/BVL357fCSbB63560AXjj0NQ+nRgdn
FTfUyjWX37lFlF9Im+89D5thOfT8DclokzzRr2qEuSmRT8cM6jOkSiq9M2gAQg9Q
IsepSglD29tI/8G4bpUMggHqviAydTKQzSvP+2VpCV6qaatEEBFijjBfmRpc54/2
DcQ0nYtROc3Ay9Ue/n5aPVO5Ra0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTTkn/1
1exUaoYc8Wf6gW2ruWje1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWMxYTEwY2MtNWRjOS00NGJjLWE0ZDItOTM5NmJkOWJjOTU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Hag
ADANBgkqhkiG9w0BAQsFAAOCAQEARdPzmanpD7lhSDn+FUSPXvKZVW8wCNVoACWE
TKgbPptoTsg4Bd/qmIc42LjwFVRjeorLcmWx8PpDGTSnodvreR6a4hyYyvuQ5xGk
ekVCwYhcqw0oEVfuj6su9EPuva+0xXniYgdcY0rPqCRd/V85voFc9K++bfiwxchp
IHSeWZjNTPJ2V8OFYIv0yahVj1PxYZ07nopvNTlr6ghXcKGfD6iU5ld7Vc3fFb86
vUbm4UVQiTOTZiJOtof2o8rQ+kaXzQz9+URkpGzw11LYNnizNjg9aEOaTiR80iW9
gJ1Zi4aPn4+YkCXpWDjD+ZjuOG+Zlw47oguxcxq4GRYA44vIIA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:52 2025 by rpki-client