Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f231f7ae-7dbf-4dbb-8f7a-91b4103218aa.roa
File: f231f7ae-7dbf-4dbb-8f7a-91b4103218aa.roa (raw, json)
Hash identifier: 6IKdGy5wT8E5S8nqfc1zNQl0LD4UHDmKu+KMycVj1tQ=
Subject key identifier: B2:EE:CB:3D:59:93:C0:D5:D3:6C:0F:8B:BA:5E:9F:02:98:72:70:EB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65907CE3216809E193FF1B64C5C42363B8EA1BB4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f231f7ae-7dbf-4dbb-8f7a-91b4103218aa.roa
Signing time: Tue 10 Jun 2025 17:20:21 +0000
ROA not before: Tue 10 Jun 2025 17:20:21 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:90:7c:e3:21:68:09:e1:93:ff:1b:64:c5:c4:23:63:b8:ea:1b:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:21 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=c289d711ab1b2f4e18dcbdfe5282713d499a2f4c39535e7c9b36066d7408e6bb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:88:53:9b:0e:ac:b3:12:30:3d:54:9a:15:16:
ce:a6:de:be:cc:6b:a5:97:e5:6c:ba:fe:f7:0c:1a:
bd:f7:a9:b8:f2:fa:fc:27:98:11:db:4b:02:cd:ec:
1a:3f:e3:9d:ba:f3:53:48:23:ad:02:67:5c:da:ea:
03:11:ec:ad:6d:96:3b:d6:e2:32:39:81:32:11:6a:
c5:55:72:5e:ec:49:6d:d0:63:95:05:51:62:2b:71:
bb:4e:34:92:06:b8:f8:d3:ec:d9:85:c0:5c:01:00:
b5:21:0e:12:3d:b5:73:17:b2:e3:74:f1:c7:4a:05:
6e:58:8d:1e:a7:b0:9b:5a:50:51:7c:83:51:55:18:
e8:a2:a4:cb:3a:b8:76:dc:bc:e5:3d:ae:27:89:c7:
19:99:35:9a:96:91:ca:97:f7:5a:6a:ce:1d:ce:92:
6e:91:08:de:54:e5:47:e3:63:89:f4:b8:95:a0:39:
2f:30:25:2e:dc:ec:e4:d3:66:67:92:98:a2:a4:27:
ea:3d:79:58:bd:ad:f4:bb:f1:34:8f:08:3e:12:d5:
32:78:16:dd:b1:fb:5b:0c:77:f1:53:af:d8:1d:9a:
f1:84:74:ae:a5:20:2b:e0:f0:fc:bc:95:f0:ee:4c:
cf:e0:c3:3e:8f:4e:d8:ea:a0:6d:bd:a5:21:44:42:
aa:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:EE:CB:3D:59:93:C0:D5:D3:6C:0F:8B:BA:5E:9F:02:98:72:70:EB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f231f7ae-7dbf-4dbb-8f7a-91b4103218aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
ae:94:76:49:c0:64:8b:5b:4a:32:8b:47:bb:5e:8d:5c:e3:ba:
a0:ba:0a:21:a7:cb:60:8c:ee:d2:01:92:5f:9f:94:3f:65:a5:
46:ad:c7:ce:42:d0:ef:75:ff:4f:9d:cb:f5:21:02:d5:e6:d5:
f4:b8:e3:5e:ea:2c:73:3f:6c:be:8b:e2:90:50:52:16:9e:33:
8a:94:e1:44:4d:51:09:19:b2:00:56:ca:b8:1f:04:2c:2f:5a:
8e:5b:e7:77:fd:5c:f4:2d:a7:68:28:2a:82:97:eb:1d:b8:a8:
fb:4b:f1:6b:7f:6c:ef:9f:ab:cc:0f:af:8a:d3:18:09:61:bd:
af:9e:03:5a:26:05:7a:37:0e:25:3c:14:01:d0:e4:77:d6:87:
5e:48:9a:26:5a:a4:f3:df:3a:05:1c:eb:2d:4a:97:4b:c9:f6:
a6:7e:b5:e7:d2:87:d4:7b:dc:db:34:9d:50:2c:f8:e3:4c:15:
c7:70:9c:bb:fb:4b:f9:63:20:d1:7b:60:85:52:59:a5:b7:e1:
f6:ed:f8:85:c3:e1:3e:1b:7c:71:09:7d:b1:d7:22:5b:dc:3e:
43:ab:42:ce:2e:89:db:b8:0e:99:d9:fa:94:ab:e4:6c:f3:3f:
fd:09:fe:c1:b2:b9:e8:be:86:8f:8c:4d:38:47:c8:be:a1:92:
aa:65:c5:bc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZZB84yFoCeGT/xtkxcQjY7jqG7QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwMjFaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyODlkNzExYWIxYjJmNGUxOGRjYmRmZTUyODI3MTNkNDk5YTJmNGMzOTUz
NWU3YzliMzYwNjZkNzQwOGU2YmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2IU5sOrLMSMD1UmhUWzqbevsxrpZflbLr+9wwavfepuPL6/CeYEdtLAs3s
Gj/jnbrzU0gjrQJnXNrqAxHsrW2WO9biMjmBMhFqxVVyXuxJbdBjlQVRYitxu040
kga4+NPs2YXAXAEAtSEOEj21cxey43Txx0oFbliNHqewm1pQUXyDUVUY6KKkyzq4
dty85T2uJ4nHGZk1mpaRypf3WmrOHc6SbpEI3lTlR+NjifS4laA5LzAlLtzs5NNm
Z5KYoqQn6j15WL2t9LvxNI8IPhLVMngW3bH7Wwx38VOv2B2a8YR0rqUgK+Dw/LyV
8O5Mz+DDPo9O2Oqgbb2lIURCqn8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSy7ss9
WZPA1dNsD4u6Xp8CmHJw6zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjIzMWY3YWUtN2RiZi00ZGJiLThmN2EtOTFiNDEwMzIxOGFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII
wDANBgkqhkiG9w0BAQsFAAOCAQEArpR2ScBki1tKMotHu16NXOO6oLoKIafLYIzu
0gGSX5+UP2WlRq3HzkLQ73X/T53L9SEC1ebV9LjjXuoscz9svovikFBSFp4zipTh
RE1RCRmyAFbKuB8ELC9ajlvnd/1c9C2naCgqgpfrHbio+0vxa39s75+rzA+vitMY
CWG9r54DWiYFejcOJTwUAdDkd9aHXkiaJlqk8986BRzrLUqXS8n2pn6159KH1Hvc
2zSdUCz440wVx3Ccu/tL+WMg0XtghVJZpbfh9u34hcPhPht8cQl9sdciW9w+Q6tC
zi6J27gOmdn6lKvkbPM//Qn+wbK56L6Gj4xNOEfIvqGSqmXFvA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:23 2025 by rpki-client