Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d8c280f-edb2-45fb-9207-8226dc900bb1.roa
File: 0d8c280f-edb2-45fb-9207-8226dc900bb1.roa (raw, json)
Hash identifier: UyQONioq9HpOdIk3yx2MBXLBYshX2k6r+rqt88IWZbI=
Subject key identifier: 22:6C:E5:52:F8:A3:4F:17:C6:3C:F1:22:6D:C9:A9:33:1A:6D:BF:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C8F03DEB0D4591F77D97F407E9C802E2DD81164
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d8c280f-edb2-45fb-9207-8226dc900bb1.roa
Signing time: Fri 26 Sep 2025 18:41:52 +0000
ROA not before: Fri 26 Sep 2025 18:41:52 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:8f:03:de:b0:d4:59:1f:77:d9:7f:40:7e:9c:80:2e:2d:d8:11:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:41:52 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=bbc6dad7af4d86f9024da4701db409345d987e0c1444011eabce2e5f86506a34, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1c:5f:2b:0d:16:6d:a1:d0:2c:a6:8c:a1:c5:
7a:b4:5d:26:fd:a1:ab:ca:67:bf:6d:74:44:89:5a:
3e:e6:7e:de:45:15:06:df:4a:c8:cc:00:80:f5:99:
78:17:e3:8e:44:8c:b1:d3:64:69:75:00:39:01:2c:
bf:c4:7b:56:8e:02:a6:04:29:6d:8a:10:94:a5:9a:
52:32:b8:39:ef:c8:07:c6:e0:b3:30:1f:bb:67:4f:
d5:bb:ec:8a:9b:d0:fb:86:6b:bc:99:2d:dc:43:cd:
27:e0:a2:b7:5f:e7:3e:94:30:75:6d:c2:2b:4c:e9:
6c:94:c6:50:14:92:2c:90:e7:a1:ef:de:91:ee:9a:
b2:8b:bd:7f:32:70:ca:c6:fa:88:32:5a:de:cc:34:
b7:41:fb:fb:25:25:41:ea:cf:44:ab:a6:d1:50:53:
2e:46:35:d7:24:42:82:b4:22:f4:9d:7f:95:c5:fd:
ad:62:ab:9f:50:7f:44:78:fe:92:9f:8b:d9:64:cb:
ff:6f:c9:54:62:28:fa:06:0c:c7:c8:eb:7c:5d:b5:
3f:e8:13:ff:c1:0a:0f:34:7e:1e:bb:a1:79:7d:69:
28:d4:58:ad:e9:c4:d1:0d:49:1c:74:bb:b5:2b:25:
51:e5:d8:e7:fb:96:30:69:3d:a2:fd:3d:9c:7a:15:
1d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:6C:E5:52:F8:A3:4F:17:C6:3C:F1:22:6D:C9:A9:33:1A:6D:BF:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d8c280f-edb2-45fb-9207-8226dc900bb1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5080::/48
Signature Algorithm: sha256WithRSAEncryption
3f:11:79:76:7d:1e:09:17:59:bb:30:9c:ca:c6:99:eb:98:11:
8d:86:99:22:d0:51:09:0d:30:16:aa:5f:04:75:da:8c:0d:ef:
20:fe:42:1a:5d:38:b1:9e:bc:26:a1:97:93:bd:0c:fa:49:a9:
cb:a4:84:b9:00:6d:6a:f3:e5:06:1e:7c:67:a9:a0:ad:e5:0c:
88:b5:34:cc:d3:0f:ee:5a:94:aa:48:3a:91:3f:07:10:b4:ae:
62:f3:ae:68:32:b8:db:5d:40:f7:bc:a9:d3:60:14:d2:48:53:
28:d2:11:df:fa:e5:7d:2f:b6:a0:3c:44:1b:b2:24:54:58:94:
4d:4b:75:0d:36:ef:97:fd:b4:69:13:aa:fe:a2:0b:4e:a5:a0:
9b:3f:25:e7:1d:15:ee:fd:d5:6a:f9:f7:3d:3e:44:66:15:0c:
ec:0f:2c:eb:f5:79:0f:a9:f4:6e:3a:55:cd:94:a8:38:ff:03:
ec:00:4c:95:8f:e7:ae:78:b5:64:69:a0:f8:ba:ac:f4:ec:c0:
a7:36:bf:49:14:d1:dc:3d:4d:03:1d:e5:1b:ea:46:35:29:49:
29:66:2d:f2:f5:c1:69:e5:8e:c9:5a:77:89:f0:83:50:7b:4f:
11:31:ca:bb:27:9a:88:6f:41:84:bc:f3:c9:08:b5:8a:47:20:
2f:67:46:4f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHI8D3rDUWR932X9AfpyALi3YEWQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODQxNTJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiYzZkYWQ3YWY0ZDg2ZjkwMjRkYTQ3MDFkYjQwOTM0NWQ5ODdlMGMxNDQ0
MDExZWFiY2UyZTVmODY1MDZhMzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkcXysNFm2h0CymjKHFerRdJv2hq8pnv210RIlaPuZ+3kUVBt9KyMwAgPWZ
eBfjjkSMsdNkaXUAOQEsv8R7Vo4CpgQpbYoQlKWaUjK4Oe/IB8bgszAfu2dP1bvs
ipvQ+4ZrvJkt3EPNJ+Cit1/nPpQwdW3CK0zpbJTGUBSSLJDnoe/eke6asou9fzJw
ysb6iDJa3sw0t0H7+yUlQerPRKum0VBTLkY11yRCgrQi9J1/lcX9rWKrn1B/RHj+
kp+L2WTL/2/JVGIo+gYMx8jrfF21P+gT/8EKDzR+HruheX1pKNRYrenE0Q1JHHS7
tSslUeXY5/uWMGk9ov09nHoVHcECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQibOVS
+KNPF8Y88SJtyakzGm2/wzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGQ4YzI4MGYtZWRiMi00NWZiLTkyMDctODIyNmRjOTAwYmIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAPxF5dn0eCRdZuzCcysaZ65gRjYaZItBRCQ0w
FqpfBHXajA3vIP5CGl04sZ68JqGXk70M+kmpy6SEuQBtavPlBh58Z6mgreUMiLU0
zNMP7lqUqkg6kT8HELSuYvOuaDK4211A97yp02AU0khTKNIR3/rlfS+2oDxEG7Ik
VFiUTUt1DTbvl/20aROq/qILTqWgmz8l5x0V7v3Vavn3PT5EZhUM7A8s6/V5D6n0
bjpVzZSoOP8D7ABMlY/nrni1ZGmg+Lqs9OzApza/SRTR3D1NAx3lG+pGNSlJKWYt
8vXBaeWOyVp3ifCDUHtPETHKuyeaiG9BhLzzyQi1ikcgL2dGTw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:49 2025 by rpki-client