Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
File: 0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa (raw, json)
Hash identifier: GAMCyJTXfb48Bn6pR81/D43AXvUDlAfmYg5hBW28AE8=
Subject key identifier: 3F:08:6E:62:78:D6:8D:9A:7D:E8:48:A3:7D:E4:B7:51:29:B3:5C:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29EF93A06309AF55F54AEB1A66A5CCF48424275C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
Signing time: Fri 26 Sep 2025 19:51:31 +0000
ROA not before: Fri 26 Sep 2025 19:51:31 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:ef:93:a0:63:09:af:55:f5:4a:eb:1a:66:a5:cc:f4:84:24:27:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:51:31 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=4798f414361c1b13fb231c037e2a0ded8d8d652388856ab573e341bcf4530c2a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:95:81:89:d8:ff:79:a3:d4:3e:e7:7d:0b:70:
46:e9:ba:f2:52:88:27:40:da:8a:92:0c:aa:40:5f:
24:d3:18:03:f6:67:ae:9b:07:18:15:8b:66:73:a0:
52:f8:a6:9d:2e:fb:cf:1a:f1:84:e4:f0:d7:7b:96:
88:5f:28:1a:8b:6e:a3:82:7b:1e:66:15:66:b7:db:
1e:df:5a:57:10:cc:fa:f5:c5:3f:ee:90:50:b5:4e:
e3:c6:34:bb:24:f4:25:3f:a7:d2:08:12:1d:0f:ca:
33:6e:8e:89:ee:8a:b1:4d:5a:58:92:98:99:ef:b2:
50:3e:15:f8:45:7e:76:3f:73:7b:87:cc:2a:72:77:
3f:82:3d:d9:a4:14:97:66:60:e8:f1:1b:59:1a:34:
2c:39:69:b3:44:f6:bf:3c:11:0c:4d:80:8c:03:3a:
f9:18:66:c5:99:ad:58:d9:ab:01:0b:3b:60:85:00:
4c:21:9d:d8:28:01:09:64:82:59:67:78:49:07:38:
a0:3b:3d:73:17:05:30:de:4f:96:97:e4:07:93:59:
46:10:3e:0c:84:12:d5:71:e3:7d:7c:87:19:c2:30:
da:08:b6:74:d9:aa:38:6c:87:93:6d:79:3b:81:64:
62:6e:e9:01:5e:02:34:49:5d:a1:fe:09:e2:d2:2d:
a8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:08:6E:62:78:D6:8D:9A:7D:E8:48:A3:7D:E4:B7:51:29:B3:5C:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
03:8c:67:b0:9c:d0:2a:f6:2a:05:b0:65:c7:ac:01:3f:37:1a:
bc:48:7f:0c:32:28:58:d7:98:39:b4:7d:bc:11:69:86:3e:72:
c0:85:14:7b:43:a7:d2:30:d0:a9:d5:06:31:19:6d:6d:73:45:
f5:c2:77:cb:5b:81:24:64:20:28:ee:09:bf:3a:94:36:e9:4e:
6e:82:a3:e4:35:5e:06:c0:6a:99:7e:f3:5d:90:21:f7:b7:ec:
e5:fc:97:91:a7:3b:cf:7f:16:c4:83:e5:aa:e2:c6:f0:d9:d4:
93:5e:cc:7c:06:44:e8:b1:cb:13:cd:31:8a:b6:7d:84:01:d2:
48:96:a8:ac:36:ba:03:dc:34:67:45:c2:72:9c:c6:77:22:9c:
40:6d:f9:77:c7:8e:74:3d:44:6e:0d:ec:84:36:8a:d8:94:f1:
81:fc:fa:56:c2:e4:02:b6:f5:66:dd:5c:3e:ee:e4:36:eb:f8:
89:2e:19:38:28:1e:b2:0c:60:e6:7a:5e:07:3d:e7:90:d2:ee:
38:d7:5d:8d:1c:97:dc:71:54:9c:ab:54:95:ec:9b:95:f2:b6:
50:8f:3d:60:fe:15:72:5c:e0:bf:ed:3d:64:a6:77:56:2a:c9:
d4:bd:89:c4:32:0f:96:c1:a9:6d:ed:04:58:21:57:61:2c:03:
b2:fe:b4:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKe+ToGMJr1X1SusaZqXM9IQkJ1wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTUxMzFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3OThmNDE0MzYxYzFiMTNmYjIzMWMwMzdlMmEwZGVkOGQ4ZDY1MjM4ODg1
NmFiNTczZTM0MWJjZjQ1MzBjMmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSVgYnY/3mj1D7nfQtwRum68lKIJ0DaipIMqkBfJNMYA/ZnrpsHGBWLZnOg
UvimnS77zxrxhOTw13uWiF8oGotuo4J7HmYVZrfbHt9aVxDM+vXFP+6QULVO48Y0
uyT0JT+n0ggSHQ/KM26Oie6KsU1aWJKYme+yUD4V+EV+dj9ze4fMKnJ3P4I92aQU
l2Zg6PEbWRo0LDlps0T2vzwRDE2AjAM6+RhmxZmtWNmrAQs7YIUATCGd2CgBCWSC
WWd4SQc4oDs9cxcFMN5PlpfkB5NZRhA+DIQS1XHjfXyHGcIw2gi2dNmqOGyHk215
O4FkYm7pAV4CNEldof4J4tItqB0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ/CG5i
eNaNmn3oSKN95LdRKbNcYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGUwODI1MzctNmUzNi00NzRhLTlmZjgtYjdkM2JjYWFiYjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Drg
MA0GCSqGSIb3DQEBCwUAA4IBAQADjGewnNAq9ioFsGXHrAE/Nxq8SH8MMihY15g5
tH28EWmGPnLAhRR7Q6fSMNCp1QYxGW1tc0X1wnfLW4EkZCAo7gm/OpQ26U5ugqPk
NV4GwGqZfvNdkCH3t+zl/JeRpzvPfxbEg+Wq4sbw2dSTXsx8BkToscsTzTGKtn2E
AdJIlqisNroD3DRnRcJynMZ3IpxAbfl3x450PURuDeyENorYlPGB/PpWwuQCtvVm
3Vw+7uQ26/iJLhk4KB6yDGDmel4HPeeQ0u44112NHJfccVScq1SV7JuV8rZQjz1g
/hVyXOC/7T1kpndWKsnUvYnEMg+Wwalt7QRYIVdhLAOy/rT+
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:25 2025 by rpki-client