Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
File: 12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa (raw, json)
Hash identifier: UVKfn1pOqVxT0OmFEtyVa1Ysi8r6KvPiLTJ2Db7+4SU=
Subject key identifier: A2:4C:28:04:71:66:32:C8:35:59:72:63:9C:EC:A6:4D:21:58:7A:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63BA25D44FF87EF1FBEFCA5AF2C2871D49F77235
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
Signing time: Fri 26 Sep 2025 20:00:08 +0000
ROA not before: Fri 26 Sep 2025 20:00:08 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:ba:25:d4:4f:f8:7e:f1:fb:ef:ca:5a:f2:c2:87:1d:49:f7:72:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:00:08 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=c0adea9027760a70a59b064f73c8b837431b35e7374255b123d692623a022bd1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0c:1b:51:9e:f9:2a:6b:2f:f4:59:d9:5e:10:
51:07:ed:5b:37:5a:7f:f2:44:1d:ed:56:5c:06:6c:
09:4c:8e:b5:1a:8f:92:8d:2d:18:a4:f1:76:78:59:
95:cd:d9:a3:0c:e5:36:d4:2c:25:da:49:18:3a:75:
73:ed:f0:82:05:48:3a:29:19:5d:81:5f:9d:25:5e:
b8:98:e9:82:21:78:07:15:71:4b:10:28:1f:a0:b5:
93:2f:c6:f2:b4:25:5b:bf:27:52:6b:8d:27:ba:68:
ab:ac:c4:87:71:d3:54:33:36:65:51:6b:1e:24:9b:
bd:92:55:8c:ac:a4:be:19:6a:69:a4:03:f8:d0:36:
98:60:8c:c3:96:31:97:43:3f:c6:ba:42:44:e0:7a:
67:65:8b:13:76:a9:23:db:7a:ec:b1:bc:f6:c9:dd:
92:db:ad:24:f8:88:00:4a:d0:63:57:d9:be:d6:32:
43:2e:4c:bc:61:c9:c0:8c:0c:fb:62:d2:1a:4f:1b:
e5:80:94:be:97:6a:07:90:31:0b:1d:5e:92:cd:fc:
14:13:e9:ca:2c:b0:f3:a2:a0:4b:aa:0b:7a:db:79:
4c:79:b1:5c:13:79:0d:63:4d:29:5b:17:2d:51:10:
95:22:9a:65:6c:4f:ee:8e:56:5b:b6:8c:1f:97:29:
e1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:4C:28:04:71:66:32:C8:35:59:72:63:9C:EC:A6:4D:21:58:7A:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011::/38
Signature Algorithm: sha256WithRSAEncryption
61:7b:f1:c6:42:1c:37:45:71:f1:08:65:7c:1d:12:8e:98:fe:
9a:54:53:1e:f8:45:ab:77:6f:c1:84:af:9b:8b:36:34:09:50:
63:62:b3:2f:fa:6a:1e:af:7d:33:22:74:49:0c:b9:5d:15:3d:
12:bd:bf:87:00:b8:12:b3:9a:35:4d:e6:a5:28:5b:a5:0c:0a:
dc:f3:79:22:fa:3a:ef:f0:c4:eb:86:29:bb:c6:01:9f:b4:73:
23:d4:89:6c:77:2b:02:17:6f:cf:5f:1a:81:40:48:17:29:fc:
51:b3:03:db:12:2c:3c:df:34:46:0b:6b:46:5f:15:d7:d8:c9:
2d:d0:ad:4d:36:8f:8b:0c:19:aa:f8:94:3a:75:d4:46:3e:c5:
53:5e:d3:c6:57:5d:7a:06:c6:0f:79:28:67:d8:33:7b:7f:de:
2b:bd:54:0e:2a:94:31:8c:68:fe:89:b5:24:d3:ff:14:2f:e5:
3f:46:23:1d:86:4e:28:1f:6e:22:4c:53:65:0a:be:b2:e4:1d:
fe:bb:a9:38:67:cf:68:7e:1a:38:2f:58:ed:bc:42:78:04:54:
be:d3:18:1d:cd:ef:3c:4f:83:f7:0e:f2:62:aa:ca:c8:04:8e:
12:1c:34:4f:a6:77:4f:0e:30:5e:fa:0d:d8:96:c9:61:2e:a4:
c8:06:22:bb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY7ol1E/4fvH778pa8sKHHUn3cjUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAwMDhaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwYWRlYTkwMjc3NjBhNzBhNTliMDY0ZjczYzhiODM3NDMxYjM1ZTczNzQy
NTViMTIzZDY5MjYyM2EwMjJiZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKcMG1Ge+SprL/RZ2V4QUQftWzdaf/JEHe1WXAZsCUyOtRqPko0tGKTxdnhZ
lc3ZowzlNtQsJdpJGDp1c+3wggVIOikZXYFfnSVeuJjpgiF4BxVxSxAoH6C1ky/G
8rQlW78nUmuNJ7poq6zEh3HTVDM2ZVFrHiSbvZJVjKykvhlqaaQD+NA2mGCMw5Yx
l0M/xrpCROB6Z2WLE3apI9t67LG89sndktutJPiIAErQY1fZvtYyQy5MvGHJwIwM
+2LSGk8b5YCUvpdqB5AxCx1eks38FBPpyiyw86KgS6oLett5THmxXBN5DWNNKVsX
LVEQlSKaZWxP7o5WW7aMH5cp4RkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSiTCgE
cWYyyDVZcmOc7KZNIVh6QTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTIwOTliZjUtZjljMS00NjNlLTlmYzktZWFmNzkxZTMzOWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEA
MA0GCSqGSIb3DQEBCwUAA4IBAQBhe/HGQhw3RXHxCGV8HRKOmP6aVFMe+EWrd2/B
hK+bizY0CVBjYrMv+moer30zInRJDLldFT0Svb+HALgSs5o1TealKFulDArc83ki
+jrv8MTrhim7xgGftHMj1IlsdysCF2/PXxqBQEgXKfxRswPbEiw83zRGC2tGXxXX
2Mkt0K1NNo+LDBmq+JQ6ddRGPsVTXtPGV116BsYPeShn2DN7f94rvVQOKpQxjGj+
ibUk0/8UL+U/RiMdhk4oH24iTFNlCr6y5B3+u6k4Z89ofho4L1jtvEJ4BFS+0xgd
ze88T4P3DvJiqsrIBI4SHDRPpndPDjBe+g3YlslhLqTIBiK7
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:59 2025 by rpki-client