Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
File: 17057de1-0841-47c5-9f52-f4f803d5e2d4.roa (raw, json)
Hash identifier: LcenWoAVe61QXo+M5VhMT8v3mKy2blbou20BCzQH59M=
Subject key identifier: BF:BC:1C:EC:90:B8:A1:1D:1E:66:0E:B8:28:56:4E:5B:D0:E8:35:A5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 75A0BD4A7C3039875CE5029E6E2F465F30FA65CE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
Signing time: Fri 26 Sep 2025 19:38:31 +0000
ROA not before: Fri 26 Sep 2025 19:38:31 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:a0:bd:4a:7c:30:39:87:5c:e5:02:9e:6e:2f:46:5f:30:fa:65:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:38:31 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=4b3e12154c5b1bd77af14062b7817b0a32d7d27617ce96b57ee30b1d9d7a6784, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b6:20:7e:76:79:08:a4:97:b3:17:cd:ef:a8:
b4:7a:60:9a:95:9b:6b:39:d8:49:cd:18:19:26:56:
03:2c:37:21:d1:f3:a4:46:91:6d:e4:ff:b4:39:96:
5b:4f:8d:28:dd:27:33:5a:27:6b:fd:1d:c8:8a:21:
18:8d:bd:e4:8a:76:05:69:cd:ee:83:c3:c8:28:4d:
47:75:43:2e:28:d1:cd:6e:26:ee:a5:66:b1:83:52:
02:0d:7b:9a:2b:20:e0:60:c2:4c:0f:30:be:b7:fa:
18:b6:f4:3c:40:ad:05:a0:cb:d8:d3:5d:77:da:fb:
9d:f5:32:d3:37:78:35:42:b6:82:2d:02:9e:44:50:
b3:a8:21:00:f2:71:ec:a9:3c:1a:bd:62:9c:9d:8e:
74:90:54:14:8e:01:5a:de:81:4a:d2:ab:90:8f:6c:
1d:27:70:74:a7:51:c5:4e:f1:e2:29:de:97:8e:36:
3e:28:f7:9b:4e:b5:2d:5c:cc:4f:06:6d:0b:cf:5a:
2b:7c:47:85:54:f5:81:51:62:01:4f:49:b2:8e:3f:
dd:cc:67:6a:34:c1:93:9a:84:ea:20:98:32:db:91:
9b:3c:4c:52:ef:3c:72:ec:43:9b:41:cf:a6:82:3b:
b3:45:fe:e5:83:54:02:f8:73:5c:27:19:db:15:94:
3d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:BC:1C:EC:90:B8:A1:1D:1E:66:0E:B8:28:56:4E:5B:D0:E8:35:A5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
6e:8b:28:9e:07:f0:46:36:6c:a8:ad:8d:28:52:15:f8:45:25:
71:d8:b1:86:6a:e2:04:7b:dd:1a:a1:e7:cb:cd:27:db:bc:b5:
31:3a:96:43:d0:5b:2c:2d:7b:fe:3a:a7:82:5b:a0:88:98:28:
18:d7:a0:93:c3:eb:b9:37:2b:80:49:51:25:d1:ea:01:94:04:
d7:af:ec:a1:06:10:4d:b9:7b:13:92:0a:c4:7e:20:b5:5a:84:
1e:81:10:63:60:80:a9:4f:9b:25:1c:18:69:c7:67:56:91:a4:
51:0f:d0:18:2f:3a:b6:09:62:30:fb:b8:d2:ea:62:f3:80:25:
51:18:ed:39:85:4c:ae:04:9c:c7:52:01:21:c7:a7:f1:0b:a6:
31:6a:c2:80:37:ef:d1:ea:6b:df:44:4e:6c:f5:e0:c7:46:40:
52:b1:3b:15:fc:9a:9d:2b:bc:bb:d5:e7:a9:35:31:a2:a4:1c:
ef:73:bf:7c:55:f1:3b:c0:1f:9e:64:a8:d3:10:14:61:87:b2:
9f:10:53:bc:49:2a:5d:61:61:11:25:35:79:22:bb:34:e9:ee:
97:49:18:ef:54:ab:7e:56:a2:86:12:7c:75:23:52:92:65:45:
c3:14:67:15:f8:25:53:f1:0c:e3:85:49:ec:37:62:65:28:b2:
b0:16:bc:ec
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdaC9SnwwOYdc5QKebi9GXzD6Zc4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTM4MzFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiM2UxMjE1NGM1YjFiZDc3YWYxNDA2MmI3ODE3YjBhMzJkN2QyNzYxN2Nl
OTZiNTdlZTMwYjFkOWQ3YTY3ODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+2IH52eQikl7MXze+otHpgmpWbaznYSc0YGSZWAyw3IdHzpEaRbeT/tDmW
W0+NKN0nM1ona/0dyIohGI295Ip2BWnN7oPDyChNR3VDLijRzW4m7qVmsYNSAg17
misg4GDCTA8wvrf6GLb0PECtBaDL2NNdd9r7nfUy0zd4NUK2gi0CnkRQs6ghAPJx
7Kk8Gr1inJ2OdJBUFI4BWt6BStKrkI9sHSdwdKdRxU7x4inel442Pij3m061LVzM
TwZtC89aK3xHhVT1gVFiAU9Jso4/3cxnajTBk5qE6iCYMtuRmzxMUu88cuxDm0HP
poI7s0X+5YNUAvhzXCcZ2xWUPbECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS/vBzs
kLihHR5mDrgoVk5b0Og1pTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTcwNTdkZTEtMDg0MS00N2M1LTlmNTItZjRmODAzZDVlMmQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dpg
MA0GCSqGSIb3DQEBCwUAA4IBAQBuiyieB/BGNmyorY0oUhX4RSVx2LGGauIEe90a
oefLzSfbvLUxOpZD0FssLXv+OqeCW6CImCgY16CTw+u5NyuASVEl0eoBlATXr+yh
BhBNuXsTkgrEfiC1WoQegRBjYICpT5slHBhpx2dWkaRRD9AYLzq2CWIw+7jS6mLz
gCVRGO05hUyuBJzHUgEhx6fxC6YxasKAN+/R6mvfRE5s9eDHRkBSsTsV/JqdK7y7
1eepNTGipBzvc798VfE7wB+eZKjTEBRhh7KfEFO8SSpdYWERJTV5Irs06e6XSRjv
VKt+VqKGEnx1I1KSZUXDFGcV+CVT8QzjhUnsN2JlKLKwFrzs
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:44 2025 by rpki-client