Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa
File: 19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa (raw, json)
Hash identifier: bRgaybxlYXZImiTC6qlOTBJ0oYG9pklVYhSqtIe0CFE=
Subject key identifier: 5B:C0:83:56:FF:7D:59:E0:63:C5:D3:63:3C:18:07:77:13:5D:98:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 085324FFE4C2B82E6502F4A35EE1E6CE7DD73EE3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa
Signing time: Fri 26 Sep 2025 18:38:59 +0000
ROA not before: Fri 26 Sep 2025 18:38:59 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:53:24:ff:e4:c2:b8:2e:65:02:f4:a3:5e:e1:e6:ce:7d:d7:3e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:38:59 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=e9ede5ffdc12316a5382483ed69443aa615bd2ce0ef1a68629a7b2afc63246a6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a8:54:da:f7:4a:55:9e:84:07:c5:19:8d:41:
f1:72:16:a9:f3:bf:7c:d6:0e:2a:54:c3:e7:3d:c7:
5b:de:02:e6:58:5b:b3:82:67:20:aa:5d:1b:f7:25:
3e:93:41:86:8f:02:c3:fa:89:0f:a4:b7:c8:db:38:
a1:e5:f5:ce:f0:b7:6a:ed:ae:87:c3:37:54:cd:ac:
d3:45:71:f7:86:42:20:1a:42:d9:0d:cc:f8:ff:26:
52:fe:68:65:e9:88:a1:73:77:f3:09:46:a8:9e:30:
f1:37:72:c0:26:ac:e5:53:9a:4f:23:3c:a9:dd:9c:
6f:6e:77:f7:3b:09:2d:c3:81:31:98:57:46:3b:98:
cf:03:fc:a4:fd:ac:db:ed:1f:e1:b2:2c:1d:a6:34:
c7:e5:73:46:54:6d:56:d2:e2:26:fa:bb:ac:82:08:
d9:92:fb:52:0a:11:dc:45:90:8d:c8:05:f3:1e:ac:
cb:f8:52:b8:ef:61:e5:ac:bf:86:9d:21:c2:74:9f:
4f:f2:3e:eb:12:46:2f:22:b2:95:30:ff:89:f6:48:
4a:d5:e2:75:03:82:f6:4f:66:df:f9:d5:71:95:45:
09:97:05:9c:4d:56:4e:26:24:89:d8:f6:ec:5d:64:
ef:4f:63:3c:e9:93:ff:1a:64:d3:55:14:8f:de:f7:
3f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:C0:83:56:FF:7D:59:E0:63:C5:D3:63:3C:18:07:77:13:5D:98:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:5080::/48
Signature Algorithm: sha256WithRSAEncryption
bd:41:09:b3:49:de:8c:53:b9:68:87:dc:d0:0f:51:a5:b3:82:
18:40:af:f7:10:0a:24:8e:be:a4:90:5b:42:48:ec:f6:1a:58:
fb:11:f5:39:a4:00:d1:ed:98:38:e1:1f:d1:e7:0b:a8:da:d2:
0f:fb:09:b6:65:68:41:f0:ee:16:4d:35:7d:af:53:19:e3:a4:
97:dd:b2:08:86:a9:26:99:9a:d4:3a:d8:57:52:5f:ca:5a:e9:
29:bd:6c:89:cd:f9:ba:3d:30:f3:50:01:85:05:81:d4:5d:92:
d6:c1:4f:a7:f8:b9:de:4d:e7:82:65:b3:08:dc:89:1f:85:20:
d2:52:d8:ee:ac:4e:50:49:39:d4:be:56:5c:bc:e8:51:1c:9b:
6b:ad:24:3f:68:d4:31:ea:9e:eb:27:51:2f:da:43:27:43:6b:
2c:ed:ed:5a:25:41:d1:72:74:73:25:99:e2:40:92:40:1d:0a:
9b:d0:57:6e:2d:b9:21:ff:4e:d5:4b:32:f7:4a:29:5a:b2:48:
7a:20:6a:6b:1e:6d:85:bd:cb:01:4b:d9:52:73:c8:5e:84:a2:
71:5b:d0:22:8b:44:b8:f3:ee:79:6c:be:45:24:35:f1:30:55:
fa:fc:9f:9d:19:08:30:fd:0c:34:73:4b:4d:36:eb:db:c4:23:
42:c3:52:7e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCFMk/+TCuC5lAvSjXuHmzn3XPuMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODM4NTlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5ZWRlNWZmZGMxMjMxNmE1MzgyNDgzZWQ2OTQ0M2FhNjE1YmQyY2UwZWYx
YTY4NjI5YTdiMmFmYzYzMjQ2YTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6oVNr3SlWehAfFGY1B8XIWqfO/fNYOKlTD5z3HW94C5lhbs4JnIKpdG/cl
PpNBho8Cw/qJD6S3yNs4oeX1zvC3au2uh8M3VM2s00Vx94ZCIBpC2Q3M+P8mUv5o
ZemIoXN38wlGqJ4w8TdywCas5VOaTyM8qd2cb2539zsJLcOBMZhXRjuYzwP8pP2s
2+0f4bIsHaY0x+VzRlRtVtLiJvq7rIII2ZL7UgoR3EWQjcgF8x6sy/hSuO9h5ay/
hp0hwnSfT/I+6xJGLyKylTD/ifZIStXidQOC9k9m3/nVcZVFCZcFnE1WTiYkidj2
7F1k709jPOmT/xpk01UUj973PyUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRbwINW
/31Z4GPF02M8GAd3E12YdTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTlhMjdkOWYtM2NjOS00YWM0LTlhZmItMzk5ZjY2YmVlNjBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q
gDANBgkqhkiG9w0BAQsFAAOCAQEAvUEJs0nejFO5aIfc0A9RpbOCGECv9xAKJI6+
pJBbQkjs9hpY+xH1OaQA0e2YOOEf0ecLqNrSD/sJtmVoQfDuFk01fa9TGeOkl92y
CIapJpma1DrYV1JfylrpKb1sic35uj0w81ABhQWB1F2S1sFPp/i53k3ngmWzCNyJ
H4Ug0lLY7qxOUEk51L5WXLzoURyba60kP2jUMeqe6ydRL9pDJ0NrLO3tWiVB0XJ0
cyWZ4kCSQB0Km9BXbi25If9O1Usy90opWrJIeiBqax5thb3LAUvZUnPIXoSicVvQ
IotEuPPueWy+RSQ18TBV+vyfnRkIMP0MNHNLTTbr28QjQsNSfg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:19 2025 by rpki-client