Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/325fa89c-1511-4efc-84ed-51af85c9ed14.roa
File: 325fa89c-1511-4efc-84ed-51af85c9ed14.roa (raw, json)
Hash identifier: wi7+rFICChWEKm0BT7dQgOarDpno4XD5xgIE9J8zAVc=
Subject key identifier: 2B:D9:9D:96:F4:85:AE:97:C3:F4:84:74:CF:70:CF:04:0C:22:17:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B6B9B244E684F03E94234CA574ACE9C938132F7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/325fa89c-1511-4efc-84ed-51af85c9ed14.roa
Signing time: Fri 10 Oct 2025 17:04:22 +0000
ROA not before: Fri 10 Oct 2025 17:04:22 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:6b:9b:24:4e:68:4f:03:e9:42:34:ca:57:4a:ce:9c:93:81:32:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:04:22 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=bd02b8fe311fc020411297c10812c68bf787e155aeaa16c850854ce7e5bb6e74, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0b:1c:cb:21:30:fe:e6:ae:4f:82:0a:4a:c1:
af:66:db:58:79:b9:96:11:09:71:f7:9a:b1:41:ab:
a6:98:0d:91:f3:79:22:db:53:02:cf:25:dc:b3:3e:
82:a5:cc:8c:57:38:78:f2:5d:ac:d7:62:06:9d:f6:
bd:5b:8e:69:95:79:96:0b:af:0c:24:f2:2b:ff:15:
44:a0:9f:61:de:a0:b4:be:83:26:a9:7d:b6:c6:ca:
86:ac:fb:1f:57:8c:a9:f1:9d:6a:10:c4:37:1d:16:
e9:37:bb:be:23:7a:3c:ce:1f:d3:11:bf:8f:26:af:
57:b2:ed:91:10:7b:3f:db:a8:a5:9d:08:eb:36:b2:
8f:93:01:b3:b5:17:db:5c:9c:2e:4e:15:73:9a:c9:
2a:5a:b1:dc:f1:71:cc:75:1a:c6:5b:34:7f:d4:23:
32:d8:27:6b:87:6b:d9:b6:52:40:69:24:86:24:4f:
aa:d8:22:58:61:d1:28:56:09:b2:a0:64:4a:00:8e:
dd:6a:a3:99:78:99:1f:3d:b2:fa:a2:af:2e:54:82:
56:ed:7a:e4:30:be:09:c5:00:1c:29:37:f4:ce:2f:
72:a9:57:04:14:d2:38:ac:1e:46:f4:7e:7b:59:a5:
7b:8a:5d:5f:3d:71:ff:8e:7e:c6:fd:e2:24:53:49:
2e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D9:9D:96:F4:85:AE:97:C3:F4:84:74:CF:70:CF:04:0C:22:17:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/325fa89c-1511-4efc-84ed-51af85c9ed14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:1000::/40
Signature Algorithm: sha256WithRSAEncryption
b2:99:0d:20:20:29:e9:65:7a:d4:01:02:07:39:d9:e3:53:71:
87:04:20:79:76:bf:d1:98:e4:08:75:d8:59:79:85:50:f4:0a:
9d:7c:bd:b6:d7:a4:3d:3f:03:45:90:47:36:8e:d9:ec:73:89:
20:8f:d3:77:5b:7f:1b:09:4b:40:13:9b:63:2f:44:e6:58:d9:
31:37:92:ee:51:99:bc:d0:2c:7d:39:45:db:48:7e:39:11:89:
e3:24:bd:2f:a0:93:08:67:7b:f5:d4:29:8c:33:a7:3c:b3:d1:
66:37:3a:6c:96:69:1a:8f:4e:22:34:4a:21:92:60:33:3f:9e:
dc:84:36:88:29:63:b7:f6:fc:8a:b8:82:8f:b2:7e:eb:9f:d1:
1e:96:55:16:d7:07:18:3f:cb:14:c3:e1:9d:19:18:88:53:d6:
11:70:fd:55:bf:fc:4c:d0:3c:3a:f3:92:3a:53:0c:51:47:58:
60:c5:f7:c6:34:03:e9:0c:49:d6:85:a3:d3:0a:dc:ad:d5:1a:
55:86:d6:bc:7c:63:84:22:8b:fe:49:08:51:fa:99:2a:45:ac:
99:78:63:4c:4f:5c:5f:0b:22:54:26:e7:8c:36:0c:4e:ee:99:
33:a0:db:15:3b:1f:7d:6b:21:2c:32:8f:87:a2:b2:40:fb:2c:
7b:9a:df:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK2ubJE5oTwPpQjTKV0rOnJOBMvcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzA0MjJaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkMDJiOGZlMzExZmMwMjA0MTEyOTdjMTA4MTJjNjhiZjc4N2UxNTVhZWFh
MTZjODUwODU0Y2U3ZTViYjZlNzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJcLHMshMP7mrk+CCkrBr2bbWHm5lhEJcfeasUGrppgNkfN5IttTAs8l3LM+
gqXMjFc4ePJdrNdiBp32vVuOaZV5lguvDCTyK/8VRKCfYd6gtL6DJql9tsbKhqz7
H1eMqfGdahDENx0W6Te7viN6PM4f0xG/jyavV7LtkRB7P9uopZ0I6zayj5MBs7UX
21ycLk4Vc5rJKlqx3PFxzHUaxls0f9QjMtgna4dr2bZSQGkkhiRPqtgiWGHRKFYJ
sqBkSgCO3WqjmXiZHz2y+qKvLlSCVu165DC+CcUAHCk39M4vcqlXBBTSOKweRvR+
e1mle4pdXz1x/45+xv3iJFNJLjUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQr2Z2W
9IWul8P0hHTPcM8EDCIXZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzI1ZmE4OWMtMTUxMS00ZWZjLTg0ZWQtNTFhZjg1YzllZDE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCymQ0gICnpZXrUAQIHOdnjU3GHBCB5dr/RmOQI
ddhZeYVQ9AqdfL2216Q9PwNFkEc2jtnsc4kgj9N3W38bCUtAE5tjL0TmWNkxN5Lu
UZm80Cx9OUXbSH45EYnjJL0voJMIZ3v11CmMM6c8s9FmNzpslmkaj04iNEohkmAz
P57chDaIKWO39vyKuIKPsn7rn9EellUW1wcYP8sUw+GdGRiIU9YRcP1Vv/xM0Dw6
85I6UwxRR1hgxffGNAPpDEnWhaPTCtyt1RpVhta8fGOEIov+SQhR+pkqRayZeGNM
T1xfCyJUJueMNgxO7pkzoNsVOx99ayEsMo+HorJA+yx7mt+i
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:18:44 2025 by rpki-client