Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
File: 357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa (raw, json)
Hash identifier: +WIkZuJ+YenCAPVKmJoI9yKNsLD0S+B14cPH1hmfFjQ=
Subject key identifier: E5:F3:00:E7:56:B1:B2:C9:68:C1:10:03:2C:A5:32:78:F6:62:70:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0527022A3B7623B53425690D0333F16C675ED672
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
Signing time: Fri 26 Sep 2025 19:11:36 +0000
ROA not before: Fri 26 Sep 2025 19:11:36 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:27:02:2a:3b:76:23:b5:34:25:69:0d:03:33:f1:6c:67:5e:d6:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:11:36 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=049d25ae6e09baf441e89f37bce3df8dc21b9993ac786eb927b54cd82a721536, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b6:fa:c4:b3:30:86:eb:3f:fd:19:7f:92:24:
4d:a9:bb:1d:33:f5:3b:ba:a8:01:d1:51:61:07:89:
f5:a2:87:bd:23:d2:86:9d:9e:d9:0e:2a:47:39:b3:
55:eb:ca:2a:f2:2b:21:60:54:0b:8d:e6:17:87:ac:
21:a1:7a:20:fa:9d:b4:1f:45:d7:ce:89:e6:c8:f6:
70:2c:4c:d2:f7:21:aa:42:90:21:4f:42:1b:74:ca:
45:de:33:93:fc:fd:66:7e:8c:38:b3:0d:70:94:57:
d5:f3:12:6e:4d:a7:84:df:e3:02:05:d2:6c:af:ed:
91:5c:29:44:40:3b:75:88:1b:1b:58:e4:a8:bb:c4:
43:19:ce:3a:b7:dc:9a:4b:3d:b2:c1:9a:06:82:ba:
60:14:d8:05:9d:d8:24:79:a5:e0:29:35:5f:46:11:
59:31:db:3e:53:26:a8:11:d7:cb:31:a3:fc:3f:92:
60:6a:39:5b:e1:1d:f3:24:33:86:07:3f:9d:7a:5a:
c8:1e:e8:98:09:db:2a:a2:7e:8d:05:36:bd:59:0c:
c1:b9:2f:82:44:78:16:5a:7d:89:2e:5a:5b:32:b9:
e3:60:7e:75:64:d2:4e:e7:bd:d9:3d:03:09:14:17:
30:91:a1:e1:76:48:f0:51:78:a9:36:4d:f2:f9:e9:
7c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:F3:00:E7:56:B1:B2:C9:68:C1:10:03:2C:A5:32:78:F6:62:70:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1000::/40
Signature Algorithm: sha256WithRSAEncryption
bf:c8:61:f4:82:d7:71:14:5f:a5:84:18:81:22:51:26:42:58:
e9:68:5b:1e:04:cb:81:d5:f6:7b:40:14:7f:8e:61:02:1f:ab:
48:4d:98:55:68:a8:34:61:3b:3e:55:66:a6:25:41:9f:34:7f:
3d:1b:d6:f3:e8:73:be:5c:cc:88:09:e6:73:f2:03:29:b7:16:
d8:11:11:e4:c3:15:e2:9e:9f:dd:30:76:60:8a:bc:30:80:02:
5c:a1:54:a3:6c:20:78:af:a5:54:18:d8:5d:58:fb:25:17:d8:
ec:e8:c5:de:16:36:b7:73:dc:9c:cd:77:dc:6a:df:e2:b4:67:
1d:8c:58:8a:95:ee:25:f4:5d:34:b8:dd:4c:8f:2b:95:79:5a:
7a:b9:68:7c:87:82:c5:1b:c0:35:af:86:9a:75:a3:8f:61:a8:
33:e7:b9:cd:b9:f8:20:5c:dc:7b:04:35:61:a2:8b:6d:ac:a8:
6b:d0:85:45:d6:8f:18:c1:9d:b5:14:3a:00:95:1f:28:06:db:
db:0f:d8:19:ee:87:3f:25:fe:71:30:c5:4d:a8:0c:7b:61:35:
a2:19:11:61:8e:4b:7e:8a:3e:c3:75:5b:93:c8:7c:3f:20:5b:
1e:50:67:ba:35:6f:1e:27:be:94:ef:64:f1:2f:5a:df:f1:df:
81:de:45:3f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBScCKjt2I7U0JWkNAzPxbGde1nIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTExMzZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0OWQyNWFlNmUwOWJhZjQ0MWU4OWYzN2JjZTNkZjhkYzIxYjk5OTNhYzc4
NmViOTI3YjU0Y2Q4MmE3MjE1MzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOG2+sSzMIbrP/0Zf5IkTam7HTP1O7qoAdFRYQeJ9aKHvSPShp2e2Q4qRzmz
VevKKvIrIWBUC43mF4esIaF6IPqdtB9F186J5sj2cCxM0vchqkKQIU9CG3TKRd4z
k/z9Zn6MOLMNcJRX1fMSbk2nhN/jAgXSbK/tkVwpREA7dYgbG1jkqLvEQxnOOrfc
mks9ssGaBoK6YBTYBZ3YJHml4Ck1X0YRWTHbPlMmqBHXyzGj/D+SYGo5W+Ed8yQz
hgc/nXpayB7omAnbKqJ+jQU2vVkMwbkvgkR4Flp9iS5aWzK542B+dWTSTue92T0D
CRQXMJGh4XZI8FF4qTZN8vnpfG0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTl8wDn
VrGyyWjBEAMspTJ49mJwlzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzU3YzY2MjItOTE2MS00NGQ3LWFiMTMtNmVhNmUwYmVkMmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC/yGH0gtdxFF+lhBiBIlEmQljpaFseBMuB1fZ7
QBR/jmECH6tITZhVaKg0YTs+VWamJUGfNH89G9bz6HO+XMyICeZz8gMptxbYERHk
wxXinp/dMHZgirwwgAJcoVSjbCB4r6VUGNhdWPslF9js6MXeFja3c9yczXfcat/i
tGcdjFiKle4l9F00uN1MjyuVeVp6uWh8h4LFG8A1r4aadaOPYagz57nNufggXNx7
BDVhoottrKhr0IVF1o8YwZ21FDoAlR8oBtvbD9gZ7oc/Jf5xMMVNqAx7YTWiGRFh
jkt+ij7DdVuTyHw/IFseUGe6NW8eJ76U72TxL1rf8d+B3kU/
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:15 2025 by rpki-client