Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa
File: 35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa (raw, json)
Hash identifier: IRc5LMB1Ci+XwGIpp1mWH1m+RSacHRE1iozc3aALFPI=
Subject key identifier: ED:EF:0A:72:17:0A:FD:07:B0:66:19:95:37:51:9B:E7:83:78:D9:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 740C8DEC96A475459881C95CD690E27C42BC1CAA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa
Signing time: Fri 26 Sep 2025 19:20:09 +0000
ROA not before: Fri 26 Sep 2025 19:20:09 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:0c:8d:ec:96:a4:75:45:98:81:c9:5c:d6:90:e2:7c:42:bc:1c:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:20:09 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=d1cb45a63ff181a46dba26b80fba074d93104a56361c2119f846c1b976d524c3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:71:75:50:b1:60:9d:2a:d7:6a:15:7a:f1:86:
e8:7e:3a:c8:74:51:d4:0f:5b:aa:3f:cc:62:ce:a6:
45:ce:d4:e7:75:08:f5:09:41:d2:dc:d7:d8:e5:ab:
60:fb:1f:d0:29:dd:eb:12:a6:33:12:de:e6:80:46:
5a:23:3e:57:1d:de:7f:4f:b8:f9:87:5a:6b:c6:88:
3d:f7:1b:24:dd:45:b1:25:0d:60:74:a4:42:41:67:
eb:1e:6b:ea:7b:77:0c:ee:d5:93:d3:10:f4:2e:c0:
93:06:51:d3:ec:9d:4c:c6:3c:b4:8c:bb:1a:3c:dd:
0c:50:63:f0:66:2b:09:01:08:d1:3a:08:87:36:47:
60:31:20:02:b5:13:3b:f5:57:fa:db:24:44:70:90:
a3:80:3d:05:e4:f3:db:07:a4:ad:17:02:8e:3b:da:
c9:8c:55:0c:4a:e3:ee:a0:1d:29:38:3c:52:ac:8d:
7b:97:58:59:37:00:bc:3f:4d:a5:35:69:48:81:d0:
cf:7d:b0:49:87:2c:f6:4d:2b:d8:d4:29:f6:06:ad:
e5:2d:35:59:6e:d0:66:c5:ae:52:89:1e:13:14:b6:
40:58:43:41:12:29:d1:00:78:90:92:ce:59:80:d7:
fa:a9:8f:84:05:62:0c:92:15:31:14:09:3f:76:d7:
80:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:EF:0A:72:17:0A:FD:07:B0:66:19:95:37:51:9B:E7:83:78:D9:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:2000::/40
Signature Algorithm: sha256WithRSAEncryption
8f:27:a2:4e:69:d2:a7:0c:58:ff:c8:8a:66:04:01:54:0a:4e:
da:22:97:a7:4b:47:99:31:69:12:47:31:11:a2:ae:04:55:24:
51:8d:cd:56:ce:e4:77:c7:fb:46:ab:fa:7f:6c:d7:ec:3b:d4:
db:81:75:f1:6f:60:98:5c:c1:69:f8:2b:24:1c:2a:89:5e:51:
0d:fd:8f:93:e0:7f:0e:9e:4f:ad:04:b4:82:80:0d:e9:fa:b7:
3c:ac:a1:7b:27:f0:66:6d:f4:d1:2c:e5:00:0e:7c:60:de:74:
0a:fa:85:b3:ba:92:2e:27:00:47:b3:5c:d4:74:a6:4d:14:b8:
d6:51:08:d4:8b:0f:86:aa:5d:a3:b7:0c:dd:95:b4:bf:e1:c0:
c8:21:4b:83:b9:18:28:09:35:00:23:e2:c6:b5:7e:e1:55:1f:
26:3f:11:c2:5d:8c:c5:ba:d0:c4:1e:b2:95:50:8e:4d:03:9e:
a0:b6:66:1d:88:d2:1e:d7:2b:41:cd:99:de:84:bf:13:ff:e1:
46:81:d3:c5:7e:67:ff:da:b3:48:34:f3:e1:d2:d9:cc:e9:d1:
0c:d5:7c:cc:29:c7:f4:f4:86:99:73:1d:fa:4c:54:e6:8b:a1:
c9:9a:5e:db:90:59:0d:83:35:ce:47:03:d0:d9:30:4d:cf:3a:
86:f5:de:b3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdAyN7JakdUWYgclc1pDifEK8HKowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTIwMDlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxY2I0NWE2M2ZmMTgxYTQ2ZGJhMjZiODBmYmEwNzRkOTMxMDRhNTYzNjFj
MjExOWY4NDZjMWI5NzZkNTI0YzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZxdVCxYJ0q12oVevGG6H46yHRR1A9bqj/MYs6mRc7U53UI9QlB0tzX2OWr
YPsf0Cnd6xKmMxLe5oBGWiM+Vx3ef0+4+Ydaa8aIPfcbJN1FsSUNYHSkQkFn6x5r
6nt3DO7Vk9MQ9C7AkwZR0+ydTMY8tIy7GjzdDFBj8GYrCQEI0ToIhzZHYDEgArUT
O/VX+tskRHCQo4A9BeTz2wekrRcCjjvayYxVDErj7qAdKTg8UqyNe5dYWTcAvD9N
pTVpSIHQz32wSYcs9k0r2NQp9gat5S01WW7QZsWuUokeExS2QFhDQRIp0QB4kJLO
WYDX+qmPhAViDJIVMRQJP3bXgKECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTt7wpy
Fwr9B7BmGZU3UZvng3jZnDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVhODcxN2MtZWNmNi00Y2Y3LWE3M2MtZjU2NmY3ODg0YTE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fkg
MA0GCSqGSIb3DQEBCwUAA4IBAQCPJ6JOadKnDFj/yIpmBAFUCk7aIpenS0eZMWkS
RzERoq4EVSRRjc1WzuR3x/tGq/p/bNfsO9TbgXXxb2CYXMFp+CskHCqJXlEN/Y+T
4H8Onk+tBLSCgA3p+rc8rKF7J/BmbfTRLOUADnxg3nQK+oWzupIuJwBHs1zUdKZN
FLjWUQjUiw+Gql2jtwzdlbS/4cDIIUuDuRgoCTUAI+LGtX7hVR8mPxHCXYzFutDE
HrKVUI5NA56gtmYdiNIe1ytBzZnehL8T/+FGgdPFfmf/2rNINPPh0tnM6dEM1XzM
Kcf09IaZcx36TFTmi6HJml7bkFkNgzXORwPQ2TBNzzqG9d6z
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:47:16 2025 by rpki-client