Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa
File: 3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa (raw, json)
Hash identifier: nj4hl8O2GuW3cwOEcKJp/IMwZEoYAZYpYKXO43Ezxmg=
Subject key identifier: 80:F2:AE:21:57:26:EA:2A:17:4B:0A:6B:92:5E:F5:10:50:85:7F:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0415E7B1FD2DACB6D1E4EF602476079F533C2D80
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa
Signing time: Fri 26 Sep 2025 18:42:30 +0000
ROA not before: Fri 26 Sep 2025 18:42:30 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:40a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:15:e7:b1:fd:2d:ac:b6:d1:e4:ef:60:24:76:07:9f:53:3c:2d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:42:30 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a8151faa96d011bcd61f6ec4fd71b3a13d3030c57782df62c61bd5b78a7e7918, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:52:e9:88:07:1e:18:6d:0a:bd:af:1f:76:78:
33:d4:e0:2f:8c:ae:56:fe:fb:9d:e4:76:a9:a2:e4:
68:be:b5:29:56:2a:29:7c:25:a1:ee:71:da:48:c9:
b8:f9:ed:ce:a1:7f:14:73:ea:3b:df:af:08:0b:b8:
1a:73:e5:17:1d:a3:f3:13:0d:fa:b7:49:85:02:53:
5d:3c:f6:20:7a:aa:82:52:8b:a8:86:28:ea:70:fc:
b2:c4:a5:1d:10:bd:79:06:2d:51:4a:ed:54:81:c5:
5a:6b:ba:af:eb:7f:6d:da:34:2a:3b:84:f8:46:85:
53:89:80:7f:7d:d6:08:5b:36:c0:ef:36:4d:e8:0d:
a9:7e:9c:ad:cd:58:b7:8b:a0:bc:83:80:36:69:1b:
92:a2:95:11:12:82:4f:2d:f9:1b:c1:5d:3b:da:06:
3b:72:bf:1b:ee:c9:7b:60:1d:63:f5:48:9d:bb:39:
da:a2:42:b2:d2:2c:0c:18:d4:9d:a7:b4:f2:13:6f:
0d:96:e9:b7:18:ec:be:73:fa:18:60:ff:9b:19:11:
6d:c7:17:1f:64:d4:de:8c:f2:e4:44:05:d6:cd:3a:
a7:4f:0c:15:40:13:9c:a6:aa:1b:a3:ae:8e:7a:02:
a9:89:5f:1f:76:7f:ca:98:8f:4e:6b:cc:86:51:43:
dd:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:F2:AE:21:57:26:EA:2A:17:4B:0A:6B:92:5E:F5:10:50:85:7F:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:40a0::/48
Signature Algorithm: sha256WithRSAEncryption
76:e8:18:9c:55:b0:d7:29:56:5d:20:82:8b:f1:c9:d6:e0:47:
8f:1d:17:16:46:08:e1:fd:be:86:1a:7e:14:c9:2e:b0:fa:78:
8c:c7:b4:1c:20:61:47:d5:19:39:d1:24:90:0e:09:82:b4:b1:
03:00:15:25:4a:51:40:37:53:76:11:fa:e3:7c:6a:85:72:32:
f0:40:a5:11:55:6f:5a:f1:12:6e:97:eb:4d:7d:07:11:2b:b9:
8d:68:89:0b:ce:76:c9:5d:de:7b:40:03:de:6f:70:c9:0e:7d:
59:c3:0e:8c:68:5a:35:80:9c:54:d5:65:cd:66:6e:e3:b6:aa:
67:4e:32:54:05:11:eb:9f:76:38:99:ae:11:dc:53:3d:6e:2e:
d7:73:56:b3:2f:c1:11:c6:8b:75:9c:44:32:b5:c8:cf:1f:eb:
aa:e3:05:85:ef:59:4e:26:01:1f:de:a8:c5:07:56:dc:bf:9f:
e6:0b:72:69:27:68:a5:67:c6:3e:9f:bc:47:94:c8:3d:74:ad:
0f:57:24:d7:52:4a:26:3e:09:81:51:48:e2:98:e6:89:60:36:
dc:03:47:91:a2:de:16:e7:f2:1f:3a:f7:42:d7:c6:be:e7:ce:
d0:5f:06:4d:c0:9c:3c:c7:41:4e:0c:97:a1:c1:5a:c3:45:20:
65:f1:b0:45
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBBXnsf0trLbR5O9gJHYHn1M8LYAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODQyMzBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4MTUxZmFhOTZkMDExYmNkNjFmNmVjNGZkNzFiM2ExM2QzMDMwYzU3Nzgy
ZGY2MmM2MWJkNWI3OGE3ZTc5MTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZS6YgHHhhtCr2vH3Z4M9TgL4yuVv77neR2qaLkaL61KVYqKXwloe5x2kjJ
uPntzqF/FHPqO9+vCAu4GnPlFx2j8xMN+rdJhQJTXTz2IHqqglKLqIYo6nD8ssSl
HRC9eQYtUUrtVIHFWmu6r+t/bdo0KjuE+EaFU4mAf33WCFs2wO82TegNqX6crc1Y
t4ugvIOANmkbkqKVERKCTy35G8FdO9oGO3K/G+7Je2AdY/VInbs52qJCstIsDBjU
nae08hNvDZbptxjsvnP6GGD/mxkRbccXH2TU3ozy5EQF1s06p08MFUATnKaqG6Ou
jnoCqYlfH3Z/ypiPTmvMhlFD3dUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSA8q4h
VybqKhdLCmuSXvUQUIV/UDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2RiNjZjODgtMGJiMC00NGQ2LWI2YTAtYWQ3ZGQwODczYzU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
oDANBgkqhkiG9w0BAQsFAAOCAQEAdugYnFWw1ylWXSCCi/HJ1uBHjx0XFkYI4f2+
hhp+FMkusPp4jMe0HCBhR9UZOdEkkA4JgrSxAwAVJUpRQDdTdhH643xqhXIy8ECl
EVVvWvESbpfrTX0HESu5jWiJC852yV3ee0AD3m9wyQ59WcMOjGhaNYCcVNVlzWZu
47aqZ04yVAUR6592OJmuEdxTPW4u13NWsy/BEcaLdZxEMrXIzx/rquMFhe9ZTiYB
H96oxQdW3L+f5gtyaSdopWfGPp+8R5TIPXStD1ck11JKJj4JgVFI4pjmiWA23ANH
kaLeFufyHzr3QtfGvufO0F8GTcCcPMdBTgyXocFaw0UgZfGwRQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:33 2025 by rpki-client