Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
File: 3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa (raw, json)
Hash identifier: rhI1HT9FUohi7OqBA6j+eblvbObD6Zh9gQNk3MIwlKk=
Subject key identifier: 65:C4:8D:92:3B:1A:8C:E8:A0:F5:84:BC:0D:07:AA:25:F0:76:29:4A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C7974C757034FD74E8DC8B1838E427C2755027D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
Signing time: Fri 26 Sep 2025 19:11:45 +0000
ROA not before: Fri 26 Sep 2025 19:11:45 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:79:74:c7:57:03:4f:d7:4e:8d:c8:b1:83:8e:42:7c:27:55:02:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:11:45 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=addc93f442c0efc8b3af926bdc3bf271803ab9d7ee3c4c86e321c2c294291fe4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a6:d9:d8:e5:5c:4b:d2:eb:4d:59:e5:17:ab:
60:95:db:1e:32:22:2c:ed:6c:9f:d9:ad:be:99:bc:
e9:1f:63:21:ab:16:d1:64:4c:e0:31:12:c4:0a:bd:
e0:3c:66:fe:c4:b3:f1:83:89:85:e3:bd:95:a1:ab:
37:dc:23:f2:5f:ea:bd:ff:26:b8:0b:09:da:63:aa:
31:6a:40:b5:88:b2:89:78:ec:0e:f8:bf:a0:0d:aa:
8f:16:8f:7f:75:85:71:99:7b:e6:32:ff:06:1a:63:
de:2a:95:2d:68:d3:98:c9:3e:04:5e:7b:07:cc:c5:
ff:fa:43:c5:0e:28:3d:53:06:86:66:f4:75:86:bf:
3c:d7:69:b8:39:73:68:ab:30:52:7b:5d:38:ef:83:
28:2a:68:fb:45:26:72:75:7a:27:90:de:29:6b:9c:
9d:d4:35:4b:10:5c:ce:0a:22:f0:d5:d8:82:59:7d:
cc:7b:c8:dc:2a:b6:ef:64:4a:7c:d9:42:0a:0b:83:
47:c0:57:fa:a4:45:51:62:28:6d:af:03:3b:bc:0e:
57:0f:82:24:60:40:87:3c:0f:e7:a3:2e:76:be:71:
e6:ee:83:c2:75:9f:83:5e:5a:d6:24:fb:0e:22:1f:
5f:72:25:aa:2a:19:a7:73:d8:b0:b7:7b:ca:c9:e0:
6a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C4:8D:92:3B:1A:8C:E8:A0:F5:84:BC:0D:07:AA:25:F0:76:29:4A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8040::/48
Signature Algorithm: sha256WithRSAEncryption
24:df:1c:e4:ef:d0:b0:b3:d7:02:83:3d:f0:14:a5:76:e2:bb:
dd:95:47:94:60:e0:f6:d9:f5:fd:68:9b:10:00:84:b1:1a:49:
26:4f:ea:5c:bb:36:64:96:7c:ff:12:d6:07:02:92:7b:91:20:
6d:e4:e7:31:36:e8:a7:4d:50:95:79:3e:29:60:e9:9b:cf:e9:
81:bd:b4:31:b3:72:46:8e:b5:2d:9b:31:41:b0:d8:e9:a2:cb:
59:8f:ca:eb:d0:65:fb:67:91:d4:f3:af:e7:12:2d:dd:9a:93:
0a:4e:54:21:a8:de:30:43:16:45:c2:07:11:80:c1:d2:ea:a8:
4c:1c:70:bd:5c:b1:03:05:d5:a4:bf:2f:54:14:86:55:0d:00:
be:35:20:9e:b0:05:bd:a0:1c:aa:ec:55:95:be:f4:7e:09:aa:
44:73:17:e0:ac:21:c3:8d:9c:cc:fe:2d:ed:63:ba:73:1a:e2:
7f:fc:56:58:4c:8f:a2:04:63:c4:00:d4:95:1c:59:81:0f:6e:
58:b7:06:b8:a8:b4:82:03:b6:b6:64:4a:a5:1f:01:2e:11:cd:
a8:a6:4b:fd:49:0e:5b:f1:c3:78:ca:df:5f:cf:54:d5:ac:76:
8b:42:b7:ba:60:9e:a5:ba:8d:0a:a8:06:1f:1d:13:7d:1b:72:
54:d4:59:6b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPHl0x1cDT9dOjcixg45CfCdVAn0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTExNDVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkZGM5M2Y0NDJjMGVmYzhiM2FmOTI2YmRjM2JmMjcxODAzYWI5ZDdlZTNj
NGM4NmUzMjFjMmMyOTQyOTFmZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOm2djlXEvS601Z5RerYJXbHjIiLO1sn9mtvpm86R9jIasW0WRM4DESxAq9
4Dxm/sSz8YOJheO9laGrN9wj8l/qvf8muAsJ2mOqMWpAtYiyiXjsDvi/oA2qjxaP
f3WFcZl75jL/Bhpj3iqVLWjTmMk+BF57B8zF//pDxQ4oPVMGhmb0dYa/PNdpuDlz
aKswUntdOO+DKCpo+0UmcnV6J5DeKWucndQ1SxBczgoi8NXYgll9zHvI3Cq272RK
fNlCCguDR8BX+qRFUWIoba8DO7wOVw+CJGBAhzwP56Mudr5x5u6DwnWfg15a1iT7
DiIfX3IlqioZp3PYsLd7ysngatECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRlxI2S
OxqM6KD1hLwNB6ol8HYpSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Y1Y2MxY2EtMGRiYS00NGE3LThiYjMtZWZlODQ4Y2M3OWJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
QDANBgkqhkiG9w0BAQsFAAOCAQEAJN8c5O/QsLPXAoM98BSlduK73ZVHlGDg9tn1
/WibEACEsRpJJk/qXLs2ZJZ8/xLWBwKSe5EgbeTnMTbop01QlXk+KWDpm8/pgb20
MbNyRo61LZsxQbDY6aLLWY/K69Bl+2eR1POv5xIt3ZqTCk5UIajeMEMWRcIHEYDB
0uqoTBxwvVyxAwXVpL8vVBSGVQ0AvjUgnrAFvaAcquxVlb70fgmqRHMX4Kwhw42c
zP4t7WO6cxrif/xWWEyPogRjxADUlRxZgQ9uWLcGuKi0ggO2tmRKpR8BLhHNqKZL
/UkOW/HDeMrfX89U1ax2i0K3umCepbqNCqgGHx0TfRtyVNRZaw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:15 2025 by rpki-client