Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/486a9d1e-bc45-467a-9db2-1a7e5e9068f0.roa
File: 486a9d1e-bc45-467a-9db2-1a7e5e9068f0.roa (raw, json)
Hash identifier: XOGxXCRZR96x1k0aexpujrMcdj4RTIXN3R1XlvHizRM=
Subject key identifier: 77:4B:E7:E6:D9:4E:50:AC:6C:40:87:08:CF:78:F9:64:02:27:60:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FA911E4C09C9AA14A4E2DA1AA3612638B41C389
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/486a9d1e-bc45-467a-9db2-1a7e5e9068f0.roa
Signing time: Mon 06 Oct 2025 18:01:02 +0000
ROA not before: Mon 06 Oct 2025 18:01:02 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:6080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:a9:11:e4:c0:9c:9a:a1:4a:4e:2d:a1:aa:36:12:63:8b:41:c3:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:01:02 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=aba1050a7ecc829682e3c6415e15acb3638cc2a628e2894c2b3baeed72229220, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:32:a8:3d:de:c0:3b:c9:8c:ae:56:99:b7:ff:
61:71:1f:50:66:4c:a6:11:30:34:00:88:ae:68:23:
5c:f3:80:f8:f0:2d:aa:c7:bc:1f:bd:77:94:55:c2:
40:42:41:7e:bf:e0:a7:f7:45:8d:33:5a:1b:21:30:
86:6f:4d:9b:c0:a5:8f:a7:64:04:b7:ec:35:59:75:
35:cd:0e:ab:f2:5d:d2:b3:da:5c:34:b1:1e:a3:21:
8b:83:e3:f6:e8:dc:d1:a5:07:b6:99:7e:be:58:96:
6d:d7:b0:e4:64:d3:1a:4e:c7:f1:09:7a:ba:4a:82:
c5:23:e5:2e:c6:03:d4:8d:91:e8:99:e1:89:a2:d7:
ac:15:fe:00:3a:4b:a1:64:b8:2b:a4:95:02:02:02:
6f:ba:20:24:4e:84:f1:a4:e0:68:2d:8e:17:03:76:
b9:10:6c:f4:f1:e6:0a:e6:bc:cb:dd:0a:a5:87:71:
2c:09:e5:1f:d9:2c:df:ba:69:65:7f:fa:4b:e3:ec:
97:f3:bd:25:70:35:a0:53:f1:c1:84:3b:61:1a:dd:
d6:3f:e1:5c:18:df:34:0c:de:f1:0e:c4:5a:2c:15:
b2:68:6c:f4:d7:85:e3:27:c9:a1:3c:6c:40:b0:69:
42:22:37:98:32:81:d0:63:b9:ef:cf:50:b5:f2:ad:
54:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:4B:E7:E6:D9:4E:50:AC:6C:40:87:08:CF:78:F9:64:02:27:60:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/486a9d1e-bc45-467a-9db2-1a7e5e9068f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:6080::/46
Signature Algorithm: sha256WithRSAEncryption
0d:1f:26:fc:dc:c7:21:03:ed:09:eb:89:54:c3:a8:8f:f2:c3:
b1:ce:92:05:f0:b6:0c:fb:6c:8e:10:b5:4d:02:34:d9:9e:ec:
72:ac:f8:be:dd:19:8b:9c:f9:6a:fe:93:78:09:17:20:53:d0:
0f:ce:74:10:9b:a5:bc:ff:d2:7f:a7:04:22:83:70:45:7d:bb:
61:b2:f9:7d:d1:50:43:d3:30:3a:93:c8:4f:8f:4a:50:6c:07:
bc:b4:e5:48:fd:c9:93:7e:d1:9e:da:82:b2:ee:5a:8a:7c:7a:
d4:a3:bd:4a:3b:9c:4b:4d:0a:d6:b4:20:41:f7:6e:6e:b2:8e:
db:e0:c6:f2:00:13:23:f0:43:d5:fa:8b:41:eb:98:3c:62:e8:
d9:bf:52:39:f8:c8:00:d4:d0:1e:04:a0:b5:e1:07:d0:19:85:
78:cb:42:01:b2:a3:b2:c3:dc:11:4f:ca:f3:f4:76:80:01:be:
a7:2b:86:d4:e8:97:de:86:f6:de:40:de:4a:72:97:0a:d9:14:
a1:6b:0e:f2:b5:93:b3:1e:41:3a:52:68:5c:af:07:8f:2e:50:
e3:71:26:53:ea:3c:85:b3:c6:89:c0:db:6d:5b:42:c6:be:ee:
2f:88:1a:c7:e2:7d:77:a9:f1:8b:09:af:f9:5c:38:b8:88:3b:
27:f3:63:e8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUb6kR5MCcmqFKTi2hqjYSY4tBw4kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAxMDJaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiYTEwNTBhN2VjYzgyOTY4MmUzYzY0MTVlMTVhY2IzNjM4Y2MyYTYyOGUy
ODk0YzJiM2JhZWVkNzIyMjkyMjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkyqD3ewDvJjK5Wmbf/YXEfUGZMphEwNACIrmgjXPOA+PAtqse8H713lFXC
QEJBfr/gp/dFjTNaGyEwhm9Nm8Clj6dkBLfsNVl1Nc0Oq/Jd0rPaXDSxHqMhi4Pj
9ujc0aUHtpl+vliWbdew5GTTGk7H8Ql6ukqCxSPlLsYD1I2R6JnhiaLXrBX+ADpL
oWS4K6SVAgICb7ogJE6E8aTgaC2OFwN2uRBs9PHmCua8y90KpYdxLAnlH9ks37pp
ZX/6S+Psl/O9JXA1oFPxwYQ7YRrd1j/hXBjfNAze8Q7EWiwVsmhs9NeF4yfJoTxs
QLBpQiI3mDKB0GO5789QtfKtVDsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR3S+fm
2U5QrGxAhwjPePlkAidgATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDg2YTlkMWUtYmM0NS00NjdhLTlkYjItMWE3ZTVlOTA2OGYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNg
gDANBgkqhkiG9w0BAQsFAAOCAQEADR8m/NzHIQPtCeuJVMOoj/LDsc6SBfC2DPts
jhC1TQI02Z7scqz4vt0Zi5z5av6TeAkXIFPQD850EJulvP/Sf6cEIoNwRX27YbL5
fdFQQ9MwOpPIT49KUGwHvLTlSP3Jk37RntqCsu5ainx61KO9SjucS00K1rQgQfdu
brKO2+DG8gATI/BD1fqLQeuYPGLo2b9SOfjIANTQHgSgteEH0BmFeMtCAbKjssPc
EU/K8/R2gAG+pyuG1OiX3ob23kDeSnKXCtkUoWsO8rWTsx5BOlJoXK8Hjy5Q43Em
U+o8hbPGicDbbVtCxr7uL4gax+J9d6nxiwmv+Vw4uIg7J/Nj6A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:17 2025 by rpki-client