Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48ce7dfe-434d-4b57-b520-9001ae26be85.roa
File: 48ce7dfe-434d-4b57-b520-9001ae26be85.roa (raw, json)
Hash identifier: LM7gOYxR/CqkVa74UpzhuQrjl6qTjCUt6Jwl9GFuvvA=
Subject key identifier: 9D:67:03:8B:C6:A9:66:81:8F:41:F1:4E:0F:70:44:82:3C:B1:7B:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 342B4F632649B50E88BA6350AA30833F83236969
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48ce7dfe-434d-4b57-b520-9001ae26be85.roa
Signing time: Fri 26 Sep 2025 18:41:11 +0000
ROA not before: Fri 26 Sep 2025 18:41:11 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:2b:4f:63:26:49:b5:0e:88:ba:63:50:aa:30:83:3f:83:23:69:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:41:11 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=b94512cbcf9c42d4b711d9e7aa35dd67457ab1f050d7e57852d0a7ffff3a7372, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:bb:01:ea:76:ec:30:93:8c:b3:98:94:fd:05:
b8:15:fe:f2:aa:54:c8:05:24:90:8f:9f:cf:09:7d:
41:83:79:5e:1a:9b:3a:9d:2e:77:c9:92:13:f3:51:
0a:2e:60:c6:19:eb:86:b2:08:3d:1d:11:7d:19:07:
8c:9e:eb:87:c1:cb:07:d9:24:df:a2:4f:8a:0f:1e:
be:68:b5:75:68:46:5a:f7:91:c1:60:19:61:5c:34:
87:48:ef:9f:7a:4f:4c:15:6a:c8:79:1b:4e:f6:b3:
66:03:e8:5c:41:d1:1d:4f:7a:b3:b8:b9:1b:06:24:
8f:ab:6f:a9:9f:de:d5:14:1b:b8:58:dd:37:40:53:
8d:6e:f1:95:54:80:ca:23:f7:56:2c:bc:aa:5b:6b:
47:20:63:70:55:60:04:af:38:fc:75:b1:46:ed:87:
0c:59:26:a2:e5:12:df:29:bc:c0:4d:b8:a7:f3:90:
28:a2:ea:b9:99:22:6b:bc:4a:05:2c:6b:5f:3b:d4:
d7:15:2a:dd:4e:c0:8a:27:94:b4:8c:41:61:b8:53:
d7:4e:84:10:92:8e:df:0c:8d:ed:cf:31:f2:05:8b:
9d:00:42:ea:35:68:81:f2:fa:93:1a:08:9d:84:a4:
0d:1e:2e:56:f3:1e:97:b6:7f:be:23:15:41:b6:9b:
4f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:67:03:8B:C6:A9:66:81:8F:41:F1:4E:0F:70:44:82:3C:B1:7B:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48ce7dfe-434d-4b57-b520-9001ae26be85.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8010::/48
Signature Algorithm: sha256WithRSAEncryption
96:2c:6b:a9:6c:8c:6d:e5:a6:dc:fa:ee:d7:bc:df:7d:9a:2f:
08:29:14:4a:c4:40:fa:da:7c:24:f9:c5:07:ff:fc:bd:c5:d2:
13:ac:f2:ae:9c:5f:d3:0e:90:47:cc:ca:bc:29:10:e2:e1:d6:
26:95:d3:32:d7:5a:e7:bd:2e:08:a8:37:b5:2e:8a:42:7e:16:
3b:1d:9b:71:ca:f7:f7:bf:7b:a0:19:2f:85:25:6b:9f:e2:d5:
62:e3:39:3e:70:36:33:7d:b1:3e:e5:d0:e3:d9:59:e6:ae:1e:
69:c0:9a:3e:c4:77:98:1c:c9:f0:ea:d6:9a:e8:d9:b2:88:de:
40:ab:eb:e9:f1:38:ea:87:84:04:61:c7:88:54:42:04:f3:62:
01:bd:47:d9:2d:e3:4c:71:a9:5f:a5:b4:73:df:26:8a:d7:f0:
e5:2c:56:12:49:90:d2:1b:91:dc:4e:e6:48:c5:81:65:89:e0:
a7:3a:a1:85:f2:ce:63:95:8f:13:a9:80:7e:28:ee:ff:3f:33:
7b:5b:3d:21:28:0d:a4:5e:3a:60:a4:15:d1:f3:2a:fb:fe:c5:
43:ae:1b:df:06:52:2b:7c:a0:fe:e1:b9:e8:e6:e1:2d:c2:b6:
23:8e:fb:d9:93:74:44:9d:16:e2:01:5c:85:f7:f4:09:06:e3:
3f:a6:52:70
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNCtPYyZJtQ6IumNQqjCDP4MjaWkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODQxMTFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5NDUxMmNiY2Y5YzQyZDRiNzExZDllN2FhMzVkZDY3NDU3YWIxZjA1MGQ3
ZTU3ODUyZDBhN2ZmZmYzYTczNzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANq7Aep27DCTjLOYlP0FuBX+8qpUyAUkkI+fzwl9QYN5XhqbOp0ud8mSE/NR
Ci5gxhnrhrIIPR0RfRkHjJ7rh8HLB9kk36JPig8evmi1dWhGWveRwWAZYVw0h0jv
n3pPTBVqyHkbTvazZgPoXEHRHU96s7i5GwYkj6tvqZ/e1RQbuFjdN0BTjW7xlVSA
yiP3Viy8qltrRyBjcFVgBK84/HWxRu2HDFkmouUS3ym8wE24p/OQKKLquZkia7xK
BSxrXzvU1xUq3U7AiieUtIxBYbhT106EEJKO3wyN7c8x8gWLnQBC6jVogfL6kxoI
nYSkDR4uVvMel7Z/viMVQbabT6ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSdZwOL
xqlmgY9B8U4PcESCPLF7uzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDhjZTdkZmUtNDM0ZC00YjU3LWI1MjAtOTAwMWFlMjZiZTg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
EDANBgkqhkiG9w0BAQsFAAOCAQEAlixrqWyMbeWm3Pru17zffZovCCkUSsRA+tp8
JPnFB//8vcXSE6zyrpxf0w6QR8zKvCkQ4uHWJpXTMtda570uCKg3tS6KQn4WOx2b
ccr39797oBkvhSVrn+LVYuM5PnA2M32xPuXQ49lZ5q4eacCaPsR3mBzJ8OrWmujZ
sojeQKvr6fE46oeEBGHHiFRCBPNiAb1H2S3jTHGpX6W0c98mitfw5SxWEkmQ0huR
3E7mSMWBZYngpzqhhfLOY5WPE6mAfiju/z8ze1s9ISgNpF46YKQV0fMq+/7FQ64b
3wZSK3yg/uG56ObhLcK2I4772ZN0RJ0W4gFchff0CQbjP6ZScA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:21 2025 by rpki-client