Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa
File: 4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa (raw, json)
Hash identifier: NhZwfXXPTj09b0rD7VdPE9IiS7dJXUxmyqT4kbHPVHs=
Subject key identifier: 60:17:2A:47:FE:2F:BC:57:A4:5F:06:C8:84:E2:29:4A:76:B6:1B:56
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B90D73728A82E456CF50725B89960F8E3310149
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa
Signing time: Sun 19 Oct 2025 07:00:08 +0000
ROA not before: Sun 19 Oct 2025 07:00:08 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:90:d7:37:28:a8:2e:45:6c:f5:07:25:b8:99:60:f8:e3:31:01:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 19 07:00:08 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=183cf2da8aa83bf9ad702f41ac6dc3a4cf0df63219dd07122e7a9dc99e3aa25c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:02:9a:ab:8e:ba:31:ec:1f:8a:14:10:0e:8a:
c5:40:e8:d3:b9:9a:6a:69:cd:74:94:a6:31:87:b0:
66:c9:0c:16:a2:a8:00:e8:96:eb:8b:c2:36:00:cc:
3b:73:cd:cf:17:ff:48:f0:bf:56:2c:13:1c:e6:b8:
25:55:38:3f:1d:c7:da:6e:db:3b:c2:d0:38:f3:99:
40:4c:95:34:0f:d1:cf:1a:ea:06:be:53:67:e7:4d:
01:c0:d6:06:0d:05:9a:2f:48:cf:82:03:48:3b:d3:
a2:8b:32:a7:b5:50:f8:ea:ec:c4:c0:60:5b:77:b0:
8c:e8:e2:4b:41:95:c4:65:d7:25:f5:9b:f8:b3:d0:
5b:2b:47:aa:79:41:66:fb:6b:2e:8d:7b:35:64:f7:
44:b7:7b:7e:ba:45:a6:9f:08:c1:b0:3f:6a:63:cf:
25:94:10:10:c8:71:49:dc:87:9e:a1:d4:eb:13:eb:
72:31:2f:59:36:b9:d4:41:dc:e9:2b:48:ce:d4:f0:
92:eb:d6:c7:d8:d0:ce:8d:9b:ac:6b:86:b0:d1:10:
55:e6:99:d7:4c:52:e8:79:36:ca:69:16:f8:43:a0:
0e:11:cd:b4:20:16:db:ef:c4:1f:c1:9c:78:b7:fe:
11:fe:68:f0:e4:ef:87:6f:02:77:09:87:1e:b3:e4:
f2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:17:2A:47:FE:2F:BC:57:A4:5F:06:C8:84:E2:29:4A:76:B6:1B:56
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
9a:67:11:b7:93:ee:b7:04:da:b1:78:12:0f:9e:a1:60:c2:7f:
fa:f8:35:e5:77:ff:45:f9:79:b3:1e:8a:28:19:e3:fb:02:8c:
09:b6:17:28:47:44:22:a9:11:0b:e8:e8:aa:31:71:8c:5b:81:
10:b4:5b:d9:08:ea:ad:02:1c:9f:eb:55:da:14:5b:de:f7:32:
03:61:5b:1d:e2:bc:b6:ad:9c:4a:5f:bf:60:26:be:b8:bb:4f:
20:78:be:44:88:82:50:75:ab:86:e9:a3:c3:1a:64:29:ba:cc:
62:68:f1:00:26:ac:a7:e6:1e:0c:73:23:16:4f:04:b8:a4:c4:
91:e9:85:3f:37:77:b8:98:8a:2c:1b:22:e6:a4:df:57:97:7d:
2f:4d:92:e0:0a:b3:47:3f:ce:a0:3b:08:92:3d:73:e6:ae:14:
8e:9a:c2:ac:95:56:db:a8:7c:73:4d:ab:dc:2a:e4:da:22:d8:
48:26:09:44:fb:c9:2d:ae:cb:7a:53:e2:03:f0:fb:de:32:91:
4f:8e:b6:ba:b0:50:bd:16:6e:82:d1:59:7a:a5:76:82:ef:41:
37:6a:eb:d6:d9:13:3c:54:d5:c7:a4:4b:04:ef:2d:c9:c5:db:
df:2a:89:09:97:ef:2b:ee:f7:83:4d:ea:0b:88:5f:43:bd:6b:
d1:21:38:78
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUG5DXNyioLkVs9QcluJlg+OMxAUkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTkwNzAwMDhaFw0yNTExMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4M2NmMmRhOGFhODNiZjlhZDcwMmY0MWFjNmRjM2E0Y2YwZGY2MzIxOWRk
MDcxMjJlN2E5ZGM5OWUzYWEyNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsCmquOujHsH4oUEA6KxUDo07maamnNdJSmMYewZskMFqKoAOiW64vCNgDM
O3PNzxf/SPC/ViwTHOa4JVU4Px3H2m7bO8LQOPOZQEyVNA/RzxrqBr5TZ+dNAcDW
Bg0Fmi9Iz4IDSDvToosyp7VQ+OrsxMBgW3ewjOjiS0GVxGXXJfWb+LPQWytHqnlB
ZvtrLo17NWT3RLd7frpFpp8IwbA/amPPJZQQEMhxSdyHnqHU6xPrcjEvWTa51EHc
6StIztTwkuvWx9jQzo2brGuGsNEQVeaZ10xS6Hk2ymkW+EOgDhHNtCAW2+/EH8Gc
eLf+Ef5o8OTvh28CdwmHHrPk8rsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRgFypH
/i+8V6RfBsiE4ilKdrYbVjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI2YTdjMGEtM2U0YS00NzM3LWI5MmItZmFjMjJkZTg3NTdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DgI
wDANBgkqhkiG9w0BAQsFAAOCAQEAmmcRt5PutwTasXgSD56hYMJ/+vg15Xf/Rfl5
sx6KKBnj+wKMCbYXKEdEIqkRC+joqjFxjFuBELRb2QjqrQIcn+tV2hRb3vcyA2Fb
HeK8tq2cSl+/YCa+uLtPIHi+RIiCUHWrhumjwxpkKbrMYmjxACasp+YeDHMjFk8E
uKTEkemFPzd3uJiKLBsi5qTfV5d9L02S4AqzRz/OoDsIkj1z5q4UjprCrJVW26h8
c02r3Crk2iLYSCYJRPvJLa7LelPiA/D73jKRT462urBQvRZugtFZeqV2gu9BN2rr
1tkTPFTVx6RLBO8tycXb3yqJCZfvK+73g03qC4hfQ71r0SE4eA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:30 2025 by rpki-client