Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
File: 53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa (raw, json)
Hash identifier: IhWkbJgE+82Q8RFpUdbm9EDm5BgN2io0Q4v4KDnPwM8=
Subject key identifier: D3:42:6B:6B:7F:4C:D4:C1:AA:51:2D:6D:75:A6:EC:40:D9:71:C0:61
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40DF4F5E130767FAA92FF94ACA4A4AB12CBC86FA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
Signing time: Mon 13 Oct 2025 17:55:51 +0000
ROA not before: Mon 13 Oct 2025 17:55:51 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:df:4f:5e:13:07:67:fa:a9:2f:f9:4a:ca:4a:4a:b1:2c:bc:86:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:55:51 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=4bb06732c57c4a387c5377711e346c37da4457e5d8b1ff11f1a8a8311e651df6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:49:29:80:ee:ba:cb:94:47:3a:b2:de:22:c1:
94:99:b7:55:57:67:17:b4:62:27:71:a5:b0:48:d7:
34:17:2d:c4:25:1a:8b:20:bd:62:67:c0:ee:ed:df:
f2:0a:07:dd:88:df:54:ec:52:f2:4b:3f:e1:78:33:
e9:6a:45:9e:9d:c1:9c:01:52:b0:b5:90:c9:27:f9:
c4:88:fc:93:57:cd:97:62:3f:3d:e8:fc:75:59:d3:
66:96:81:cd:f4:1e:52:cf:5f:10:fb:e6:f7:d6:32:
4b:9c:81:45:56:8a:64:06:d2:13:c7:17:b0:04:99:
cf:2e:3e:60:ec:e4:8a:01:5f:ff:c3:96:62:c3:fc:
81:e5:b8:dc:da:51:56:6d:30:2f:b4:61:33:27:26:
ce:24:fb:87:16:18:41:14:d8:75:82:cd:d6:56:9a:
35:a4:51:da:66:87:51:33:15:9e:18:ba:84:13:16:
eb:35:51:36:db:67:34:20:2a:36:33:86:2b:9f:80:
51:3b:67:4f:bc:29:37:43:13:22:00:60:81:ab:46:
4d:6e:2a:e6:0a:cd:bd:c9:e9:26:33:7a:1a:d3:cc:
9d:c1:f5:07:63:d8:40:c5:0f:e9:14:db:ad:72:d6:
d6:55:b0:4d:ce:7f:81:7e:7b:10:6d:1d:b5:36:6f:
75:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:42:6B:6B:7F:4C:D4:C1:AA:51:2D:6D:75:A6:EC:40:D9:71:C0:61
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:2000::/40
Signature Algorithm: sha256WithRSAEncryption
3f:86:23:c4:e8:d3:77:5b:c1:62:95:b1:87:31:e8:fd:9d:14:
00:70:fe:29:64:64:98:b8:c0:1f:b4:dd:e4:12:bb:95:28:7c:
13:d7:94:03:7f:c7:e7:3b:7c:60:0b:4d:7b:06:6a:15:6b:9e:
8f:c0:f4:ad:4c:d6:99:0c:54:6e:12:6c:2e:01:44:b4:89:b9:
66:63:9c:25:c5:6e:40:e1:07:be:7f:90:3f:3a:d5:4f:d6:3b:
dc:38:00:26:e7:23:e9:2a:77:6b:52:69:da:6c:c4:b9:80:f6:
4d:3d:82:ff:c7:bd:03:62:fd:26:f7:ea:17:f2:27:54:3d:82:
54:0e:d8:a8:38:39:18:d2:ff:f1:e9:12:3b:12:1b:11:f4:87:
18:67:6f:e1:71:42:41:75:de:53:af:fe:22:c6:3d:00:94:d5:
5f:e5:c0:be:48:c6:77:7d:d3:da:7f:df:30:77:c2:aa:00:d3:
9f:de:c6:3e:d0:0a:09:8d:4f:0a:1c:96:e1:8c:8f:37:02:64:
26:9a:52:af:d6:ac:13:96:58:48:e0:7e:94:f6:4b:a8:ad:db:
b8:4f:10:4e:d9:86:cc:87:78:82:02:df:7f:31:e4:31:33:76:
48:5f:50:04:45:49:35:63:25:4f:25:d7:3e:9b:c2:4a:ff:ad:
4c:e8:31:8f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQN9PXhMHZ/qpL/lKykpKsSy8hvowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU1NTFaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiYjA2NzMyYzU3YzRhMzg3YzUzNzc3MTFlMzQ2YzM3ZGE0NDU3ZTVkOGIx
ZmYxMWYxYThhODMxMWU2NTFkZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJJKYDuusuURzqy3iLBlJm3VVdnF7RiJ3GlsEjXNBctxCUaiyC9YmfA7u3f
8goH3YjfVOxS8ks/4Xgz6WpFnp3BnAFSsLWQySf5xIj8k1fNl2I/Pej8dVnTZpaB
zfQeUs9fEPvm99YyS5yBRVaKZAbSE8cXsASZzy4+YOzkigFf/8OWYsP8geW43NpR
Vm0wL7RhMycmziT7hxYYQRTYdYLN1laaNaRR2maHUTMVnhi6hBMW6zVRNttnNCAq
NjOGK5+AUTtnT7wpN0MTIgBggatGTW4q5grNvcnpJjN6GtPMncH1B2PYQMUP6RTb
rXLW1lWwTc5/gX57EG0dtTZvdUsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTTQmtr
f0zUwapRLW11puxA2XHAYTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTNmZGQzNTQtMGViOC00MDRiLTgyMDMtYjVlODIxMWIyYjdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYg
MA0GCSqGSIb3DQEBCwUAA4IBAQA/hiPE6NN3W8FilbGHMej9nRQAcP4pZGSYuMAf
tN3kEruVKHwT15QDf8fnO3xgC017BmoVa56PwPStTNaZDFRuEmwuAUS0iblmY5wl
xW5A4Qe+f5A/OtVP1jvcOAAm5yPpKndrUmnabMS5gPZNPYL/x70DYv0m9+oX8idU
PYJUDtioODkY0v/x6RI7EhsR9IcYZ2/hcUJBdd5Tr/4ixj0AlNVf5cC+SMZ3fdPa
f98wd8KqANOf3sY+0AoJjU8KHJbhjI83AmQmmlKv1qwTllhI4H6U9kuordu4TxBO
2YbMh3iCAt9/MeQxM3ZIX1AERUk1YyVPJdc+m8JK/61M6DGP
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:10 2025 by rpki-client