Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
File: 58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa (raw, json)
Hash identifier: 0rn884nJGlpsWAwKnS8dhjCsoKnXS/NyDbozsCDpRWA=
Subject key identifier: 20:D4:16:5B:4E:71:D7:5D:7E:E4:08:3D:F9:D5:B0:4D:B6:B4:2A:37
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6DA233DCFEAEA4BB1C7DF7358B88415BC9144F56
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
Signing time: Fri 26 Sep 2025 19:10:10 +0000
ROA not before: Fri 26 Sep 2025 19:10:10 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:a2:33:dc:fe:ae:a4:bb:1c:7d:f7:35:8b:88:41:5b:c9:14:4f:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:10:10 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=c0b338181895bf1da1810aa0ae22a52f83157ba5ae06569d96e10670e3dc553c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:34:41:86:0d:20:a5:8f:4a:c2:a4:07:57:5d:
16:e8:bb:0e:b6:db:cb:64:d8:ab:f4:ea:ce:79:b2:
65:26:82:1f:7e:6b:f6:02:24:47:84:54:9f:d5:db:
0c:95:97:84:62:9b:61:b3:67:2c:be:c2:a8:05:cd:
6a:1c:ed:8c:98:73:e9:4a:6d:cd:7f:8e:dc:84:00:
c6:62:2f:a0:b0:e3:bc:ec:9b:a0:33:a6:fa:85:09:
df:3d:b9:ba:7e:0b:d4:d7:46:54:8c:e2:aa:1f:a4:
b4:38:54:66:67:59:46:08:54:04:07:d6:f1:4d:02:
bb:2a:84:64:a1:f8:57:4a:9a:5e:b2:69:21:18:5b:
30:87:ee:fb:9e:14:ae:15:6b:a3:85:68:b9:21:8a:
6b:d2:79:fa:50:d8:cb:91:d5:2d:23:8a:47:ca:10:
43:9f:b0:1b:37:4b:93:bd:c7:3a:5c:8e:ed:5d:18:
b6:27:4b:85:c3:45:d7:5a:4d:2e:72:e2:38:63:cb:
c8:bf:f9:fb:e2:54:1b:d3:1e:c2:ef:81:9a:79:02:
45:b4:fa:8f:a4:b8:e5:9a:c9:02:c6:f8:2f:9d:ed:
74:80:26:a3:1d:c5:a8:4d:dc:d1:3c:7d:9c:e4:c2:
eb:86:00:85:a4:c6:64:a3:7a:57:6f:9c:9e:8b:f2:
f6:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:D4:16:5B:4E:71:D7:5D:7E:E4:08:3D:F9:D5:B0:4D:B6:B4:2A:37
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2040::/48
Signature Algorithm: sha256WithRSAEncryption
61:9b:d8:27:f8:1c:e5:ef:c6:10:c8:39:e0:01:01:ff:2c:9b:
47:48:3e:ca:ed:a3:9d:1f:72:ac:d1:32:80:77:6e:78:bf:34:
cc:85:12:a0:0f:46:03:6c:eb:f7:b0:26:ca:7b:12:6a:01:d0:
00:7d:96:7e:b2:ec:ee:c2:50:d4:57:66:16:5c:72:46:f0:d9:
41:db:79:75:b1:f8:5a:65:ff:2c:60:3a:7e:76:e7:1d:6f:cd:
cd:dd:11:3b:6a:16:d9:3f:e4:89:18:58:ee:9d:ce:4a:aa:17:
c2:d4:a7:5f:4d:8e:99:03:0b:1c:f7:6f:4a:1c:8a:8d:fe:d0:
62:d1:9c:7e:99:aa:c7:a6:fc:9e:46:01:90:78:9d:b3:ae:b6:
68:1a:da:29:25:39:4e:39:5f:ea:2f:52:65:c2:24:0f:80:87:
f6:f7:28:f4:ee:98:78:8e:1c:72:0b:db:67:d8:14:17:63:6f:
59:59:37:d2:ed:43:c3:36:e1:fe:93:0c:2e:24:b2:45:b3:80:
da:eb:73:33:32:0e:62:26:17:60:9b:e8:8c:1c:98:7a:b3:f7:
4c:1c:68:6e:df:8d:f4:ac:77:d2:2e:5d:66:ee:00:87:dc:d1:
5b:f1:40:0a:e4:6b:69:fe:a4:46:35:da:54:90:1e:43:e1:2c:
fa:26:a6:51
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbaIz3P6upLscffc1i4hBW8kUT1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTEwMTBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwYjMzODE4MTg5NWJmMWRhMTgxMGFhMGFlMjJhNTJmODMxNTdiYTVhZTA2
NTY5ZDk2ZTEwNjcwZTNkYzU1M2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMo0QYYNIKWPSsKkB1ddFui7Drbby2TYq/TqznmyZSaCH35r9gIkR4RUn9Xb
DJWXhGKbYbNnLL7CqAXNahztjJhz6UptzX+O3IQAxmIvoLDjvOyboDOm+oUJ3z25
un4L1NdGVIziqh+ktDhUZmdZRghUBAfW8U0CuyqEZKH4V0qaXrJpIRhbMIfu+54U
rhVro4VouSGKa9J5+lDYy5HVLSOKR8oQQ5+wGzdLk73HOlyO7V0YtidLhcNF11pN
LnLiOGPLyL/5++JUG9Mewu+BmnkCRbT6j6S45ZrJAsb4L53tdIAmox3FqE3c0Tx9
nOTC64YAhaTGZKN6V2+cnovy9qECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQg1BZb
TnHXXX7kCD351bBNtrQqNzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTg1NTdhODktYjQzMS00OWMzLWJjMGUtZDQ5ZTJkNGM3OWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
QDANBgkqhkiG9w0BAQsFAAOCAQEAYZvYJ/gc5e/GEMg54AEB/yybR0g+yu2jnR9y
rNEygHdueL80zIUSoA9GA2zr97AmynsSagHQAH2WfrLs7sJQ1FdmFlxyRvDZQdt5
dbH4WmX/LGA6fnbnHW/Nzd0RO2oW2T/kiRhY7p3OSqoXwtSnX02OmQMLHPdvShyK
jf7QYtGcfpmqx6b8nkYBkHids662aBraKSU5Tjlf6i9SZcIkD4CH9vco9O6YeI4c
cgvbZ9gUF2NvWVk30u1Dwzbh/pMMLiSyRbOA2utzMzIOYiYXYJvojByYerP3TBxo
bt+N9Kx30i5dZu4Ah9zRW/FACuRraf6kRjXaVJAeQ+Es+iamUQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:33 2025 by rpki-client