Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
File: 6bd3f603-c189-489c-bdf5-631b47b2cd39.roa (raw, json)
Hash identifier: fOFxZCBvFKcPYPvgQUNMAydobk0uPoy8+a4MUSwQ+G0=
Subject key identifier: 70:46:B3:3A:FE:E8:1F:5D:73:C7:9E:41:0E:EC:B3:13:7C:A4:D2:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79EE81E8679651802D7B3D7B4ED168D683D72F7D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
Signing time: Fri 26 Sep 2025 18:20:56 +0000
ROA not before: Fri 26 Sep 2025 18:20:56 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:ee:81:e8:67:96:51:80:2d:7b:3d:7b:4e:d1:68:d6:83:d7:2f:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:20:56 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a7fb868c43aa74c757a14417d366b93d27d7278620161357061bc48f773a7ffc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4d:df:ee:1c:21:ff:31:a3:01:74:9e:a5:79:
2e:14:5e:18:06:cb:61:2f:3b:c9:31:51:9e:67:53:
e5:95:42:bd:2d:01:a2:e9:7c:07:8e:46:1f:3c:a1:
d3:e3:da:18:c6:85:60:a1:4f:97:a8:f8:a3:ae:e9:
1b:59:12:39:b1:d5:13:7b:f4:cf:79:75:a1:b2:24:
3e:43:e9:80:c8:a7:c9:1b:8c:1d:ef:57:2d:1c:6c:
53:51:fb:3d:1e:46:b2:55:1f:0d:62:95:83:bf:88:
6c:b2:88:d7:78:94:b8:25:5e:c2:ea:53:b9:f8:06:
a8:c0:69:63:4a:b2:09:18:ad:5f:0f:b0:5c:3c:3b:
90:34:cf:50:df:1a:99:47:da:41:b4:94:3c:e9:ee:
08:40:23:da:c2:fb:55:b9:cb:48:c1:c4:14:24:fc:
ac:24:5e:b2:e7:3a:af:18:8b:c3:76:35:7d:4a:4b:
ab:d0:8e:ad:d3:2e:d3:ae:6f:36:6d:8f:98:39:6e:
f8:9e:f6:57:49:44:bc:df:04:bf:c5:c7:d1:54:89:
6d:3a:76:d4:0a:d6:93:11:2d:5b:fc:6a:9f:76:51:
29:85:fd:13:53:02:3c:47:49:e1:a0:1a:aa:81:f2:
f4:5d:1d:b4:c0:af:60:a2:9f:da:17:d2:33:82:09:
62:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:46:B3:3A:FE:E8:1F:5D:73:C7:9E:41:0E:EC:B3:13:7C:A4:D2:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
c0:4b:e9:ec:07:85:ca:03:91:a5:52:cb:b7:4c:52:3a:80:76:
7e:23:f2:23:4a:e7:6c:2b:8b:6b:8b:34:e4:eb:9d:2c:fb:6f:
b0:ad:5a:4a:78:42:39:81:ee:0a:59:91:8d:99:49:38:ab:f8:
ee:87:b2:9e:46:52:7c:d4:16:8d:f8:3f:14:39:2b:38:cf:4b:
50:47:65:85:60:27:ce:fa:3c:86:86:9e:39:38:3c:d2:69:7a:
f2:e3:82:85:13:f2:68:3f:44:7b:3d:2a:85:28:41:30:9e:1b:
fd:ee:c6:e4:f2:e7:01:bd:81:e9:aa:82:70:61:2b:13:87:92:
1c:1c:6a:7d:ff:6a:15:61:69:8f:7d:4e:e5:04:29:d7:c4:1d:
85:5b:8a:4b:0e:4b:03:70:1a:1d:0c:67:0b:5a:67:cd:b0:e6:
06:8b:e1:6a:df:61:1f:56:a0:2d:cd:66:0d:b0:8d:09:54:3a:
24:1f:40:6d:bb:c3:b0:18:dd:3a:d2:9b:9b:53:4f:9d:d3:ec:
3f:64:e5:06:d7:71:98:ff:dd:e5:96:af:1a:f1:66:17:47:95:
36:0e:ae:c9:ba:0c:29:41:c5:67:7b:b2:ed:4b:ef:5c:6a:82:
ed:0f:6d:c4:91:4d:1d:ba:e0:c5:a5:97:f8:75:c7:67:15:3c:
83:85:03:38
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUee6B6GeWUYAtez17TtFo1oPXL30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODIwNTZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3ZmI4NjhjNDNhYTc0Yzc1N2ExNDQxN2QzNjZiOTNkMjdkNzI3ODYyMDE2
MTM1NzA2MWJjNDhmNzczYTdmZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1N3+4cIf8xowF0nqV5LhReGAbLYS87yTFRnmdT5ZVCvS0Boul8B45GHzyh
0+PaGMaFYKFPl6j4o67pG1kSObHVE3v0z3l1obIkPkPpgMinyRuMHe9XLRxsU1H7
PR5GslUfDWKVg7+IbLKI13iUuCVewupTufgGqMBpY0qyCRitXw+wXDw7kDTPUN8a
mUfaQbSUPOnuCEAj2sL7VbnLSMHEFCT8rCResuc6rxiLw3Y1fUpLq9COrdMu065v
Nm2PmDlu+J72V0lEvN8Ev8XH0VSJbTp21ArWkxEtW/xqn3ZRKYX9E1MCPEdJ4aAa
qoHy9F0dtMCvYKKf2hfSM4IJYhUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRwRrM6
/ugfXXPHnkEO7LMTfKTS/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmJkM2Y2MDMtYzE4OS00ODljLWJkZjUtNjMxYjQ3YjJjZDM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
wDANBgkqhkiG9w0BAQsFAAOCAQEAwEvp7AeFygORpVLLt0xSOoB2fiPyI0rnbCuL
a4s05OudLPtvsK1aSnhCOYHuClmRjZlJOKv47oeynkZSfNQWjfg/FDkrOM9LUEdl
hWAnzvo8hoaeOTg80ml68uOChRPyaD9Eez0qhShBMJ4b/e7G5PLnAb2B6aqCcGEr
E4eSHBxqff9qFWFpj31O5QQp18QdhVuKSw5LA3AaHQxnC1pnzbDmBovhat9hH1ag
Lc1mDbCNCVQ6JB9AbbvDsBjdOtKbm1NPndPsP2TlBtdxmP/d5ZavGvFmF0eVNg6u
yboMKUHFZ3uy7UvvXGqC7Q9txJFNHbrgxaWX+HXHZxU8g4UDOA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:50 2025 by rpki-client