Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e11a1fd-46e4-4d91-84e8-f174e0774136.roa
File: 6e11a1fd-46e4-4d91-84e8-f174e0774136.roa (raw, json)
Hash identifier: BpH/wdIIE6XJl+pasXepPHXjO2vQbkAa1XTzWQFmBDQ=
Subject key identifier: 3A:4E:08:62:AF:CD:6E:9C:3E:C6:CB:2D:9A:FF:D5:1A:BE:3C:3F:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65F703445009C3705EA8375DEE15020093BD44F3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e11a1fd-46e4-4d91-84e8-f174e0774136.roa
Signing time: Mon 06 Oct 2025 18:01:01 +0000
ROA not before: Mon 06 Oct 2025 18:01:01 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:e0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:f7:03:44:50:09:c3:70:5e:a8:37:5d:ee:15:02:00:93:bd:44:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:01:01 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=6874beabb49710f1e9613962a02a4d540f4ace6f7dafc806b8ff3b4eeb743d70, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fd:db:3f:da:e6:39:b6:01:ed:e1:43:c4:72:
f3:c1:85:bd:87:c7:ab:f0:84:39:0d:ac:92:ba:3b:
50:42:ae:6a:b3:dc:f3:4b:d8:36:28:90:64:22:6b:
50:4e:b5:e0:06:c5:35:98:78:32:2c:e6:0e:e8:4a:
d2:43:8a:a6:d5:db:27:96:c3:16:d4:c3:01:47:85:
9a:1e:d5:f5:bb:54:e7:71:fa:1c:42:cc:18:c3:13:
18:c3:f6:ec:9d:3d:fc:3f:53:9f:72:84:b6:14:0c:
46:78:8f:f4:60:90:3a:44:23:b5:7a:5e:34:a5:56:
4e:9f:fa:7f:e1:54:19:cf:58:df:f1:50:73:7d:00:
2f:a3:bd:1c:0a:8f:10:d0:3c:c5:7f:ca:7d:3f:26:
22:67:8b:44:da:09:6a:71:68:82:29:a4:14:22:55:
e1:09:b8:e0:b5:47:2d:34:27:4f:fb:8b:35:4e:ca:
14:92:0a:d5:2b:80:a1:0c:59:eb:82:a2:87:a3:c4:
37:e1:cd:5a:a6:7a:e2:6e:b1:8b:d5:cd:c7:fc:4e:
e5:e8:19:19:cb:24:bc:ef:11:8c:56:73:77:5e:3d:
0f:6c:90:79:24:ec:bf:31:ce:9c:59:e9:88:1d:42:
75:14:40:68:44:ea:a0:e9:94:8a:6d:48:ec:3b:ce:
64:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:4E:08:62:AF:CD:6E:9C:3E:C6:CB:2D:9A:FF:D5:1A:BE:3C:3F:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e11a1fd-46e4-4d91-84e8-f174e0774136.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:e0c0::/46
Signature Algorithm: sha256WithRSAEncryption
1e:e8:05:55:2a:7d:2f:2a:10:85:db:11:a0:4d:ec:46:ae:92:
43:ee:76:cf:62:e9:bf:67:74:d0:79:7f:69:07:6d:82:ee:1b:
98:67:1b:b3:ea:c0:ff:f5:a4:5f:eb:bc:4f:23:67:71:c6:5d:
7e:76:93:60:a7:d1:4b:33:14:b2:db:34:da:7d:d7:ec:17:be:
0a:4a:9b:e8:29:a5:ab:4a:d3:26:ec:0b:b3:05:0f:e1:29:83:
1f:b7:73:47:d9:7d:34:59:60:4b:15:73:83:20:4c:b3:ad:1f:
f2:da:fd:d0:85:b0:d1:99:9a:a5:ec:4a:d3:e7:14:ce:c3:67:
0c:9e:6f:8e:59:cd:9a:1a:9d:df:81:a1:12:d6:02:3b:42:84:
0c:03:7d:d8:81:6b:bb:28:95:b5:4e:1c:24:23:82:06:10:2c:
ff:e3:10:71:08:f4:e9:7b:18:9f:0f:d9:e8:8c:ad:2e:c1:36:
c6:7b:a9:a2:b8:17:15:8a:a3:7f:4f:4b:75:78:38:96:42:32:
35:b9:3a:36:6b:ca:cc:4f:cf:5c:91:37:bd:76:fa:c7:09:36:
e2:8f:e6:49:0a:99:df:07:b3:a8:cc:bc:8e:27:35:2f:79:34:
b9:33:41:82:78:7b:86:77:6a:31:ab:51:b7:dc:92:01:e3:e8:
cc:57:10:1d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZfcDRFAJw3BeqDdd7hUCAJO9RPMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAxMDFaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4NzRiZWFiYjQ5NzEwZjFlOTYxMzk2MmEwMmE0ZDU0MGY0YWNlNmY3ZGFm
YzgwNmI4ZmYzYjRlZWI3NDNkNzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJj92z/a5jm2Ae3hQ8Ry88GFvYfHq/CEOQ2skro7UEKuarPc80vYNiiQZCJr
UE614AbFNZh4MizmDuhK0kOKptXbJ5bDFtTDAUeFmh7V9btU53H6HELMGMMTGMP2
7J09/D9Tn3KEthQMRniP9GCQOkQjtXpeNKVWTp/6f+FUGc9Y3/FQc30AL6O9HAqP
ENA8xX/KfT8mImeLRNoJanFogimkFCJV4Qm44LVHLTQnT/uLNU7KFJIK1SuAoQxZ
64Kih6PEN+HNWqZ64m6xi9XNx/xO5egZGcskvO8RjFZzd149D2yQeSTsvzHOnFnp
iB1CdRRAaETqoOmUim1I7DvOZGUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ6Tghi
r81unD7Gyy2a/9Uavjw/DjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmUxMWExZmQtNDZlNC00ZDkxLTg0ZTgtZjE3NGUwNzc0MTM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPg
wDANBgkqhkiG9w0BAQsFAAOCAQEAHugFVSp9LyoQhdsRoE3sRq6SQ+52z2Lpv2d0
0Hl/aQdtgu4bmGcbs+rA//WkX+u8TyNnccZdfnaTYKfRSzMUsts02n3X7Be+Ckqb
6Cmlq0rTJuwLswUP4SmDH7dzR9l9NFlgSxVzgyBMs60f8tr90IWw0ZmapexK0+cU
zsNnDJ5vjlnNmhqd34GhEtYCO0KEDAN92IFruyiVtU4cJCOCBhAs/+MQcQj06XsY
nw/Z6IytLsE2xnuporgXFYqjf09LdXg4lkIyNbk6NmvKzE/PXJE3vXb6xwk24o/m
SQqZ3wezqMy8jic1L3k0uTNBgnh7hndqMatRt9ySAePozFcQHQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:33 2025 by rpki-client