Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa
File: 6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa (raw, json)
Hash identifier: XRAQnwXkoPKA/+aVN2GVQXZBfxvmPIVZp8f0COddKoM=
Subject key identifier: B9:13:7A:27:FD:C0:2E:1D:5B:CD:C9:31:B5:85:FE:01:69:1D:A6:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C45EB4EAC158DF1C1C082B05BBDB98510011842
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa
Signing time: Fri 26 Sep 2025 19:21:07 +0000
ROA not before: Fri 26 Sep 2025 19:21:07 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:45:eb:4e:ac:15:8d:f1:c1:c0:82:b0:5b:bd:b9:85:10:01:18:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:21:07 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=fbcdc02e631b4b58f27a7dbca03090f636bbbab6671a26c94c5febbf185759c1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:af:09:2f:6b:9b:8b:77:c4:39:0e:ab:84:67:
d1:4e:7e:42:23:27:93:a9:73:1a:2a:7e:b8:31:e2:
79:66:be:c5:5d:dc:97:7b:29:20:cb:be:3f:6d:1a:
93:71:6d:a1:34:80:9a:a3:2f:97:2c:87:bb:96:9f:
5d:c1:24:5b:9d:99:db:ca:03:c1:4d:8e:25:85:71:
ef:b9:c2:e7:d5:4a:ea:42:38:ac:71:05:02:b2:9a:
d8:8e:be:a5:0c:6f:25:7c:a6:41:3d:75:3b:48:e8:
6c:d9:d3:86:5b:f4:ba:83:a1:80:00:b6:52:6d:18:
68:43:a3:19:8c:27:53:27:57:07:36:b8:6b:a6:d5:
f4:e9:de:0c:3d:bb:ee:2c:6c:5b:df:b7:6c:a2:25:
a4:62:b6:a5:67:45:cf:0d:8d:ee:fb:e3:db:bb:d7:
cb:92:68:a3:c4:f7:1a:f9:f0:b0:fd:ff:35:e1:b5:
05:e0:8f:87:cf:b2:69:32:48:ed:76:4c:e0:8c:53:
74:de:2d:79:59:cf:e2:45:8d:d3:ef:04:48:64:fc:
6e:d0:f7:7c:aa:ef:4f:d2:65:d8:81:1a:0f:bd:b9:
65:5e:b3:02:c3:de:79:b2:0b:a2:e4:ef:59:15:b7:
fb:60:67:f1:28:7e:07:dd:a7:5c:0c:5e:e5:77:a2:
64:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:13:7A:27:FD:C0:2E:1D:5B:CD:C9:31:B5:85:FE:01:69:1D:A6:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:c000::/40
Signature Algorithm: sha256WithRSAEncryption
40:5a:2f:00:62:9b:4a:5e:3e:ab:d4:5c:77:23:99:b2:0a:34:
64:69:a8:09:7b:cf:81:20:a5:90:8b:a6:0c:54:94:ac:48:83:
f0:81:43:9a:89:f0:9c:28:f7:ce:ed:3d:0a:25:64:cf:7b:86:
1f:c1:97:8a:1c:7e:a1:c6:86:34:7e:e7:9e:30:13:1d:e7:6a:
af:8e:6e:be:3a:04:1c:a2:a5:61:db:bf:08:d5:17:65:5b:98:
73:15:50:57:bd:2e:be:00:6d:fa:24:fe:c7:b6:58:a2:d2:d8:
69:46:dc:09:3c:07:d8:db:c9:07:1d:98:9e:d1:68:39:54:36:
22:f3:5d:38:7e:3d:e7:58:09:6a:95:7c:ca:63:2f:8c:fe:3c:
ec:1b:bc:c2:ec:33:65:c0:d5:c6:68:55:f1:1a:41:38:39:42:
3d:86:6d:0c:0a:3c:d0:e4:92:28:15:2f:c2:57:f1:d3:fc:b7:
c0:ac:21:5d:d4:69:14:78:60:97:eb:ae:15:de:7b:f2:82:ac:
36:1b:cb:54:69:75:35:12:e8:a5:de:d2:c8:55:96:61:bc:a7:
22:c1:b1:84:c7:18:25:8f:46:34:90:2c:b5:d5:0a:29:73:91:
48:58:a3:72:03:21:11:fe:2a:1a:4f:20:46:1d:c4:7b:e5:e5:
5b:65:ad:28
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfEXrTqwVjfHBwIKwW725hRABGEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTIxMDdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiY2RjMDJlNjMxYjRiNThmMjdhN2RiY2EwMzA5MGY2MzZiYmJhYjY2NzFh
MjZjOTRjNWZlYmJmMTg1NzU5YzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJyvCS9rm4t3xDkOq4Rn0U5+QiMnk6lzGip+uDHieWa+xV3cl3spIMu+P20a
k3FtoTSAmqMvlyyHu5afXcEkW52Z28oDwU2OJYVx77nC59VK6kI4rHEFArKa2I6+
pQxvJXymQT11O0jobNnThlv0uoOhgAC2Um0YaEOjGYwnUydXBza4a6bV9OneDD27
7ixsW9+3bKIlpGK2pWdFzw2N7vvj27vXy5Joo8T3GvnwsP3/NeG1BeCPh8+yaTJI
7XZM4IxTdN4teVnP4kWN0+8ESGT8btD3fKrvT9Jl2IEaD725ZV6zAsPeebILouTv
WRW3+2Bn8Sh+B92nXAxe5XeiZCUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS5E3on
/cAuHVvNyTG1hf4BaR2mojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmVlNDI0ZDYtYTA2Ny00ZmI5LWE4MmUtMDU4OTBjZjhhODhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FjA
MA0GCSqGSIb3DQEBCwUAA4IBAQBAWi8AYptKXj6r1Fx3I5myCjRkaagJe8+BIKWQ
i6YMVJSsSIPwgUOaifCcKPfO7T0KJWTPe4YfwZeKHH6hxoY0fueeMBMd52qvjm6+
OgQcoqVh278I1RdlW5hzFVBXvS6+AG36JP7Htlii0thpRtwJPAfY28kHHZie0Wg5
VDYi8104fj3nWAlqlXzKYy+M/jzsG7zC7DNlwNXGaFXxGkE4OUI9hm0MCjzQ5JIo
FS/CV/HT/LfArCFd1GkUeGCX664V3nvygqw2G8tUaXU1Euil3tLIVZZhvKciwbGE
xxglj0Y0kCy11Qopc5FIWKNyAyER/ioaTyBGHcR75eVbZa0o
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:20 2025 by rpki-client