Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7109e934-b803-4bd3-8dfc-cfe0c2222824.roa
File: 7109e934-b803-4bd3-8dfc-cfe0c2222824.roa (raw, json)
Hash identifier: 3lBxieOMRy8jZlYU+3vebbqeZ4aif53Qg56eNYg0yXY=
Subject key identifier: 16:A1:3C:6E:93:2B:15:38:ED:59:D3:52:37:E8:C4:EA:AA:BA:CD:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F9918031765BF52A1D0C39CC4BE77007B4628DD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7109e934-b803-4bd3-8dfc-cfe0c2222824.roa
Signing time: Mon 06 Oct 2025 18:00:59 +0000
ROA not before: Mon 06 Oct 2025 18:00:59 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:5040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:99:18:03:17:65:bf:52:a1:d0:c3:9c:c4:be:77:00:7b:46:28:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:00:59 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=6e5d046a4caa7ec44b12c17601b0e2679e9848a5d064f6030b58b5a94a018a37, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0b:5a:b4:3f:3c:f7:ec:db:02:58:68:63:6f:
43:b8:b1:43:5f:e1:e6:8c:9c:03:97:a7:a5:d2:c7:
69:e1:51:c5:f3:9f:e4:d5:20:18:c3:91:fd:7e:8d:
9d:dc:e1:8a:06:05:78:4e:0d:ec:d0:6c:c0:a2:a2:
6d:fa:70:a0:97:89:75:62:eb:b9:36:ac:13:63:fd:
44:76:a7:43:27:d8:db:6d:b9:00:ab:2d:77:63:bb:
c6:00:dd:81:13:87:19:8d:f1:e9:f0:83:25:90:ee:
c4:66:80:88:9b:ce:3a:26:5d:1b:cf:08:1e:5d:30:
bd:2b:bc:18:20:f8:16:41:9d:9c:1d:29:39:e0:de:
a0:db:d0:ca:dc:3e:da:bd:63:dc:59:2b:58:e5:5f:
02:75:a9:4a:19:f8:4a:f5:95:d0:e3:54:3d:f2:03:
36:0c:e0:da:61:1d:dc:dc:51:a9:16:ab:1d:6f:68:
7c:47:3d:0a:c2:bc:2b:a9:6c:8d:f4:b7:37:94:6f:
29:35:9b:21:60:8f:48:9b:d2:a8:a6:02:17:37:ba:
7e:57:de:35:a2:a3:f9:0d:44:cc:11:b1:d5:0c:a9:
61:90:4b:d6:b2:52:c2:ef:bf:b5:a4:61:71:b4:2e:
64:5d:87:a6:df:21:38:c7:4b:da:27:b2:26:6a:61:
8b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:A1:3C:6E:93:2B:15:38:ED:59:D3:52:37:E8:C4:EA:AA:BA:CD:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7109e934-b803-4bd3-8dfc-cfe0c2222824.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:5040::/46
Signature Algorithm: sha256WithRSAEncryption
c2:36:db:dd:3a:04:c3:39:88:35:14:8c:a5:67:c7:80:91:4b:
2d:f8:8b:50:28:04:57:ad:cd:75:76:ae:84:78:b8:5d:5b:c8:
22:bd:cd:b5:4b:d5:90:5c:3d:ba:e6:0a:5d:c4:df:f9:f7:c2:
11:ad:47:c4:13:37:64:50:2a:e7:0b:dd:27:de:2e:c5:09:9d:
2d:de:11:05:bb:0d:54:05:86:d9:60:b1:d3:95:71:58:f4:a5:
47:40:14:5f:01:98:45:07:17:45:77:fa:46:28:88:16:c6:14:
5f:50:17:f2:2d:7e:3e:8e:97:e4:29:93:08:40:15:3b:68:e2:
1e:c5:15:65:f0:84:ba:3d:8b:38:90:8c:47:0b:dc:80:3f:1a:
02:1a:d1:c3:ab:a7:7b:08:3d:7c:34:a2:a5:9f:76:ef:a6:45:
a9:74:5b:bd:78:4d:46:31:d9:26:e4:a0:62:2a:53:6e:71:06:
b4:40:1d:a0:a4:45:e1:c9:7a:84:73:c2:25:25:50:16:f4:5a:
ca:9e:c1:05:45:51:03:c8:f4:f6:57:30:f8:ee:47:d7:fd:48:
55:c4:c8:87:e6:18:e7:d8:b3:45:4f:17:a1:7c:11:2c:31:a8:
83:20:fe:88:85:a5:04:b7:3a:7d:05:03:85:11:63:d4:f8:1f:
89:95:b7:59
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUP5kYAxdlv1Kh0MOcxL53AHtGKN0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAwNTlaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlNWQwNDZhNGNhYTdlYzQ0YjEyYzE3NjAxYjBlMjY3OWU5ODQ4YTVkMDY0
ZjYwMzBiNThiNWE5NGEwMThhMzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMALWrQ/PPfs2wJYaGNvQ7ixQ1/h5oycA5enpdLHaeFRxfOf5NUgGMOR/X6N
ndzhigYFeE4N7NBswKKibfpwoJeJdWLruTasE2P9RHanQyfY2225AKstd2O7xgDd
gROHGY3x6fCDJZDuxGaAiJvOOiZdG88IHl0wvSu8GCD4FkGdnB0pOeDeoNvQytw+
2r1j3FkrWOVfAnWpShn4SvWV0ONUPfIDNgzg2mEd3NxRqRarHW9ofEc9CsK8K6ls
jfS3N5RvKTWbIWCPSJvSqKYCFze6flfeNaKj+Q1EzBGx1QypYZBL1rJSwu+/taRh
cbQuZF2Hpt8hOMdL2ieyJmphi58CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQWoTxu
kysVOO1Z01I36MTqqrrNYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzEwOWU5MzQtYjgwMy00YmQzLThkZmMtY2ZlMGMyMjIyODI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAwjbb3ToEwzmINRSMpWfHgJFLLfiLUCgEV63N
dXauhHi4XVvIIr3NtUvVkFw9uuYKXcTf+ffCEa1HxBM3ZFAq5wvdJ94uxQmdLd4R
BbsNVAWG2WCx05VxWPSlR0AUXwGYRQcXRXf6RiiIFsYUX1AX8i1+Po6X5CmTCEAV
O2jiHsUVZfCEuj2LOJCMRwvcgD8aAhrRw6unewg9fDSipZ9276ZFqXRbvXhNRjHZ
JuSgYipTbnEGtEAdoKRF4cl6hHPCJSVQFvRayp7BBUVRA8j09lcw+O5H1/1IVcTI
h+YY59izRU8XoXwRLDGogyD+iIWlBLc6fQUDhRFj1PgfiZW3WQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:22 2025 by rpki-client