Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
File: 8eb63ceb-3350-490c-9a1a-85b2563a8947.roa (raw, json)
Hash identifier: aPQw2T//b2dyT47BA7b4X5Wsw0q0m8jzVw6Ka2CR7nI=
Subject key identifier: 83:20:7E:6E:3F:D8:EC:B9:A1:91:F8:2C:BE:98:79:9C:D0:DA:9C:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47DCC840A12328D8C704982FD28531F2BE221D70
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
Signing time: Fri 26 Sep 2025 19:51:07 +0000
ROA not before: Fri 26 Sep 2025 19:51:07 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:dc:c8:40:a1:23:28:d8:c7:04:98:2f:d2:85:31:f2:be:22:1d:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:51:07 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=78c0bf0684f437f089fbf643daa95ee1520e83fc870e3c905c34d85a355fc3a0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ee:9c:e8:a0:52:fb:e4:38:11:43:8c:30:1d:
8d:b0:10:3e:30:9e:0b:78:cc:48:43:07:50:82:ee:
7a:a8:39:25:33:20:f8:07:dd:6c:15:b4:08:51:1d:
db:1d:b3:96:30:5f:43:47:cc:04:d9:5d:07:51:82:
d7:40:de:7c:16:65:15:38:80:c9:0b:4f:35:e4:b5:
48:44:b3:91:87:29:4b:6e:39:2b:44:42:a0:48:0c:
01:b7:34:0c:5d:42:63:31:a7:03:e2:14:55:09:8c:
dd:98:01:dc:d0:04:0e:3e:2f:29:21:13:33:b2:a9:
33:91:7c:3e:09:70:e0:b1:29:f1:bf:43:c0:4a:cb:
63:11:2f:76:55:0e:79:d0:14:54:99:6e:1b:eb:1a:
3a:07:47:95:8b:0b:cb:f0:76:a7:94:af:77:fa:49:
ce:1a:ff:a5:1c:91:f8:15:e6:07:5b:77:b5:a6:fa:
ad:68:b5:dd:f3:51:5f:ec:df:1e:5a:ef:a3:7d:92:
02:35:f2:88:88:b0:9f:70:24:91:c7:67:7f:0b:e0:
a6:f8:5a:be:61:9e:31:8b:4d:91:44:3f:60:cb:a6:
d7:82:05:af:a6:8f:9d:a3:7c:20:f7:57:5d:30:7d:
6b:17:c7:34:20:e6:8f:fa:b0:b9:c3:07:74:63:01:
35:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:20:7E:6E:3F:D8:EC:B9:A1:91:F8:2C:BE:98:79:9C:D0:DA:9C:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:4000::/40
Signature Algorithm: sha256WithRSAEncryption
64:8b:72:93:27:dc:3c:22:66:e0:16:73:99:02:c3:0f:b5:43:
6e:30:f5:25:68:f0:15:1d:12:bb:c4:25:c7:bc:e9:7e:17:56:
5d:8a:af:2b:e4:05:be:ad:b4:ec:60:cc:53:5f:49:0b:66:75:
33:c2:66:ce:0d:4d:45:75:b9:43:31:14:f8:2b:e6:77:fc:20:
eb:50:25:25:25:63:fb:11:a4:46:ed:9a:20:e7:9e:d7:f6:0b:
e7:ff:c1:a2:99:b8:4d:06:69:44:73:7c:c2:16:5d:7f:85:02:
77:72:c4:c7:7c:6b:1f:2b:f8:52:46:54:8b:d8:01:b1:d8:bc:
78:1b:18:16:8e:18:50:97:d9:19:90:f2:50:cd:13:4b:58:fc:
27:71:8a:7f:dc:18:e9:d3:eb:80:b9:24:a8:ab:1c:41:18:32:
cc:6e:cc:3e:a7:dc:c7:0b:66:bd:20:96:12:2a:90:d3:2a:b1:
6f:a5:a9:fd:ce:9b:1b:46:6b:06:04:27:13:8a:46:11:44:e7:
2e:47:75:9f:c7:b8:6f:d9:c1:19:41:8b:ee:24:05:fb:1e:f3:
86:89:ef:af:ff:7e:f2:4f:2b:11:fa:e9:16:f3:63:f2:1f:21:
55:d5:bd:16:4e:15:72:4e:5a:c2:b0:8a:6b:a0:c1:fc:ad:99:
07:81:ce:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR9zIQKEjKNjHBJgv0oUx8r4iHXAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTUxMDdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4YzBiZjA2ODRmNDM3ZjA4OWZiZjY0M2RhYTk1ZWUxNTIwZTgzZmM4NzBl
M2M5MDVjMzRkODVhMzU1ZmMzYTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDunOigUvvkOBFDjDAdjbAQPjCeC3jMSEMHUILueqg5JTMg+AfdbBW0CFEd
2x2zljBfQ0fMBNldB1GC10DefBZlFTiAyQtPNeS1SESzkYcpS245K0RCoEgMAbc0
DF1CYzGnA+IUVQmM3ZgB3NAEDj4vKSETM7KpM5F8Pglw4LEp8b9DwErLYxEvdlUO
edAUVJluG+saOgdHlYsLy/B2p5Svd/pJzhr/pRyR+BXmB1t3tab6rWi13fNRX+zf
Hlrvo32SAjXyiIiwn3AkkcdnfwvgpvhavmGeMYtNkUQ/YMum14IFr6aPnaN8IPdX
XTB9axfHNCDmj/qwucMHdGMBNdcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSDIH5u
P9jsuaGR+Cy+mHmc0NqcmzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGViNjNjZWItMzM1MC00OTBjLTlhMWEtODViMjU2M2E4OTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFA
MA0GCSqGSIb3DQEBCwUAA4IBAQBki3KTJ9w8ImbgFnOZAsMPtUNuMPUlaPAVHRK7
xCXHvOl+F1Zdiq8r5AW+rbTsYMxTX0kLZnUzwmbODU1FdblDMRT4K+Z3/CDrUCUl
JWP7EaRG7Zog557X9gvn/8GimbhNBmlEc3zCFl1/hQJ3csTHfGsfK/hSRlSL2AGx
2Lx4GxgWjhhQl9kZkPJQzRNLWPwncYp/3Bjp0+uAuSSoqxxBGDLMbsw+p9zHC2a9
IJYSKpDTKrFvpan9zpsbRmsGBCcTikYRROcuR3Wfx7hv2cEZQYvuJAX7HvOGie+v
/37yTysR+ukW82PyHyFV1b0WThVyTlrCsIproMH8rZkHgc4D
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:01 2025 by rpki-client