Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/924a4487-e709-4e7a-9c72-9678b465cef8.roa
File: 924a4487-e709-4e7a-9c72-9678b465cef8.roa (raw, json)
Hash identifier: 5ixsnEF2rwufmN8fyusCpvVlLhTPNBnRrVz5X/H+igo=
Subject key identifier: BA:62:EE:C0:48:5E:66:3F:52:A7:82:3E:ED:69:6B:01:9F:1B:05:3B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01DDFE3D496119559699BBEF48B4463CD4872CD2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/924a4487-e709-4e7a-9c72-9678b465cef8.roa
Signing time: Fri 10 Oct 2025 17:05:02 +0000
ROA not before: Fri 10 Oct 2025 17:05:02 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:dd:fe:3d:49:61:19:55:96:99:bb:ef:48:b4:46:3c:d4:87:2c:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:05:02 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=cf73dcb497c2031ab6fbcf60f41107d0b6eb926cb29769d74de19f6f64d7654f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:23:89:b4:c2:82:f5:02:a9:76:ab:c4:78:30:
01:a6:62:53:87:50:ee:b0:e1:ef:cb:62:f6:4c:37:
d0:1c:bb:d3:f2:eb:ed:d2:e9:69:65:ae:c2:b1:b2:
b3:86:0b:32:0d:a3:76:97:1a:df:86:36:bd:32:bb:
16:01:36:6b:cc:03:4f:25:fe:d4:83:4d:8d:64:90:
0f:8f:f9:58:69:35:db:25:6b:d4:c9:df:a7:e9:95:
ef:4f:85:db:45:b5:f1:36:9c:af:7b:f3:11:df:4d:
96:2d:0f:56:f5:5a:a8:ec:9b:ba:07:76:65:1f:42:
4f:73:cf:db:f2:15:6b:8a:05:15:1b:63:da:d5:de:
05:3a:de:12:64:1b:5c:53:89:41:dd:1f:2e:74:4c:
b0:f3:a9:b9:ea:ef:1e:90:ff:aa:31:4f:36:68:1c:
b9:b1:c9:d6:03:50:d9:a0:61:dd:63:fc:61:4b:ab:
69:35:24:b1:90:e5:03:58:3c:52:a1:e6:af:b7:09:
b4:93:65:5f:2d:93:1b:b5:20:3d:fd:be:20:1d:03:
3d:e0:72:bf:0c:49:64:f8:70:19:cf:68:f9:17:30:
09:37:ec:5c:2c:9b:f6:ee:86:a1:aa:c6:5f:10:d8:
76:26:84:2b:ac:1d:02:12:2d:38:4c:ed:35:c9:5d:
11:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:62:EE:C0:48:5E:66:3F:52:A7:82:3E:ED:69:6B:01:9F:1B:05:3B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/924a4487-e709-4e7a-9c72-9678b465cef8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:6000::/40
Signature Algorithm: sha256WithRSAEncryption
61:e3:83:33:95:d9:f6:6b:29:44:67:51:65:cf:0c:2c:05:66:
d1:97:3f:44:b4:70:4d:ac:f6:65:da:d9:0d:36:c4:d2:3b:11:
0d:b4:11:6d:d4:2b:65:a7:31:c2:46:f0:da:97:6b:e2:ce:74:
77:e8:9f:59:31:47:ad:c5:7f:e1:cd:3c:b4:67:e2:f5:2c:bb:
9f:51:c0:68:79:a6:88:9d:f3:11:d1:73:2e:af:59:4c:53:d8:
ab:01:b1:bf:7e:39:af:ad:68:1d:cb:d7:63:43:f0:ba:4d:01:
f9:84:b1:3c:31:3f:51:d2:79:fe:2f:df:5b:e0:f1:10:cc:0c:
49:ff:ee:4b:51:0a:3a:47:c4:ca:22:f0:0b:97:7f:87:9a:0f:
20:7c:70:24:7b:46:33:c7:43:66:bb:93:6f:b1:12:f8:0b:c6:
c0:33:83:21:4d:db:e3:1c:64:de:70:86:87:62:86:df:cd:6a:
f4:d8:e0:3f:10:e0:af:d2:9f:b4:55:c3:48:c4:2f:3c:7b:ea:
58:0a:49:db:fd:3a:93:f5:90:4c:4e:f8:d7:d3:c7:88:ad:af:
cb:2a:c3:8f:5d:f0:ac:ba:f5:96:0a:40:05:3f:9f:51:d8:ea:
77:7d:65:c0:02:1a:1d:16:e3:a9:f8:c5:31:6c:6a:63:0c:3d:
d5:cd:7a:5f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAd3+PUlhGVWWmbvvSLRGPNSHLNIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzA1MDJaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmNzNkY2I0OTdjMjAzMWFiNmZiY2Y2MGY0MTEwN2QwYjZlYjkyNmNiMjk3
NjlkNzRkZTE5ZjZmNjRkNzY1NGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkjibTCgvUCqXarxHgwAaZiU4dQ7rDh78ti9kw30By70/Lr7dLpaWWuwrGy
s4YLMg2jdpca34Y2vTK7FgE2a8wDTyX+1INNjWSQD4/5WGk12yVr1Mnfp+mV70+F
20W18Tacr3vzEd9Nli0PVvVaqOybugd2ZR9CT3PP2/IVa4oFFRtj2tXeBTreEmQb
XFOJQd0fLnRMsPOpuervHpD/qjFPNmgcubHJ1gNQ2aBh3WP8YUuraTUksZDlA1g8
UqHmr7cJtJNlXy2TG7UgPf2+IB0DPeByvwxJZPhwGc9o+RcwCTfsXCyb9u6GoarG
XxDYdiaEK6wdAhItOEztNcldEUECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS6Yu7A
SF5mP1Kngj7taWsBnxsFOzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTI0YTQ0ODctZTcwOS00ZTdhLTljNzItOTY3OGI0NjVjZWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRg
MA0GCSqGSIb3DQEBCwUAA4IBAQBh44Mzldn2aylEZ1FlzwwsBWbRlz9EtHBNrPZl
2tkNNsTSOxENtBFt1CtlpzHCRvDal2viznR36J9ZMUetxX/hzTy0Z+L1LLufUcBo
eaaInfMR0XMur1lMU9irAbG/fjmvrWgdy9djQ/C6TQH5hLE8MT9R0nn+L99b4PEQ
zAxJ/+5LUQo6R8TKIvALl3+Hmg8gfHAke0Yzx0Nmu5NvsRL4C8bAM4MhTdvjHGTe
cIaHYobfzWr02OA/EOCv0p+0VcNIxC88e+pYCknb/TqT9ZBMTvjX08eIra/LKsOP
XfCsuvWWCkAFP59R2Op3fWXAAhodFuOp+MUxbGpjDD3VzXpf
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:14 2025 by rpki-client