Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
File: b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa (raw, json)
Hash identifier: 9BtdgECivOFemfMHP+kP+iuoWYjk6ZA0j7OClHeQZlc=
Subject key identifier: 00:71:46:9A:CC:4A:37:DD:AE:3E:6A:41:45:E0:09:8A:67:57:19:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 244713F6F2D199FB7F5EB6F7343A52B877A1B459
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
Signing time: Fri 26 Sep 2025 20:01:31 +0000
ROA not before: Fri 26 Sep 2025 20:01:31 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:47:13:f6:f2:d1:99:fb:7f:5e:b6:f7:34:3a:52:b8:77:a1:b4:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:01:31 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=cba6528a17d4e2cffe2c8fe2118ceadf9eb383a1955d5536418964f87089b8bc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:01:c8:ee:2d:f1:a6:96:a2:bd:06:b1:7e:3d:
d6:e8:24:9f:5d:87:74:ba:dc:3d:ee:2b:f5:da:57:
21:79:35:ef:94:67:2d:ab:11:2a:8f:03:4c:8e:51:
8b:fe:67:9d:f2:a7:05:f2:0b:b7:e7:f8:06:30:2a:
2c:69:9e:83:65:19:dc:cf:3d:47:2d:65:f5:c5:97:
17:d9:c7:4f:e7:8d:ce:c6:71:3c:fb:0c:9c:26:cd:
3f:fb:6c:88:b0:db:0d:ce:1c:4d:05:4f:99:26:d4:
f9:d3:72:db:6d:d0:64:16:e6:ca:cc:e1:85:2d:de:
7d:a2:7b:69:7b:6f:45:f7:eb:46:c2:ad:4e:34:da:
6e:b5:a4:6a:12:b2:05:1e:5f:fc:49:f4:b4:83:08:
bb:d4:67:e5:9e:33:62:ad:01:26:d3:0a:f5:ca:e4:
af:20:88:ec:94:bd:ba:47:e8:13:5a:de:73:84:1a:
02:29:bb:2b:9f:10:78:ac:d9:7b:64:f7:06:ec:1f:
de:91:b4:b2:58:6d:fd:6e:6e:71:df:80:09:61:d8:
87:89:54:84:2c:a7:81:d5:19:6f:18:db:a3:1b:c3:
2e:92:7c:89:39:3f:2c:1f:ce:17:15:5e:a5:54:92:
d6:6f:8b:51:2b:c2:28:79:d3:4d:d4:c7:25:72:76:
55:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:71:46:9A:CC:4A:37:DD:AE:3E:6A:41:45:E0:09:8A:67:57:19:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:400::/38
Signature Algorithm: sha256WithRSAEncryption
67:bd:b6:d6:03:10:b9:ec:e7:fa:ba:bc:3e:13:77:cd:cd:00:
40:26:a5:67:03:37:de:ba:1e:f0:b0:46:a8:e2:b9:18:74:61:
7c:f9:ea:17:d4:74:4b:17:48:e4:3e:ae:d9:2e:ec:cf:07:54:
27:82:b8:9b:c9:ab:02:6c:51:1b:51:12:eb:1a:39:e5:17:06:
8b:c6:69:50:77:40:2c:ac:86:7e:9f:ae:8a:ed:fd:e8:03:1d:
fe:bd:3b:d5:7c:11:fd:c1:e5:e4:b3:3c:6d:82:75:85:c9:0a:
a5:91:16:0d:57:d8:c2:fd:10:0a:63:ff:99:a9:a9:75:8f:8b:
87:90:f0:00:98:7f:ed:a7:07:e2:58:e1:96:0f:b3:0c:08:26:
eb:8f:0f:61:d9:06:b7:3e:ba:db:20:60:e8:4e:67:a9:61:ea:
07:00:ae:ab:f8:06:5a:4a:a7:0e:e1:d5:cd:dd:07:20:37:34:
46:69:7b:41:9c:9b:f1:6c:9e:cc:78:53:b8:04:dc:b5:a5:67:
e6:08:64:a8:0b:84:e2:a3:04:66:06:6a:b8:4d:fd:7f:3a:00:
b2:aa:89:fe:e2:17:7a:86:6d:12:83:bd:f2:47:fd:04:62:60:
a5:90:98:95:87:65:a7:c1:61:16:6c:45:b0:38:a2:cb:06:de:
b1:8d:03:b0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJEcT9vLRmft/Xrb3NDpSuHehtFkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAxMzFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiYTY1MjhhMTdkNGUyY2ZmZTJjOGZlMjExOGNlYWRmOWViMzgzYTE5NTVk
NTUzNjQxODk2NGY4NzA4OWI4YmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYByO4t8aaWor0GsX491ugkn12HdLrcPe4r9dpXIXk175RnLasRKo8DTI5R
i/5nnfKnBfILt+f4BjAqLGmeg2UZ3M89Ry1l9cWXF9nHT+eNzsZxPPsMnCbNP/ts
iLDbDc4cTQVPmSbU+dNy223QZBbmyszhhS3efaJ7aXtvRffrRsKtTjTabrWkahKy
BR5f/En0tIMIu9Rn5Z4zYq0BJtMK9crkryCI7JS9ukfoE1rec4QaAim7K58QeKzZ
e2T3Buwf3pG0slht/W5ucd+ACWHYh4lUhCyngdUZbxjboxvDLpJ8iTk/LB/OFxVe
pVSS1m+LUSvCKHnTTdTHJXJ2VekCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQAcUaa
zEo33a4+akFF4AmKZ1cZjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjcyYTk1NDAtNTFlZi00ZGNjLWE1ZTItMjQxNzI0OWExYWYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIE
MA0GCSqGSIb3DQEBCwUAA4IBAQBnvbbWAxC57Of6urw+E3fNzQBAJqVnAzfeuh7w
sEao4rkYdGF8+eoX1HRLF0jkPq7ZLuzPB1QngribyasCbFEbURLrGjnlFwaLxmlQ
d0AsrIZ+n66K7f3oAx3+vTvVfBH9weXkszxtgnWFyQqlkRYNV9jC/RAKY/+Zqal1
j4uHkPAAmH/tpwfiWOGWD7MMCCbrjw9h2Qa3PrrbIGDoTmepYeoHAK6r+AZaSqcO
4dXN3QcgNzRGaXtBnJvxbJ7MeFO4BNy1pWfmCGSoC4TiowRmBmq4Tf1/OgCyqon+
4hd6hm0Sg73yR/0EYmClkJiVh2WnwWEWbEWwOKLLBt6xjQOw
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:16 2025 by rpki-client