Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
File: b83c6ff3-492f-409c-86bf-cb90ca64f452.roa (raw, json)
Hash identifier: I3AWcfuGDZ1h6XWGCup6LlAn2p4xsLNk/InECxiT9ko=
Subject key identifier: B8:A1:9D:08:2F:D7:FF:E9:5D:AE:EB:6E:8C:6A:FD:01:2C:48:8E:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D183A96FCB3B8F4DAB840EFEF7621FE6E6D3F1C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
Signing time: Fri 10 Oct 2025 17:04:23 +0000
ROA not before: Fri 10 Oct 2025 17:04:23 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:18:3a:96:fc:b3:b8:f4:da:b8:40:ef:ef:76:21:fe:6e:6d:3f:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:04:23 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=7aa7d54f2008c2123b5cdd46ecec06e1e24d14cfadcce122299ae88969ee7d62, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:3e:59:3e:ee:80:d7:6b:14:58:11:bd:32:13:
61:67:c2:b0:69:a6:29:aa:6a:e9:f2:a5:b4:cd:80:
2b:4c:2b:44:ce:d2:3e:70:59:86:8e:9a:17:5c:e4:
c2:54:f1:82:38:a4:f3:c3:00:72:8d:dc:0b:ae:90:
89:b0:2e:4a:e9:ee:7d:1e:99:e8:5a:f4:97:37:c8:
4b:99:ea:f3:22:34:ec:06:76:f8:99:7a:01:33:35:
92:04:e2:8d:fb:5a:e2:7a:de:72:cd:80:db:48:1a:
59:64:90:aa:6a:34:c1:3b:d7:48:13:f7:ee:a1:49:
a2:4b:f2:30:e0:54:a7:46:b3:68:d4:0c:93:ff:51:
01:0f:23:bf:e7:28:fe:8d:a3:e6:ed:e7:86:41:8b:
89:bd:97:7c:24:45:4c:15:96:57:23:b0:54:51:85:
b0:7b:73:e1:75:c4:66:cf:e5:60:6e:02:da:1f:e9:
a6:71:94:41:77:ea:8c:13:24:c6:db:f0:e7:56:12:
22:d3:e3:b8:43:0e:20:c2:41:ff:f0:c7:01:57:93:
a3:0f:2b:9b:fe:bd:99:4b:b8:dd:14:6c:d4:30:30:
8e:f8:91:c3:1a:27:d5:08:e5:1d:d5:8c:a2:e8:0f:
60:7a:6d:39:7a:43:fe:3c:28:0c:1d:1c:64:fb:ad:
f4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A1:9D:08:2F:D7:FF:E9:5D:AE:EB:6E:8C:6A:FD:01:2C:48:8E:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:e000::/40
Signature Algorithm: sha256WithRSAEncryption
01:0d:1d:07:c6:4d:d7:4d:b1:ab:f7:24:f3:61:29:b7:bd:e2:
83:73:67:79:a8:71:b0:06:fd:72:7f:c8:4e:d9:51:b1:d3:6f:
d3:66:51:34:73:6a:f7:ca:22:25:47:2b:23:10:da:5c:2c:75:
e7:6a:7d:b7:75:bb:d7:4a:b2:84:fe:a2:79:c3:5b:b9:12:57:
4d:99:fa:63:7b:5f:3d:19:bc:0d:4d:54:d6:36:91:15:4f:27:
35:d9:a1:f0:0f:b1:1b:e4:0c:4a:b1:75:21:f3:f5:45:a3:73:
e1:ef:02:f5:21:a2:01:02:eb:0c:48:64:66:ce:b7:d8:2b:fd:
59:2e:58:9c:4f:61:44:c1:f7:e9:79:6d:11:7c:2d:bd:e4:f5:
ef:7d:f6:c9:df:62:64:bc:ff:4e:0a:ff:5a:e4:aa:05:1c:50:
a8:2d:74:07:8f:f7:46:e9:d2:48:e6:3d:41:f5:9e:09:4b:f1:
3f:5e:bb:8c:43:8f:93:78:84:8d:ac:24:bb:8f:44:72:05:48:
a1:a5:0e:59:ba:02:96:27:15:25:61:b8:4b:48:f8:f2:2a:bf:
34:67:e7:5c:77:d5:ea:a8:ac:fa:37:03:6a:88:b6:5d:f5:ff:
6f:a2:fe:72:f8:de:29:01:c3:35:87:5d:c4:2d:23:f5:8d:98:
b6:04:52:4e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfRg6lvyzuPTauEDv73Yh/m5tPxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzA0MjNaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhYTdkNTRmMjAwOGMyMTIzYjVjZGQ0NmVjZWMwNmUxZTI0ZDE0Y2ZhZGNj
ZTEyMjI5OWFlODg5NjllZTdkNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOg+WT7ugNdrFFgRvTITYWfCsGmmKapq6fKltM2AK0wrRM7SPnBZho6aF1zk
wlTxgjik88MAco3cC66QibAuSunufR6Z6Fr0lzfIS5nq8yI07AZ2+Jl6ATM1kgTi
jfta4nrecs2A20gaWWSQqmo0wTvXSBP37qFJokvyMOBUp0azaNQMk/9RAQ8jv+co
/o2j5u3nhkGLib2XfCRFTBWWVyOwVFGFsHtz4XXEZs/lYG4C2h/ppnGUQXfqjBMk
xtvw51YSItPjuEMOIMJB//DHAVeTow8rm/69mUu43RRs1DAwjviRwxon1QjlHdWM
ougPYHptOXpD/jwoDB0cZPut9N8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4oZ0I
L9f/6V2u626Mav0BLEiOPzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjgzYzZmZjMtNDkyZi00MDljLTg2YmYtY2I5MGNhNjRmNDUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fng
MA0GCSqGSIb3DQEBCwUAA4IBAQABDR0Hxk3XTbGr9yTzYSm3veKDc2d5qHGwBv1y
f8hO2VGx02/TZlE0c2r3yiIlRysjENpcLHXnan23dbvXSrKE/qJ5w1u5EldNmfpj
e189GbwNTVTWNpEVTyc12aHwD7Eb5AxKsXUh8/VFo3Ph7wL1IaIBAusMSGRmzrfY
K/1ZLlicT2FEwffpeW0RfC295PXvffbJ32JkvP9OCv9a5KoFHFCoLXQHj/dG6dJI
5j1B9Z4JS/E/XruMQ4+TeISNrCS7j0RyBUihpQ5ZugKWJxUlYbhLSPjyKr80Z+dc
d9XqqKz6NwNqiLZd9f9vov5y+N4pAcM1h13ELSP1jZi2BFJO
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:47:06 2025 by rpki-client