Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa
File: b8a24699-2493-4e45-8227-bd2ec32f88ab.roa (raw, json)
Hash identifier: +ncj5ikfG7SHjEbyzj6Lrl7k9DNYV/gfofBhHQZN4ZQ=
Subject key identifier: 33:FF:97:68:27:85:F2:69:E4:AF:59:0D:1B:2E:2F:98:9D:F9:6B:F8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F4A757458A992B6C02BF25DFEC489BA11311160
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa
Signing time: Fri 26 Sep 2025 19:11:43 +0000
ROA not before: Fri 26 Sep 2025 19:11:43 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:4a:75:74:58:a9:92:b6:c0:2b:f2:5d:fe:c4:89:ba:11:31:11:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:11:43 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=7df5ec40487f5d27665aabc9aeacb62a58d1a1944d70d804f37b60f474b0369c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0c:1c:b0:0b:68:29:3f:24:69:f8:4c:bc:9d:
83:21:50:de:97:87:4a:bd:ac:cd:b5:11:72:40:36:
93:ec:22:b6:b2:74:60:8a:54:2e:1b:6e:2d:98:ef:
a7:9c:7d:6c:65:2b:69:b3:ea:59:0f:40:93:73:aa:
9b:a1:1c:4a:4d:4f:ab:e2:c8:ee:ed:3f:1c:99:d1:
fd:e3:2e:ec:87:6f:08:38:bc:91:a8:77:f4:a3:67:
d5:4d:70:e3:59:19:f0:5e:b0:6e:97:35:36:47:b8:
85:37:3d:36:17:35:b4:8b:bd:04:6d:41:94:43:d9:
5c:39:d1:c9:f2:21:11:92:92:33:d3:07:a0:f7:40:
ca:f7:ef:67:a3:5e:05:ab:5d:dd:cc:59:29:f4:cf:
35:19:c1:1f:8b:83:23:ac:b1:31:59:04:de:2c:66:
81:52:7c:2f:10:92:2d:85:e7:be:bf:b0:e9:22:aa:
3e:3d:4b:29:62:af:f5:b9:b0:8b:49:61:01:48:08:
75:5d:72:67:17:d8:16:11:b7:60:7b:2d:ab:5c:da:
81:c2:af:45:82:7c:41:b9:85:c1:33:64:87:4f:e0:
47:97:19:33:d6:0d:54:b5:79:36:36:40:ba:9c:6f:
6b:15:a2:c5:d6:00:6f:c4:e2:f6:ce:ac:1e:4a:d0:
19:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:FF:97:68:27:85:F2:69:E4:AF:59:0D:1B:2E:2F:98:9D:F9:6B:F8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
69:6a:87:8f:1d:51:4e:1b:c1:3d:70:85:58:74:10:25:28:16:
93:31:f3:ee:c4:54:56:c9:9a:8d:df:24:fa:24:8f:80:1c:15:
64:ef:f4:6d:b6:92:b7:da:92:ab:69:0f:a9:7e:fb:32:69:12:
6d:8f:57:3e:44:b2:65:b8:ad:b3:b8:fc:27:f4:b2:c2:67:25:
31:04:01:37:41:9e:f5:87:c9:db:9b:f7:14:6f:8a:3a:95:e8:
3f:6a:6c:46:39:c8:f7:83:71:c2:15:5c:f5:e1:71:2e:a1:f1:
77:92:53:64:bc:24:1d:00:42:a0:eb:24:1e:bd:3d:74:00:23:
ff:e2:b9:d3:ee:f1:57:92:69:55:47:25:da:0c:93:a4:59:53:
07:e0:92:c1:d3:45:0d:2e:a4:c5:6c:6d:a5:73:6e:b3:c0:d9:
37:e1:9c:cf:45:c6:d3:13:1a:97:f0:c6:40:e2:8d:38:10:69:
6a:47:62:a0:02:4c:fb:b4:08:9c:13:8c:98:fe:dc:cb:19:bc:
66:77:c7:f5:9b:8d:11:ae:5c:1d:0e:3b:a8:8a:9b:b2:fe:18:
1e:ab:71:86:76:cd:f2:2f:0b:0c:31:79:98:9d:32:45:d0:39:
21:83:3d:0b:ed:39:d6:a0:75:d0:8b:dd:42:bf:fd:fe:43:4a:
9b:a4:66:2e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUX0p1dFipkrbAK/Jd/sSJuhExEWAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTExNDNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkZjVlYzQwNDg3ZjVkMjc2NjVhYWJjOWFlYWNiNjJhNThkMWExOTQ0ZDcw
ZDgwNGYzN2I2MGY0NzRiMDM2OWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoMHLALaCk/JGn4TLydgyFQ3peHSr2szbURckA2k+witrJ0YIpULhtuLZjv
p5x9bGUrabPqWQ9Ak3Oqm6EcSk1Pq+LI7u0/HJnR/eMu7IdvCDi8kah39KNn1U1w
41kZ8F6wbpc1Nke4hTc9Nhc1tIu9BG1BlEPZXDnRyfIhEZKSM9MHoPdAyvfvZ6Ne
Batd3cxZKfTPNRnBH4uDI6yxMVkE3ixmgVJ8LxCSLYXnvr+w6SKqPj1LKWKv9bmw
i0lhAUgIdV1yZxfYFhG3YHstq1zagcKvRYJ8QbmFwTNkh0/gR5cZM9YNVLV5NjZA
upxvaxWixdYAb8Ti9s6sHkrQGdECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQz/5do
J4XyaeSvWQ0bLi+Ynflr+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjhhMjQ2OTktMjQ5My00ZTQ1LTgyMjctYmQyZWMzMmY4OGFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
wDANBgkqhkiG9w0BAQsFAAOCAQEAaWqHjx1RThvBPXCFWHQQJSgWkzHz7sRUVsma
jd8k+iSPgBwVZO/0bbaSt9qSq2kPqX77MmkSbY9XPkSyZbits7j8J/SywmclMQQB
N0Ge9YfJ25v3FG+KOpXoP2psRjnI94NxwhVc9eFxLqHxd5JTZLwkHQBCoOskHr09
dAAj/+K50+7xV5JpVUcl2gyTpFlTB+CSwdNFDS6kxWxtpXNus8DZN+Gcz0XG0xMa
l/DGQOKNOBBpakdioAJM+7QInBOMmP7cyxm8ZnfH9ZuNEa5cHQ47qIqbsv4YHqtx
hnbN8i8LDDF5mJ0yRdA5IYM9C+051qB10IvdQr/9/kNKm6RmLg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:13 2025 by rpki-client