Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
File: bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa (raw, json)
Hash identifier: NFQypn2ULRYDb7fy+oAuQsDSdFyGVj7OhF+IoCFpNVg=
Subject key identifier: 7A:A3:59:7D:FA:3A:37:5A:3F:1F:F9:40:CC:B6:DE:F8:4D:44:01:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3CA71F939FF3EA6AB3E840FDBF4DD358D20A1902
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
Signing time: Fri 26 Sep 2025 19:41:31 +0000
ROA not before: Fri 26 Sep 2025 19:41:31 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:a7:1f:93:9f:f3:ea:6a:b3:e8:40:fd:bf:4d:d3:58:d2:0a:19:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:41:31 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=22d52802251ca6eaf61fcb3244993a6fd42b9027e3fa11bace8d62321d84f08c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e9:96:20:09:88:27:71:00:2c:aa:23:a2:20:
00:89:05:48:60:4c:22:e1:37:72:1d:88:a2:c4:8a:
42:4e:d1:78:3f:c1:d9:86:3f:d1:31:b6:af:03:6c:
6a:32:e0:e4:fc:85:a8:df:88:53:85:fe:ff:1e:3e:
78:a5:cc:12:f6:21:c6:0c:55:90:62:97:28:4a:bc:
c8:a9:d1:96:bb:57:49:09:49:76:71:e1:40:58:bd:
9b:a4:dc:b7:ff:86:ce:8c:55:b4:91:c6:f8:0c:f9:
23:34:27:f2:31:55:55:55:a8:77:a1:d1:ad:b4:91:
65:e7:20:d1:a1:86:83:b8:31:e0:dd:06:3d:3b:2b:
55:1f:a7:9b:dc:69:62:ee:cf:18:46:dc:71:72:49:
6d:2b:c1:5d:1a:a1:c3:e6:04:19:60:63:b5:e5:5e:
0b:aa:e8:62:f0:15:a5:81:a3:7c:f7:59:1e:90:d3:
fc:e7:6a:49:f3:d5:ad:2f:00:ef:db:36:e2:1b:35:
ac:9c:cb:9e:54:bf:5f:a9:bd:b9:23:d0:56:65:bd:
2f:94:43:39:fb:5d:ec:41:3b:72:9b:91:f8:2a:30:
50:fc:08:a4:06:09:a5:c0:6a:d2:b9:69:44:cf:dd:
5f:64:ab:2f:cb:51:a8:75:8a:05:b1:9f:a8:2f:0c:
b7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:A3:59:7D:FA:3A:37:5A:3F:1F:F9:40:CC:B6:DE:F8:4D:44:01:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:4000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:46:24:c3:de:10:7a:02:68:8a:b8:b9:44:44:92:30:18:70:
a3:db:0a:1a:a6:49:81:6a:70:c2:c7:80:60:9c:3f:d8:05:4e:
94:07:99:fe:ad:4a:27:0f:a9:1a:64:38:5f:c9:59:3c:f1:f6:
f2:7f:0d:fc:01:c3:d5:c2:18:e8:14:e5:6f:39:78:8c:37:21:
be:8f:35:35:86:d7:3a:9f:94:a2:55:77:34:dc:a3:a6:b4:e8:
dd:c7:61:5e:76:db:8f:bc:e3:b2:f8:35:52:c2:d1:86:3c:1f:
a8:45:fa:b7:0b:be:df:71:18:a5:fc:86:10:43:ea:5a:06:c6:
ab:62:52:73:b2:4c:65:3a:c7:ec:d5:b7:44:13:24:42:89:7a:
20:03:51:f0:f4:9e:fb:c6:a7:f3:9d:4c:5e:06:22:e0:92:66:
1a:b5:4d:38:03:01:2c:e3:94:5a:06:f0:d2:b8:e4:8c:2e:94:
d5:7e:56:b2:d4:cb:9d:5d:83:56:55:70:ab:8a:80:65:ef:a9:
88:40:ac:1c:28:f2:36:44:28:58:1b:e4:98:f2:8f:19:94:e3:
90:b8:b0:fd:49:8e:5f:b4:08:92:2b:6f:c9:87:5d:dc:33:67:
84:29:ec:bf:89:d2:83:21:c7:55:e3:7c:bc:68:f8:86:c1:48:
3a:23:28:db
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPKcfk5/z6mqz6ED9v03TWNIKGQIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQxMzFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyZDUyODAyMjUxY2E2ZWFmNjFmY2IzMjQ0OTkzYTZmZDQyYjkwMjdlM2Zh
MTFiYWNlOGQ2MjMyMWQ4NGYwOGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbpliAJiCdxACyqI6IgAIkFSGBMIuE3ch2IosSKQk7ReD/B2YY/0TG2rwNs
ajLg5PyFqN+IU4X+/x4+eKXMEvYhxgxVkGKXKEq8yKnRlrtXSQlJdnHhQFi9m6Tc
t/+GzoxVtJHG+Az5IzQn8jFVVVWod6HRrbSRZecg0aGGg7gx4N0GPTsrVR+nm9xp
Yu7PGEbccXJJbSvBXRqhw+YEGWBjteVeC6roYvAVpYGjfPdZHpDT/OdqSfPVrS8A
79s24hs1rJzLnlS/X6m9uSPQVmW9L5RDOftd7EE7cpuR+CowUPwIpAYJpcBq0rlp
RM/dX2SrL8tRqHWKBbGfqC8MtwkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR6o1l9
+jo3Wj8f+UDMtt74TUQBkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmIyMTcxMGEtYTM3YS00NDc2LWFiNmItM2QwNzllOWQxY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5A
MA0GCSqGSIb3DQEBCwUAA4IBAQDBRiTD3hB6AmiKuLlERJIwGHCj2woapkmBanDC
x4BgnD/YBU6UB5n+rUonD6kaZDhfyVk88fbyfw38AcPVwhjoFOVvOXiMNyG+jzU1
htc6n5SiVXc03KOmtOjdx2FedtuPvOOy+DVSwtGGPB+oRfq3C77fcRil/IYQQ+pa
BsarYlJzskxlOsfs1bdEEyRCiXogA1Hw9J77xqfznUxeBiLgkmYatU04AwEs45Ra
BvDSuOSMLpTVflay1MudXYNWVXCrioBl76mIQKwcKPI2RChYG+SY8o8ZlOOQuLD9
SY5ftAiSK2/Jh13cM2eEKey/idKDIcdV43y8aPiGwUg6Iyjb
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:29:21 2025 by rpki-client