Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
File: bed4158d-91b8-4ba5-81d9-75a65b550b92.roa (raw, json)
Hash identifier: 1vCjvnTt3Ze+/8+ymd5fAPU+uVOCCtJiWNJeh0vG/Zo=
Subject key identifier: 09:8F:71:41:21:C2:86:59:B6:E0:75:2C:85:E0:8E:E5:7B:4B:A7:3B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E7707B777E65B6471E25E9E9DB5943ED4CACEF3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
Signing time: Fri 26 Sep 2025 18:21:08 +0000
ROA not before: Fri 26 Sep 2025 18:21:08 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:77:07:b7:77:e6:5b:64:71:e2:5e:9e:9d:b5:94:3e:d4:ca:ce:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:21:08 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=1707bae6a8c78e4ac03bdfaa5030d453accd883372f378b3c9cb25873b55f5f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c5:5f:0a:2a:ea:e7:10:27:bf:95:49:77:de:
a5:de:16:52:20:9b:53:56:ac:35:fe:18:d5:cd:3f:
82:a2:f9:a8:0f:cf:52:7d:01:17:60:58:2b:01:41:
2a:1e:96:6f:4c:93:11:13:e4:a9:03:fb:db:61:86:
bb:18:ea:25:99:79:27:8e:1d:b4:e3:c2:63:a4:f0:
60:00:ca:e0:be:1e:2c:f8:ac:cf:64:a8:92:76:ed:
8d:ae:11:a2:3c:a0:99:c7:72:10:d3:c1:ef:d8:fd:
0c:17:b2:a2:91:9d:cd:8e:1f:f5:e5:3d:7e:72:5d:
33:83:99:ad:6d:3e:a3:47:48:92:7a:96:55:f1:76:
22:7d:64:74:8e:6d:33:a6:88:bd:58:d3:d5:3d:d8:
f2:16:2b:c4:d4:f2:48:1b:8b:4b:b2:3b:2d:c3:c9:
b1:bb:24:61:14:02:dc:9d:e5:85:66:03:68:c1:a6:
2c:2b:48:38:26:75:fb:6d:47:9a:54:f8:bc:dd:e8:
8d:4c:4a:de:c1:8a:b4:3e:2a:9f:87:49:29:5b:ee:
d2:ac:3f:a0:38:91:19:ff:76:c8:bd:b5:e0:1b:c9:
76:13:95:de:ed:5c:5a:1f:81:e6:d9:af:44:2e:3c:
73:55:61:8f:c6:2f:87:bb:6c:d8:63:3e:d7:3c:a3:
70:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:8F:71:41:21:C2:86:59:B6:E0:75:2C:85:E0:8E:E5:7B:4B:A7:3B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
70:26:db:12:2f:a8:2c:a2:62:b0:23:20:6f:2f:b1:6a:90:3e:
2b:bd:3d:48:8a:b9:e6:26:be:05:be:9b:06:e8:61:5e:29:17:
a9:55:9d:40:f7:b7:41:c6:98:be:be:e0:1f:c2:68:1d:a0:50:
e9:f3:7c:7c:56:01:15:c9:55:58:b0:84:02:07:fa:c6:00:d0:
ba:88:a1:c1:2c:a5:31:23:5f:cc:93:96:f8:36:87:8c:3a:cf:
95:f6:87:32:01:6c:60:5a:ca:e6:aa:2a:79:53:de:b1:d9:34:
b5:1b:b0:cd:2d:78:c8:b7:be:fd:21:30:43:f1:30:48:2a:17:
3c:fc:63:0e:97:ca:ec:49:d7:d7:e8:1d:9d:43:43:1e:d8:db:
78:f6:1c:dc:80:6e:80:88:b0:9c:d5:75:ef:90:0a:65:65:35:
d9:d0:36:9b:62:04:ff:9e:df:c8:21:72:7c:10:8c:b4:63:c7:
65:ca:72:4f:77:a5:02:b8:0f:aa:91:7c:b4:7c:56:6d:65:11:
53:4c:b1:3c:b5:b4:01:bb:c1:83:6a:53:59:f6:75:7c:58:bf:
80:eb:b0:40:c1:95:26:d7:eb:96:15:04:02:19:d2:82:72:2e:
0d:d7:f1:b2:0b:16:1d:a5:af:d1:de:96:6d:cb:a4:82:6c:1e:
a9:37:c1:cb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfncHt3fmW2Rx4l6enbWUPtTKzvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODIxMDhaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3MDdiYWU2YThjNzhlNGFjMDNiZGZhYTUwMzBkNDUzYWNjZDg4MzM3MmYz
NzhiM2M5Y2IyNTg3M2I1NWY1ZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIrFXwoq6ucQJ7+VSXfepd4WUiCbU1asNf4Y1c0/gqL5qA/PUn0BF2BYKwFB
Kh6Wb0yTERPkqQP722GGuxjqJZl5J44dtOPCY6TwYADK4L4eLPisz2Soknbtja4R
ojygmcdyENPB79j9DBeyopGdzY4f9eU9fnJdM4OZrW0+o0dIknqWVfF2In1kdI5t
M6aIvVjT1T3Y8hYrxNTySBuLS7I7LcPJsbskYRQC3J3lhWYDaMGmLCtIOCZ1+21H
mlT4vN3ojUxK3sGKtD4qn4dJKVvu0qw/oDiRGf92yL214BvJdhOV3u1cWh+B5tmv
RC48c1Vhj8Yvh7ts2GM+1zyjcI0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQJj3FB
IcKGWbbgdSyF4I7le0unOzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmVkNDE1OGQtOTFiOC00YmE1LTgxZDktNzVhNjViNTUwYjkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
wDANBgkqhkiG9w0BAQsFAAOCAQEAcCbbEi+oLKJisCMgby+xapA+K709SIq55ia+
Bb6bBuhhXikXqVWdQPe3QcaYvr7gH8JoHaBQ6fN8fFYBFclVWLCEAgf6xgDQuoih
wSylMSNfzJOW+DaHjDrPlfaHMgFsYFrK5qoqeVPesdk0tRuwzS14yLe+/SEwQ/Ew
SCoXPPxjDpfK7EnX1+gdnUNDHtjbePYc3IBugIiwnNV175AKZWU12dA2m2IE/57f
yCFyfBCMtGPHZcpyT3elArgPqpF8tHxWbWURU0yxPLW0AbvBg2pTWfZ1fFi/gOuw
QMGVJtfrlhUEAhnSgnIuDdfxsgsWHaWv0d6WbcukgmweqTfByw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:20 2025 by rpki-client