Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d58dbbef-7392-498d-b094-189de828de57.roa
File: d58dbbef-7392-498d-b094-189de828de57.roa (raw, json)
Hash identifier: Rx3qd1jDj43VYPouCTl2vvwUjFhwAc/T/KKV7FOHWhU=
Subject key identifier: AE:77:6B:12:96:07:A2:9A:38:53:78:82:76:82:64:D0:1F:E1:9E:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 213F7A8BF31860C42AF9AAF9602EED2C1A90CB97
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d58dbbef-7392-498d-b094-189de828de57.roa
Signing time: Mon 06 Oct 2025 17:40:07 +0000
ROA not before: Mon 06 Oct 2025 17:40:07 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:3f:7a:8b:f3:18:60:c4:2a:f9:aa:f9:60:2e:ed:2c:1a:90:cb:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:40:07 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=85e488c5dd316410cc560ebe53ae5494bfecfd57b7a56f3b63e705fb0b787bf2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:34:c5:bb:e0:3b:20:69:50:3d:b6:9b:5c:1c:
c9:88:7e:06:f8:30:1e:bc:51:57:44:af:d3:1f:50:
3d:59:4f:69:d8:b7:08:b0:88:90:0e:a9:98:41:6f:
ac:a4:63:1a:b3:f8:73:69:9a:cb:83:f2:f2:fd:dc:
3b:71:8f:54:a3:9e:36:7a:f6:f1:ee:f7:ba:de:d4:
5d:89:f1:66:74:17:44:68:24:61:de:07:ad:43:9d:
ee:71:3b:09:13:d2:ba:85:44:30:8a:68:36:75:6b:
1e:c8:92:a5:0c:09:39:b3:d8:14:34:4f:a3:67:ff:
e5:af:0d:eb:5a:d7:90:c4:ab:98:e7:c5:ac:32:cc:
ed:a4:49:e0:ed:ae:9d:5f:9b:89:c3:e9:06:78:e4:
1e:a0:31:f7:77:3e:8d:3e:17:97:87:4f:16:2c:a1:
5f:23:a1:af:82:f0:92:84:bb:44:5b:e6:64:6a:8c:
0c:47:b0:53:23:18:fc:68:0f:54:b5:8c:8d:47:82:
f0:04:1e:51:66:ab:b8:9e:0f:1e:ab:c4:33:47:b6:
d8:c5:ea:90:a2:e0:9e:3e:b3:27:cb:57:61:ba:bf:
0a:a1:95:fc:d7:73:c4:2c:95:cc:fc:ae:ce:f9:6b:
0f:c9:a5:02:ff:aa:09:49:69:9d:e5:d3:b4:62:4b:
c2:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:77:6B:12:96:07:A2:9A:38:53:78:82:76:82:64:D0:1F:E1:9E:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d58dbbef-7392-498d-b094-189de828de57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c020::/48
Signature Algorithm: sha256WithRSAEncryption
52:18:80:45:0c:de:50:16:b6:d8:7a:89:3c:e4:b1:96:e4:4d:
1d:dd:fe:96:59:bc:5e:cd:65:86:03:8a:d1:29:18:b2:5f:57:
e3:be:99:ed:c7:f1:70:df:91:54:f2:9f:4d:34:37:e9:a5:01:
ec:e3:f4:6a:9f:b5:63:eb:84:e5:58:9e:0b:2a:75:80:92:d7:
3c:3d:f2:9f:85:4c:31:8e:6c:5d:55:4a:00:65:d4:ac:3f:b4:
73:ed:5a:73:8f:d2:48:18:ba:8e:59:99:88:5a:c0:45:f6:af:
80:35:04:13:f3:83:38:ab:9a:a7:5f:b6:48:ad:6b:bf:d2:53:
15:eb:6b:22:1a:d5:10:fa:be:40:ff:ba:8b:fe:8c:3f:93:73:
55:a3:41:be:b1:75:93:df:96:b6:e6:b8:2f:b6:a4:91:46:03:
c3:17:c8:c2:74:69:a4:30:bc:5a:bf:89:1c:b6:e0:d0:c8:55:
d9:60:15:6a:61:d8:07:80:ef:cf:c1:21:a8:35:f9:8c:1a:b4:
8c:69:f7:e1:0d:9c:86:93:9e:e8:b3:33:6e:27:bc:c6:86:2d:
c3:d0:b6:23:be:2d:62:eb:90:19:66:ba:fc:64:84:d0:89:d0:
4d:f0:be:7c:d1:f9:74:bf:4f:48:5e:2a:d4:76:02:7b:79:bd:
60:d9:fc:68
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIT96i/MYYMQq+ar5YC7tLBqQy5cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzQwMDdaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1ZTQ4OGM1ZGQzMTY0MTBjYzU2MGViZTUzYWU1NDk0YmZlY2ZkNTdiN2E1
NmYzYjYzZTcwNWZiMGI3ODdiZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMw0xbvgOyBpUD22m1wcyYh+BvgwHrxRV0Sv0x9QPVlPadi3CLCIkA6pmEFv
rKRjGrP4c2may4Py8v3cO3GPVKOeNnr28e73ut7UXYnxZnQXRGgkYd4HrUOd7nE7
CRPSuoVEMIpoNnVrHsiSpQwJObPYFDRPo2f/5a8N61rXkMSrmOfFrDLM7aRJ4O2u
nV+bicPpBnjkHqAx93c+jT4Xl4dPFiyhXyOhr4LwkoS7RFvmZGqMDEewUyMY/GgP
VLWMjUeC8AQeUWaruJ4PHqvEM0e22MXqkKLgnj6zJ8tXYbq/CqGV/NdzxCyVzPyu
zvlrD8mlAv+qCUlpneXTtGJLwg0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSud2sS
lgeimjhTeIJ2gmTQH+GekTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDU4ZGJiZWYtNzM5Mi00OThkLWIwOTQtMTg5ZGU4MjhkZTU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
IDANBgkqhkiG9w0BAQsFAAOCAQEAUhiARQzeUBa22HqJPOSxluRNHd3+llm8Xs1l
hgOK0SkYsl9X476Z7cfxcN+RVPKfTTQ36aUB7OP0ap+1Y+uE5VieCyp1gJLXPD3y
n4VMMY5sXVVKAGXUrD+0c+1ac4/SSBi6jlmZiFrARfavgDUEE/ODOKuap1+2SK1r
v9JTFetrIhrVEPq+QP+6i/6MP5NzVaNBvrF1k9+Wtua4L7akkUYDwxfIwnRppDC8
Wr+JHLbg0MhV2WAVamHYB4Dvz8EhqDX5jBq0jGn34Q2chpOe6LMzbie8xoYtw9C2
I74tYuuQGWa6/GSE0InQTfC+fNH5dL9PSF4q1HYCe3m9YNn8aA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:03 2025 by rpki-client