Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
File: d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa (raw, json)
Hash identifier: GqaYREJJeqijMe+P4D7NbHHywYuZaIaqssxxwMjIv90=
Subject key identifier: C2:4C:B6:01:B9:23:5B:D5:36:88:CD:E8:84:13:CD:34:DF:10:39:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21D762DFC3034E21ED66C969583C6B0BE0CB49A4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
Signing time: Fri 26 Sep 2025 20:10:07 +0000
ROA not before: Fri 26 Sep 2025 20:10:07 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d024::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:d7:62:df:c3:03:4e:21:ed:66:c9:69:58:3c:6b:0b:e0:cb:49:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:10:07 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=e125667aec2d26cd4f4b68eb7e3a5f1f6b4bd90893c7cb9d1038c1573f77168c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e8:fb:44:d8:96:9a:a7:34:4d:26:95:e2:54:
95:ea:f7:00:e9:73:53:0c:bd:77:f0:d8:00:4b:a7:
77:07:dd:2b:39:f2:60:c7:92:a4:3c:44:7a:97:aa:
d0:80:65:e8:a2:39:f7:be:01:65:7b:21:fb:c3:08:
24:53:a1:09:a6:8d:15:8b:9c:07:e3:85:0b:17:62:
be:d7:93:b7:93:30:9a:16:88:eb:ca:32:ba:d3:76:
fa:b9:f5:5a:9a:69:a7:ce:ac:fe:d4:f5:e8:c4:87:
39:53:3f:98:41:b1:f8:28:66:23:1f:a5:c8:0f:91:
fe:cc:bb:b8:83:5e:bd:d6:c8:00:1d:91:18:eb:1b:
76:cd:71:5c:f0:81:0e:19:56:53:7e:d8:ab:0b:6f:
c4:20:69:4b:ca:13:43:eb:4b:53:07:c7:e5:ae:00:
62:dd:30:18:11:db:92:82:15:62:55:35:1c:e3:19:
22:50:e2:8b:f6:fe:22:25:42:ff:be:f5:34:8e:35:
a6:d6:38:97:0c:3f:be:7c:f2:04:92:43:66:8d:cb:
dd:da:12:30:bd:78:60:ef:5d:14:b2:9e:36:68:15:
f8:a5:fe:33:c5:f9:01:16:12:f6:80:be:71:d7:97:
87:f7:7d:a9:48:8f:b5:79:b3:d3:ba:9d:b2:5a:ab:
23:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:4C:B6:01:B9:23:5B:D5:36:88:CD:E8:84:13:CD:34:DF:10:39:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d024::/36
Signature Algorithm: sha256WithRSAEncryption
a2:0e:94:c3:9f:af:65:00:c2:d5:df:f6:49:4e:df:59:2d:b1:
cd:5e:cb:74:3d:28:76:fd:38:d5:41:b7:b3:f4:98:3c:6a:f5:
d5:08:b1:8f:3f:c4:a5:33:40:5e:e7:89:4d:07:6e:ce:e5:e2:
b2:5b:20:ca:ba:b9:1f:0a:66:e3:b6:fa:85:d1:fa:83:c3:60:
ea:05:34:32:b6:af:41:44:44:df:1d:f1:0b:fb:05:56:1a:ea:
e9:7b:49:06:21:8d:15:15:d0:d2:5d:ec:63:f9:d6:54:29:4b:
85:05:22:e7:8f:f5:f3:4e:7c:b0:5a:b9:4b:62:5e:b6:0f:b3:
8e:06:72:f2:92:74:72:bb:e5:2b:f4:87:eb:42:d2:33:14:e6:
9d:8e:83:8e:3a:75:85:6d:43:25:b3:8d:2c:42:ff:8e:8a:d3:
bd:ee:dd:0a:04:ed:61:e2:79:6c:d8:3d:9f:2d:8a:32:24:e3:
17:e1:3a:87:41:bd:7f:e0:04:18:75:55:94:0c:3d:3e:4e:98:
7e:b0:c5:e8:4d:5e:a4:b1:06:93:94:e3:70:45:a6:00:63:7d:
54:89:a2:3b:22:47:c5:8c:0f:7e:25:20:e0:25:90:47:73:9d:
2f:83:22:89:78:c2:2c:57:57:78:7b:f0:f3:fd:e3:e6:a6:c1:
90:20:7a:6a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIddi38MDTiHtZslpWDxrC+DLSaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDEwMDdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxMjU2NjdhZWMyZDI2Y2Q0ZjRiNjhlYjdlM2E1ZjFmNmI0YmQ5MDg5M2M3
Y2I5ZDEwMzhjMTU3M2Y3NzE2OGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANzo+0TYlpqnNE0mleJUler3AOlzUwy9d/DYAEundwfdKznyYMeSpDxEepeq
0IBl6KI5974BZXsh+8MIJFOhCaaNFYucB+OFCxdivteTt5MwmhaI68oyutN2+rn1
Wpppp86s/tT16MSHOVM/mEGx+ChmIx+lyA+R/sy7uINevdbIAB2RGOsbds1xXPCB
DhlWU37YqwtvxCBpS8oTQ+tLUwfH5a4AYt0wGBHbkoIVYlU1HOMZIlDii/b+IiVC
/771NI41ptY4lww/vnzyBJJDZo3L3doSML14YO9dFLKeNmgV+KX+M8X5ARYS9oC+
cdeXh/d9qUiPtXmz07qdslqrI28CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTCTLYB
uSNb1TaIzeiEE8003xA5zTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDhmZjcwMTMtMDhiNi00ZTM2LWFiODgtYzRmOGJkM2U3YTA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CQA
MA0GCSqGSIb3DQEBCwUAA4IBAQCiDpTDn69lAMLV3/ZJTt9ZLbHNXst0PSh2/TjV
Qbez9Jg8avXVCLGPP8SlM0Be54lNB27O5eKyWyDKurkfCmbjtvqF0fqDw2DqBTQy
tq9BRETfHfEL+wVWGurpe0kGIY0VFdDSXexj+dZUKUuFBSLnj/XzTnywWrlLYl62
D7OOBnLyknRyu+Ur9IfrQtIzFOadjoOOOnWFbUMls40sQv+OitO97t0KBO1h4nls
2D2fLYoyJOMX4TqHQb1/4AQYdVWUDD0+Tph+sMXoTV6ksQaTlONwRaYAY31UiaI7
IkfFjA9+JSDgJZBHc50vgyKJeMIsV1d4e/Dz/ePmpsGQIHpq
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:43 2025 by rpki-client