Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa
File: da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa (raw, json)
Hash identifier: 6hJl7uona/a04npi3gCpZKFuSSEYS+yIHwtb7SOoQX0=
Subject key identifier: B6:03:10:7A:F0:C3:CB:BD:4D:50:82:EE:0E:56:0D:B9:52:A8:92:D9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43F158AAA3DF82697ED6CFC50FB71EFB395C1C4C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa
Signing time: Sun 19 Oct 2025 07:00:09 +0000
ROA not before: Sun 19 Oct 2025 07:00:09 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:f1:58:aa:a3:df:82:69:7e:d6:cf:c5:0f:b7:1e:fb:39:5c:1c:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 19 07:00:09 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=74cb89cb90c310b638c80477ddc9ad8cf21c6cc579ecbb3b8af9d2b8219a851f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:75:ad:dd:43:a0:ab:08:1e:6a:77:34:d3:83:
45:f5:0c:c2:8c:8b:6d:3e:fd:e6:93:b6:79:84:41:
2e:36:0a:70:6e:4d:e6:c6:ef:53:87:23:27:a3:40:
6f:b3:98:7d:7d:bd:91:3f:08:ca:23:4d:44:a7:a8:
04:67:b9:51:21:0b:18:64:6b:2e:64:7e:66:25:b1:
94:31:f6:c2:75:b9:d4:cd:7a:02:94:dd:66:08:8d:
e2:f9:a2:ca:cf:c2:b3:4f:fd:17:d2:19:2c:d0:86:
71:2d:03:a3:1a:ab:82:10:47:d3:97:6f:a1:a7:6d:
0d:18:66:14:0d:1d:4c:0b:77:80:65:60:96:8d:e5:
7f:09:5e:87:a7:2b:89:fc:36:a6:fa:5d:94:4a:09:
78:24:fc:ea:12:20:39:b8:e6:73:9f:0f:5c:d0:08:
65:b3:f5:14:65:df:37:77:5c:8c:fd:f7:a5:17:d9:
bb:ab:9f:eb:5c:d0:d0:34:ef:07:1e:85:74:6b:1a:
65:b7:25:45:03:00:c1:09:f9:e6:a2:93:1b:95:2e:
29:b7:13:a9:5d:fe:1d:4d:87:2e:03:3d:88:af:2c:
ec:25:ef:6f:50:e3:69:a4:fc:37:fa:17:68:62:4e:
30:89:55:91:62:ae:29:37:79:64:84:a8:6f:d8:c7:
6a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:03:10:7A:F0:C3:CB:BD:4D:50:82:EE:0E:56:0D:B9:52:A8:92:D9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:880::/48
Signature Algorithm: sha256WithRSAEncryption
18:27:c8:0e:64:99:36:51:a3:76:98:9a:ab:ba:51:ad:e2:bd:
a1:3f:55:c0:fe:2f:28:b9:9d:e9:d7:12:61:fc:0a:87:7f:e9:
f6:79:9b:89:63:a4:8d:2e:71:80:d8:1d:e7:c8:16:98:e1:03:
d3:96:fd:a6:b4:e4:27:a6:ee:2a:b9:43:34:34:99:61:f5:f0:
da:cb:74:90:6b:43:9c:1e:92:9c:81:d4:9f:a4:5c:65:75:78:
3e:04:7f:a4:a3:7d:b7:9f:22:c8:3c:a7:7b:81:f8:43:2c:74:
54:a8:3a:84:75:a8:15:1d:64:92:d6:36:53:d7:48:92:13:f6:
c4:a2:aa:de:ac:7c:c8:5b:ca:bc:0a:55:6d:bc:59:a2:0d:8a:
7a:8f:ca:bd:6b:8f:23:e6:62:ba:af:cb:a4:4d:ee:78:3d:c6:
c2:d6:e6:22:cd:ae:ea:83:bc:dd:50:b4:05:5d:82:72:a0:42:
a7:dc:49:1a:36:72:14:7d:97:58:38:84:6d:68:2d:48:c2:f7:
e7:dc:7e:84:a4:da:9f:d9:39:d0:26:1f:69:48:80:c6:5a:bb:
1d:b1:bc:41:3a:c2:51:ca:59:7a:86:d8:24:61:aa:6d:eb:a6:
e9:33:4d:3f:4e:bb:bf:58:7b:ea:e5:7c:3a:9f:e9:86:d0:8f:
4f:41:5c:bb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQ/FYqqPfgml+1s/FD7ce+zlcHEwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTkwNzAwMDlaFw0yNTExMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0Y2I4OWNiOTBjMzEwYjYzOGM4MDQ3N2RkYzlhZDhjZjIxYzZjYzU3OWVj
YmIzYjhhZjlkMmI4MjE5YTg1MWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL51rd1DoKsIHmp3NNODRfUMwoyLbT795pO2eYRBLjYKcG5N5sbvU4cjJ6NA
b7OYfX29kT8IyiNNRKeoBGe5USELGGRrLmR+ZiWxlDH2wnW51M16ApTdZgiN4vmi
ys/Cs0/9F9IZLNCGcS0DoxqrghBH05dvoadtDRhmFA0dTAt3gGVglo3lfwleh6cr
ifw2pvpdlEoJeCT86hIgObjmc58PXNAIZbP1FGXfN3dcjP33pRfZu6uf61zQ0DTv
Bx6FdGsaZbclRQMAwQn55qKTG5UuKbcTqV3+HU2HLgM9iK8s7CXvb1DjaaT8N/oX
aGJOMIlVkWKuKTd5ZISob9jHarECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS2AxB6
8MPLvU1Qgu4OVg25UqiS2TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGE3YjhjNGUtZWUwYS00NWNkLWI2ZTMtN2JhY2Y4YTllMmYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I
gDANBgkqhkiG9w0BAQsFAAOCAQEAGCfIDmSZNlGjdpiaq7pRreK9oT9VwP4vKLmd
6dcSYfwKh3/p9nmbiWOkjS5xgNgd58gWmOED05b9prTkJ6buKrlDNDSZYfXw2st0
kGtDnB6SnIHUn6RcZXV4PgR/pKN9t58iyDyne4H4Qyx0VKg6hHWoFR1kktY2U9dI
khP2xKKq3qx8yFvKvApVbbxZog2Keo/KvWuPI+Ziuq/LpE3ueD3GwtbmIs2u6oO8
3VC0BV2CcqBCp9xJGjZyFH2XWDiEbWgtSML359x+hKTan9k50CYfaUiAxlq7HbG8
QTrCUcpZeobYJGGqbeum6TNNP067v1h76uV8Op/phtCPT0Fcuw==
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:18:49 2025 by rpki-client