Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa
File: f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa (raw, json)
Hash identifier: G/8P3KGeP3d0kdhE+XiqiheLtXO6/Fk/Zb66k2ZY0QY=
Subject key identifier: 1D:9A:7A:61:6D:AC:45:4B:C1:E2:C4:18:86:4C:77:10:1B:70:24:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07003EDCF2BD70D4205007A56F0207048BEB751F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa
Signing time: Tue 07 Oct 2025 15:32:49 +0000
ROA not before: Tue 07 Oct 2025 15:32:49 +0000
ROA not after: Tue 11 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:f080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:00:3e:dc:f2:bd:70:d4:20:50:07:a5:6f:02:07:04:8b:eb:75:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 7 15:32:49 2025 GMT
Not After : Nov 11 23:59:59 2025 GMT
Subject: serialNumber=0bd1a4d1cf40e1249d62a30412d300270d8adbe05482ca9b4c6048232e42fa98, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:65:c6:5a:ca:3b:b8:89:77:50:0e:db:23:04:
2a:35:6b:68:f3:24:d9:b5:7b:4e:03:3b:96:76:50:
25:ed:cd:5c:a4:32:63:09:b7:45:b7:fa:30:30:56:
c0:b1:4b:9f:4d:b2:e5:f6:b7:11:1d:3e:a8:11:92:
65:ff:34:6e:75:6c:24:cd:2e:19:d6:fe:e8:28:a3:
97:df:3e:51:e4:3b:48:e5:8f:b5:79:38:21:bc:77:
81:dc:32:32:8c:08:ca:1a:93:13:6a:37:82:b9:29:
2f:e2:89:5b:8a:0b:a6:44:84:bd:0e:c8:0b:c7:c4:
df:11:a7:47:94:6e:36:dd:46:5e:93:d9:cd:7a:cc:
30:e6:40:e6:4f:2b:81:16:fc:c4:17:ff:87:50:e6:
23:6a:17:29:be:df:bd:d3:ba:ac:ae:9b:04:46:74:
f3:bf:86:ed:3d:cb:9f:22:88:3d:6b:1d:05:ae:fe:
3a:39:c0:cf:59:7f:bd:53:06:f8:f9:80:0b:98:21:
73:eb:fa:14:75:dc:36:89:2a:03:ea:9d:90:24:20:
46:31:07:13:21:4c:e5:ca:f5:b5:bf:2e:7a:19:22:
ff:d7:74:b7:88:b8:18:d4:f6:d4:d5:86:3d:f1:3c:
cb:1e:29:2f:3c:b9:04:4b:77:11:a8:18:1f:6f:89:
53:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:9A:7A:61:6D:AC:45:4B:C1:E2:C4:18:86:4C:77:10:1B:70:24:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:f080::/48
Signature Algorithm: sha256WithRSAEncryption
c2:ae:1c:51:7e:d4:7e:51:d4:f1:f6:f6:38:8e:0e:45:85:33:
06:72:d1:44:9e:1c:3c:3a:3a:76:4b:91:38:0b:36:a0:fe:4c:
22:ce:7d:62:30:1c:47:72:5b:98:04:7a:b9:f4:28:94:31:20:
43:86:0e:b8:a1:4d:82:18:35:9d:73:07:1d:6f:ba:bf:6e:8f:
2c:c8:08:54:8a:63:07:1a:9d:cf:cf:8a:db:9c:1c:8c:3f:b3:
2a:d4:69:37:7d:47:a3:01:b9:50:cd:9f:eb:95:1f:90:ca:62:
72:f4:a2:25:f6:1a:6f:e5:39:39:19:1b:40:76:2e:71:73:fb:
6c:a3:4b:98:f1:92:51:fa:5e:db:de:54:f9:a6:58:d2:35:b2:
d5:1e:d4:b9:43:50:00:02:4d:e8:61:cf:31:12:88:d2:72:2b:
3a:78:c6:b6:4a:95:af:98:8f:20:1a:97:c8:c5:65:ad:bd:9c:
b5:cc:04:0a:9e:cd:10:57:73:33:df:dc:d1:69:e3:fd:8a:a2:
e1:eb:6b:4b:88:7d:68:7d:55:26:e0:b0:e8:fa:18:d1:ec:65:
a3:f9:ec:93:2e:7a:95:f5:17:20:c7:52:75:4b:c2:c9:01:e8:
78:1e:3e:23:18:79:f7:66:f2:e8:ca:bc:b7:7e:c3:a5:7f:32:
80:99:d9:f4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBwA+3PK9cNQgUAelbwIHBIvrdR8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDcxNTMyNDlaFw0yNTExMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiZDFhNGQxY2Y0MGUxMjQ5ZDYyYTMwNDEyZDMwMDI3MGQ4YWRiZTA1NDgy
Y2E5YjRjNjA0ODIzMmU0MmZhOTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtlxlrKO7iJd1AO2yMEKjVraPMk2bV7TgM7lnZQJe3NXKQyYwm3Rbf6MDBW
wLFLn02y5fa3ER0+qBGSZf80bnVsJM0uGdb+6Cijl98+UeQ7SOWPtXk4Ibx3gdwy
MowIyhqTE2o3grkpL+KJW4oLpkSEvQ7IC8fE3xGnR5RuNt1GXpPZzXrMMOZA5k8r
gRb8xBf/h1DmI2oXKb7fvdO6rK6bBEZ087+G7T3LnyKIPWsdBa7+OjnAz1l/vVMG
+PmAC5ghc+v6FHXcNokqA+qdkCQgRjEHEyFM5cr1tb8uehki/9d0t4i4GNT21NWG
PfE8yx4pLzy5BEt3EagYH2+JU6MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQdmnph
baxFS8HixBiGTHcQG3Ak2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjI5OGM5ZDEtNWY1ZS00YTJhLWEyMDMtMjllMmNiZGIzNzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/w
gDANBgkqhkiG9w0BAQsFAAOCAQEAwq4cUX7UflHU8fb2OI4ORYUzBnLRRJ4cPDo6
dkuROAs2oP5MIs59YjAcR3JbmAR6ufQolDEgQ4YOuKFNghg1nXMHHW+6v26PLMgI
VIpjBxqdz8+K25wcjD+zKtRpN31HowG5UM2f65UfkMpicvSiJfYab+U5ORkbQHYu
cXP7bKNLmPGSUfpe295U+aZY0jWy1R7UuUNQAAJN6GHPMRKI0nIrOnjGtkqVr5iP
IBqXyMVlrb2ctcwECp7NEFdzM9/c0Wnj/Yqi4etrS4h9aH1VJuCw6PoY0exlo/ns
ky56lfUXIMdSdUvCyQHoeB4+Ixh592by6Mq8t37DpX8ygJnZ9A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:21 2025 by rpki-client