Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcc2c855-ca62-4b4c-a1c6-8b4152bc7a05.roa
File: fcc2c855-ca62-4b4c-a1c6-8b4152bc7a05.roa (raw, json)
Hash identifier: vW6zImxuNjR6lSu+c4CawhMJONIDAJnxfqZPOLIgXlg=
Subject key identifier: C8:25:71:C9:3A:BB:48:1B:88:B2:38:54:6C:A5:B0:57:50:44:EA:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 241844DD00E2CD17CCB63EBF8B91BC891BA17E5A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcc2c855-ca62-4b4c-a1c6-8b4152bc7a05.roa
Signing time: Fri 26 Sep 2025 19:40:19 +0000
ROA not before: Fri 26 Sep 2025 19:40:19 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:18:44:dd:00:e2:cd:17:cc:b6:3e:bf:8b:91:bc:89:1b:a1:7e:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:40:19 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=2583a8b4e23b8836bc9c3bae1d1cdc1962fc4281ab32f21ba25fed213b408244, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ba:03:e9:07:a7:05:ee:8d:36:97:ee:dc:c9:
7b:f3:cc:89:a8:56:8f:d7:5c:5d:79:b9:ba:64:e0:
02:4c:76:2c:b9:63:7d:62:79:08:21:dc:07:7f:5e:
98:d3:41:50:42:95:74:fa:0d:11:48:a8:45:35:9b:
2a:9c:46:4d:b5:34:dd:66:00:32:3b:83:c6:ff:07:
c5:46:c9:bb:12:90:01:b5:35:89:00:8e:a8:68:b2:
bf:1b:0a:b7:f3:23:09:58:c4:ae:7b:01:c0:a1:df:
83:bf:ca:2e:b9:f1:6e:23:a8:f1:34:ae:13:bf:24:
d3:db:96:a3:13:5f:79:d8:85:45:44:62:12:6b:89:
0c:2d:bb:75:07:b8:7d:05:ed:69:df:bd:73:99:3e:
c3:ad:b9:af:2d:de:48:c5:c7:d7:d0:fb:7c:c1:d5:
4a:4d:29:ee:6e:b2:62:81:fe:f7:70:19:21:cb:93:
3e:d0:a0:df:b6:0c:58:15:52:05:d8:fd:14:e2:f5:
ef:34:78:03:e7:e2:77:0a:95:a4:59:6e:1a:d6:6b:
7d:cf:6b:0d:f2:5e:56:d3:6a:48:78:15:b2:4e:86:
35:ec:8e:a4:45:a1:92:7c:72:a1:9b:81:a7:cf:d0:
3e:cb:1d:e3:7e:2f:b5:6c:d0:3c:00:6d:1c:4f:8f:
23:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:25:71:C9:3A:BB:48:1B:88:B2:38:54:6C:A5:B0:57:50:44:EA:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcc2c855-ca62-4b4c-a1c6-8b4152bc7a05.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:c000::/40
Signature Algorithm: sha256WithRSAEncryption
91:b9:34:f6:6e:31:26:5a:da:ad:2c:70:86:e3:c0:28:50:71:
71:ea:88:c6:56:59:34:2f:6a:07:2a:43:63:19:20:7a:50:79:
d5:d1:3c:06:2f:ef:f4:5d:e8:0d:86:68:ec:d4:c5:42:9a:27:
67:02:d0:74:87:ea:5a:dc:8c:7c:ab:f8:e5:1e:89:2b:fc:97:
34:d3:86:46:47:30:ae:0d:02:c3:49:89:d0:9d:d3:bd:a4:33:
64:8c:f8:7c:71:e6:bb:ec:11:8c:22:db:66:c9:75:c7:c7:0c:
ed:fb:d5:72:87:70:5d:41:2d:7a:32:56:be:67:45:57:c0:97:
0a:71:44:14:ca:8b:97:5c:02:f1:f3:ab:80:4c:0f:01:85:f8:
70:c9:6a:53:6a:ec:76:d5:cb:ec:de:ba:29:35:6b:a5:03:e9:
09:2b:10:11:81:a5:87:31:f1:d9:38:5a:6e:78:09:29:dd:74:
4f:00:1c:65:8e:f3:98:dc:7e:40:6f:92:1e:c1:72:ba:e1:38:
da:ec:65:ac:56:51:8a:be:2c:8e:3c:f2:50:c3:6d:82:bd:8f:
a5:91:49:a3:e7:57:23:3f:7f:43:ff:78:3d:e2:e1:b8:63:51:
0d:79:32:ba:54:c8:bb:6e:61:f4:de:3e:c7:7e:a5:e6:a2:49:
f6:3c:1a:ed
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJBhE3QDizRfMtj6/i5G8iRuhflowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQwMTlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1ODNhOGI0ZTIzYjg4MzZiYzljM2JhZTFkMWNkYzE5NjJmYzQyODFhYjMy
ZjIxYmEyNWZlZDIxM2I0MDgyNDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+6A+kHpwXujTaX7tzJe/PMiahWj9dcXXm5umTgAkx2LLljfWJ5CCHcB39e
mNNBUEKVdPoNEUioRTWbKpxGTbU03WYAMjuDxv8HxUbJuxKQAbU1iQCOqGiyvxsK
t/MjCVjErnsBwKHfg7/KLrnxbiOo8TSuE78k09uWoxNfediFRURiEmuJDC27dQe4
fQXtad+9c5k+w625ry3eSMXH19D7fMHVSk0p7m6yYoH+93AZIcuTPtCg37YMWBVS
Bdj9FOL17zR4A+fidwqVpFluGtZrfc9rDfJeVtNqSHgVsk6GNeyOpEWhknxyoZuB
p8/QPssd434vtWzQPABtHE+PI4kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTIJXHJ
OrtIG4iyOFRspbBXUETqdDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNjMmM4NTUtY2E2Mi00YjRjLWExYzYtOGI0MTUyYmM3YTA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HXA
MA0GCSqGSIb3DQEBCwUAA4IBAQCRuTT2bjEmWtqtLHCG48AoUHFx6ojGVlk0L2oH
KkNjGSB6UHnV0TwGL+/0XegNhmjs1MVCmidnAtB0h+pa3Ix8q/jlHokr/Jc004ZG
RzCuDQLDSYnQndO9pDNkjPh8cea77BGMIttmyXXHxwzt+9Vyh3BdQS16Mla+Z0VX
wJcKcUQUyouXXALx86uATA8BhfhwyWpTaux21cvs3ropNWulA+kJKxARgaWHMfHZ
OFpueAkp3XRPABxljvOY3H5Ab5IewXK64Tja7GWsVlGKviyOPPJQw22CvY+lkUmj
51cjP39D/3g94uG4Y1ENeTK6VMi7bmH03j7HfqXmokn2PBrt
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:29:25 2025 by rpki-client