Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
File: 17057de1-0841-47c5-9f52-f4f803d5e2d4.roa (raw, json)
Hash identifier: 6igA7c43M721EFM/8K1L94xWdzdVYoEZAL3Fz7q8jNM=
Subject key identifier: 13:C8:FD:60:A4:2B:8C:13:B3:E3:49:05:3B:82:96:DC:DF:45:12:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BE4EF856B069BE20D479C5E9A19E379E01B1270
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
Signing time: Tue 21 Oct 2025 13:50:05 +0000
ROA not before: Tue 21 Oct 2025 13:50:05 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:e4:ef:85:6b:06:9b:e2:0d:47:9c:5e:9a:19:e3:79:e0:1b:12:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:50:05 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=3c229760c1d8b661303d6e6e21e77bf32d0ad56a7f97b09405270266ac2a53f6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:db:b1:6e:35:3f:e3:ef:ca:6a:42:ac:a2:b3:
ab:8a:ca:2b:3a:51:ba:fd:b8:56:44:8a:d9:d8:a3:
34:1b:f9:f9:60:0a:60:7f:ba:71:64:ad:ad:35:b2:
6e:3a:8f:b1:09:fe:3e:e7:d0:94:89:cb:0e:f5:77:
0f:1e:81:76:a5:dc:77:2c:f0:53:b8:16:d6:17:18:
2b:c8:1c:31:62:2d:77:f7:d5:10:35:ac:93:61:5a:
9c:ee:36:1b:ea:6c:6d:42:64:e9:8f:03:80:27:54:
d8:e5:5c:2e:51:48:07:d8:98:9b:5e:79:fa:b9:7c:
34:7a:b3:4f:8d:06:2e:8c:ff:de:86:0e:a5:ad:de:
2a:8f:f7:44:bb:56:39:21:99:45:76:a4:c1:58:c0:
ee:fa:bb:4e:45:68:60:eb:3d:7b:ee:7b:dd:d6:b7:
73:5f:ae:1d:41:2e:73:3e:16:f4:71:64:a8:ca:65:
ac:8e:0b:6a:e9:70:53:0a:76:2c:e0:cd:0e:ad:99:
0e:4b:b7:26:cd:d1:2e:21:64:84:84:58:ae:a2:27:
6e:cc:87:ba:61:6e:43:00:e1:bb:54:fa:2e:9a:36:
8f:b8:ef:23:c7:c3:ea:3e:8c:3f:eb:47:96:cf:a5:
cc:b9:ac:52:43:c5:f8:f1:91:53:a1:a2:a5:bf:ea:
26:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:C8:FD:60:A4:2B:8C:13:B3:E3:49:05:3B:82:96:DC:DF:45:12:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
c8:38:4a:ce:48:fd:a9:18:4c:d2:83:d0:ec:77:04:49:38:82:
72:5c:3c:cc:cb:dd:49:79:f0:1b:7e:2d:23:58:7f:83:44:6d:
03:23:86:f5:d6:e3:dc:06:f5:77:48:69:67:0b:c8:50:d4:f4:
bf:c9:60:2d:26:ab:75:cd:ed:e9:bb:bd:64:22:50:1b:b0:7b:
8c:d4:4e:2f:2b:77:50:31:19:22:80:dc:75:51:c0:69:02:f5:
a9:9f:81:ac:67:c0:2d:44:2f:49:bb:37:57:ab:60:a4:61:6e:
93:3b:b8:80:15:d1:35:56:c1:52:d0:79:68:55:a9:c3:cd:87:
c7:23:48:b1:9a:bc:07:2f:25:18:5f:d8:d1:a5:bc:e3:79:a8:
33:ac:e9:5a:2c:54:46:74:20:0a:41:72:44:6b:da:58:72:19:
fc:dd:ea:d4:76:50:d1:6d:71:8f:1d:20:07:0f:3d:72:7b:9d:
7c:7a:56:c6:9c:d1:a7:bd:e3:ce:0e:f9:ec:23:2c:fb:f6:9b:
ee:0f:ed:93:60:d8:91:87:0a:0d:8f:4f:77:94:9f:2f:0c:92:
a7:97:56:a6:56:41:f4:c1:c8:82:da:5a:c5:7d:d1:07:42:48:
d6:58:98:b7:ed:45:5e:a9:a6:72:ea:15:1d:22:5a:b5:2b:f6:
57:0b:86:ba
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUa+TvhWsGm+INR5xemhnjeeAbEnAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzUwMDVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjMjI5NzYwYzFkOGI2NjEzMDNkNmU2ZTIxZTc3YmYzMmQwYWQ1NmE3Zjk3
YjA5NDA1MjcwMjY2YWMyYTUzZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLbsW41P+PvympCrKKzq4rKKzpRuv24VkSK2dijNBv5+WAKYH+6cWStrTWy
bjqPsQn+PufQlInLDvV3Dx6BdqXcdyzwU7gW1hcYK8gcMWItd/fVEDWsk2FanO42
G+psbUJk6Y8DgCdU2OVcLlFIB9iYm155+rl8NHqzT40GLoz/3oYOpa3eKo/3RLtW
OSGZRXakwVjA7vq7TkVoYOs9e+573da3c1+uHUEucz4W9HFkqMplrI4LaulwUwp2
LODNDq2ZDku3Js3RLiFkhIRYrqInbsyHumFuQwDhu1T6Lpo2j7jvI8fD6j6MP+tH
ls+lzLmsUkPF+PGRU6Gipb/qJt8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQTyP1g
pCuME7PjSQU7gpbc30USQjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTcwNTdkZTEtMDg0MS00N2M1LTlmNTItZjRmODAzZDVlMmQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dpg
MA0GCSqGSIb3DQEBCwUAA4IBAQDIOErOSP2pGEzSg9DsdwRJOIJyXDzMy91JefAb
fi0jWH+DRG0DI4b11uPcBvV3SGlnC8hQ1PS/yWAtJqt1ze3pu71kIlAbsHuM1E4v
K3dQMRkigNx1UcBpAvWpn4GsZ8AtRC9JuzdXq2CkYW6TO7iAFdE1VsFS0HloVanD
zYfHI0ixmrwHLyUYX9jRpbzjeagzrOlaLFRGdCAKQXJEa9pYchn83erUdlDRbXGP
HSAHDz1ye518elbGnNGnvePODvnsIyz79pvuD+2TYNiRhwoNj093lJ8vDJKnl1am
VkH0wciC2lrFfdEHQkjWWJi37UVeqaZy6hUdIlq1K/ZXC4a6
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:22 2025 by rpki-client