Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b11a093-87c1-4dc3-b6a7-b701618ae3ce.roa
File: 1b11a093-87c1-4dc3-b6a7-b701618ae3ce.roa (raw, json)
Hash identifier: ys1jr6/D7xEFSrXuKxu7G63ZW4+lrTiH/9cHWZWTDo0=
Subject key identifier: 01:8F:36:13:FA:14:FF:A1:C6:E5:E0:0A:4F:4F:BE:0C:5B:17:5B:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43D57AF9E4D1008D1F104975D45087E8E5C5EBC4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b11a093-87c1-4dc3-b6a7-b701618ae3ce.roa
Signing time: Fri 24 Oct 2025 00:20:08 +0000
ROA not before: Fri 24 Oct 2025 00:20:08 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d034:60c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:d5:7a:f9:e4:d1:00:8d:1f:10:49:75:d4:50:87:e8:e5:c5:eb:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:08 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=672336800be34d78479fbcd2816e84efe787e7b9eda8cdbcb04de2cf62f58309, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e5:c5:4b:cd:15:38:c1:38:0d:4f:58:30:23:
3b:9f:52:25:12:e7:12:4f:d3:e7:6b:7f:8a:c8:3a:
f7:2e:05:e7:39:28:2d:d6:0b:b2:20:de:51:40:d5:
4d:ca:1a:bf:41:5b:39:8c:b3:19:a3:2f:86:cf:2e:
8a:a2:76:1c:13:41:5d:8a:c7:73:ea:f2:c9:3c:a8:
19:50:7b:c7:2c:d2:39:89:62:5f:a0:0c:80:ba:a7:
31:c7:75:83:d5:7b:33:7d:1f:9a:c0:b6:f0:4b:eb:
dc:33:27:0a:b7:77:f7:14:2b:bc:b7:f0:c3:0d:ca:
14:64:55:2d:47:ac:24:4a:a7:9c:41:46:b0:11:d6:
89:ea:95:90:bb:af:31:26:24:ad:b8:53:2b:07:f8:
6e:7b:57:6a:95:97:1a:b6:42:eb:88:7e:53:1c:e8:
cd:f4:2f:e2:67:b6:3a:bb:09:f5:02:ef:e2:8f:29:
79:e7:1d:b8:6b:19:e3:f5:d6:6a:56:5d:fd:87:1a:
47:32:34:6e:b6:c9:6d:3b:ae:1d:83:d0:a1:e0:30:
f5:d9:70:75:f7:03:2c:33:4c:cb:c5:f9:8a:35:40:
0b:d4:d4:3c:57:37:27:1d:3a:6d:c5:1d:cc:df:93:
3d:1f:7f:f9:e9:19:49:34:ca:1f:93:d2:2a:ac:7a:
f9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:8F:36:13:FA:14:FF:A1:C6:E5:E0:0A:4F:4F:BE:0C:5B:17:5B:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b11a093-87c1-4dc3-b6a7-b701618ae3ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
c0:a3:bd:7c:d0:31:10:43:ea:9a:47:16:ec:b6:57:15:1c:c7:
ae:32:82:c5:20:69:8d:53:fe:cc:db:f3:ae:38:d6:9e:dc:ed:
71:1a:d1:04:22:0c:dd:60:75:71:3f:f7:78:1c:1e:ef:98:1c:
d7:6c:ca:84:f0:fe:21:a6:23:c0:be:79:3c:38:0b:b6:ca:46:
cc:10:33:c0:ae:8a:fb:09:d4:a8:13:3c:d4:88:dc:26:ec:84:
70:1e:d2:c3:da:9d:61:53:a5:8e:d6:8e:bb:f5:d6:ea:3d:48:
c9:5b:46:f1:69:38:16:be:28:11:25:11:1c:f7:f2:8f:8b:0d:
7a:1c:48:67:f3:37:a1:c8:d1:91:6d:7b:ab:c0:34:4d:38:b5:
c0:36:e1:1b:31:70:de:da:66:50:48:11:91:f6:15:7b:27:0d:
ab:5b:d7:86:e6:6d:f3:05:c6:e1:5d:b1:c0:36:91:90:d0:38:
7c:5d:6b:a3:91:92:25:9b:1f:05:eb:45:90:95:24:ca:24:93:
98:7d:c6:de:70:01:fc:d1:a8:38:7a:76:ac:aa:87:15:7d:34:
93:26:ef:92:e6:7e:15:0d:68:4e:ad:b6:a7:b6:65:c4:98:1c:
61:91:2d:2d:c8:b4:e3:85:05:df:ff:79:e5:f8:f8:bd:73:b6:
d9:70:5c:9e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQ9V6+eTRAI0fEEl11FCH6OXF68QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMDhaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3MjMzNjgwMGJlMzRkNzg0NzlmYmNkMjgxNmU4NGVmZTc4N2U3YjllZGE4
Y2RiY2IwNGRlMmNmNjJmNTgzMDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/lxUvNFTjBOA1PWDAjO59SJRLnEk/T52t/isg69y4F5zkoLdYLsiDeUUDV
Tcoav0FbOYyzGaMvhs8uiqJ2HBNBXYrHc+ryyTyoGVB7xyzSOYliX6AMgLqnMcd1
g9V7M30fmsC28Evr3DMnCrd39xQrvLfwww3KFGRVLUesJEqnnEFGsBHWieqVkLuv
MSYkrbhTKwf4bntXapWXGrZC64h+UxzozfQv4me2OrsJ9QLv4o8peecduGsZ4/XW
alZd/YcaRzI0brbJbTuuHYPQoeAw9dlwdfcDLDNMy8X5ijVAC9TUPFc3Jx06bcUd
zN+TPR9/+ekZSTTKH5PSKqx6+XcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQBjzYT
+hT/ocbl4ApPT74MWxdb8zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWIxMWEwOTMtODdjMS00ZGMzLWI2YTctYjcwMTYxOGFlM2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
wDANBgkqhkiG9w0BAQsFAAOCAQEAwKO9fNAxEEPqmkcW7LZXFRzHrjKCxSBpjVP+
zNvzrjjWntztcRrRBCIM3WB1cT/3eBwe75gc12zKhPD+IaYjwL55PDgLtspGzBAz
wK6K+wnUqBM81IjcJuyEcB7Sw9qdYVOljtaOu/XW6j1IyVtG8Wk4Fr4oESURHPfy
j4sNehxIZ/M3ocjRkW17q8A0TTi1wDbhGzFw3tpmUEgRkfYVeycNq1vXhuZt8wXG
4V2xwDaRkNA4fF1ro5GSJZsfBetFkJUkyiSTmH3G3nAB/NGoOHp2rKqHFX00kybv
kuZ+FQ1oTq22p7ZlxJgcYZEtLci044UF3/955fj4vXO22XBcng==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:56 2025 by rpki-client