Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa
File: 2d9f3120-fab9-43aa-973f-4142925b1416.roa (raw, json)
Hash identifier: 9u3L5w1H6klMcO/L+dZE5K4Ir/Ksx2m3ZzpJ+GU/tQw=
Subject key identifier: 78:BD:94:BA:54:8F:09:6A:6E:97:B9:0C:A1:88:4A:4F:3E:D6:1B:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4ED4653EE85268BAFA05F0EBDA3A82EC668E2F9A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa
Signing time: Tue 21 Oct 2025 14:31:09 +0000
ROA not before: Tue 21 Oct 2025 14:31:09 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:d4:65:3e:e8:52:68:ba:fa:05:f0:eb:da:3a:82:ec:66:8e:2f:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:31:09 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=7c40701fa010db0da21ea3c71db5aaf2a5d8583f5e2667adfad839adc23e74e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:93:12:80:ee:92:95:f5:48:3e:e1:93:a2:39:
d7:83:9a:24:c5:6d:b8:93:ac:d6:1a:97:11:af:e4:
33:d0:58:bb:1f:6c:38:a6:0d:70:52:b8:77:cc:ec:
1a:d4:e9:64:28:e0:e2:9d:49:13:74:52:fe:86:3b:
93:5c:07:97:b2:25:17:c0:1c:51:44:59:04:c0:e5:
90:dd:07:41:fa:6b:d5:e7:15:8c:46:77:1f:f6:c1:
c0:10:fc:79:7d:5e:59:11:a4:52:55:57:96:cc:eb:
8f:6f:5d:ba:ac:c9:4e:b5:04:58:c9:f7:40:f9:01:
8e:b2:5a:ef:ec:28:ad:f1:66:17:71:a3:90:2d:f9:
a6:46:98:6d:76:5a:c9:48:eb:15:f9:09:5f:c7:9e:
0d:fe:55:e0:ec:3f:c9:b3:2b:1a:18:b9:88:17:05:
43:73:47:39:7e:bb:b9:ff:33:14:1f:e4:97:38:2f:
e2:ac:87:c6:9a:f5:7e:8b:e9:40:0b:5c:b8:d3:01:
87:d2:76:cc:89:f8:0b:70:60:e4:a0:13:cd:ac:a9:
66:5b:d1:80:b3:f2:bf:53:aa:94:5e:0b:c1:a7:5b:
07:b3:91:c4:e1:0d:15:7c:63:04:5f:80:a6:26:b9:
5e:40:bd:bb:28:b0:8e:73:7b:1b:97:97:40:5d:19:
29:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:BD:94:BA:54:8F:09:6A:6E:97:B9:0C:A1:88:4A:4F:3E:D6:1B:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
48:2a:b3:85:d8:1f:a0:45:28:57:2a:82:c5:72:19:8d:7b:9f:
e3:b5:f6:32:ac:d7:48:d0:37:08:fb:41:4d:af:3d:28:91:58:
3c:61:cd:2f:e4:e6:d2:c2:b2:15:30:6e:bd:39:bd:d2:f1:8d:
60:f2:74:e5:2b:fa:4f:2b:e5:2f:b8:2a:e4:eb:8d:17:b8:1e:
32:3b:13:95:03:ab:14:8f:b8:05:1f:68:c1:9a:7a:f0:62:73:
36:9e:26:26:ee:74:db:9f:db:53:e5:af:5b:4e:11:3d:74:d1:
d1:47:7c:99:36:9c:cc:5d:3a:9b:b9:0f:75:4a:61:ca:50:01:
a2:a3:98:67:13:52:e2:16:c4:0b:ab:5c:49:c0:9c:5e:21:0d:
4c:f5:b5:fe:56:1a:ec:d0:a4:3a:e2:8b:45:aa:22:ee:e6:81:
33:3e:38:b0:2e:a8:2e:b2:ae:01:b2:0c:6b:e6:46:e8:a7:78:
e9:fd:00:5e:b5:c1:b2:73:c4:70:86:91:1d:cb:c2:87:f5:07:
b6:40:e2:e6:63:20:e6:f7:4d:a5:43:48:83:48:a6:4b:83:dd:
0a:cc:11:a6:c8:98:6f:cd:df:72:68:67:fa:76:5a:ff:46:02:
83:8c:ec:25:78:9d:9b:3d:51:0b:bb:4f:9c:e2:84:c9:8c:d7:
a7:ab:77:23
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTtRlPuhSaLr6BfDr2jqC7GaOL5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMxMDlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjNDA3MDFmYTAxMGRiMGRhMjFlYTNjNzFkYjVhYWYyYTVkODU4M2Y1ZTI2
NjdhZGZhZDgzOWFkYzIzZTc0ZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO6TEoDukpX1SD7hk6I514OaJMVtuJOs1hqXEa/kM9BYux9sOKYNcFK4d8zs
GtTpZCjg4p1JE3RS/oY7k1wHl7IlF8AcUURZBMDlkN0HQfpr1ecVjEZ3H/bBwBD8
eX1eWRGkUlVXlszrj29duqzJTrUEWMn3QPkBjrJa7+worfFmF3GjkC35pkaYbXZa
yUjrFfkJX8eeDf5V4Ow/ybMrGhi5iBcFQ3NHOX67uf8zFB/klzgv4qyHxpr1fovp
QAtcuNMBh9J2zIn4C3Bg5KATzaypZlvRgLPyv1OqlF4LwadbB7ORxOENFXxjBF+A
pia5XkC9uyiwjnN7G5eXQF0ZKW8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR4vZS6
VI8Jam6XuQyhiEpPPtYbjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmQ5ZjMxMjAtZmFiOS00M2FhLTk3M2YtNDE0MjkyNWIxNDE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAQ
wDANBgkqhkiG9w0BAQsFAAOCAQEASCqzhdgfoEUoVyqCxXIZjXuf47X2MqzXSNA3
CPtBTa89KJFYPGHNL+Tm0sKyFTBuvTm90vGNYPJ05Sv6TyvlL7gq5OuNF7geMjsT
lQOrFI+4BR9owZp68GJzNp4mJu5025/bU+WvW04RPXTR0Ud8mTaczF06m7kPdUph
ylABoqOYZxNS4hbEC6tcScCcXiENTPW1/lYa7NCkOuKLRaoi7uaBMz44sC6oLrKu
AbIMa+ZG6Kd46f0AXrXBsnPEcIaRHcvCh/UHtkDi5mMg5vdNpUNIg0imS4PdCswR
psiYb83fcmhn+nZa/0YCg4zsJXidmz1RC7tPnOKEyYzXp6t3Iw==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:18 2025 by rpki-client