Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
File: 493f1269-3ba4-4dea-829a-985dda6749ee.roa (raw, json)
Hash identifier: dNV52BEi2n4xus7/jn4Eup+o1AtroL404JecC1S/TAU=
Subject key identifier: 34:F9:04:18:B0:BC:32:E4:98:D7:31:59:7E:3C:8D:FE:23:55:E1:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 557D700B4EDB2AF243531576BBF436B3C69E6771
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
Signing time: Tue 21 Oct 2025 13:10:42 +0000
ROA not before: Tue 21 Oct 2025 13:10:42 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:7d:70:0b:4e:db:2a:f2:43:53:15:76:bb:f4:36:b3:c6:9e:67:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:10:42 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=42b389ebae737ec5db34bc3182637a204508fabd6e6bdd8a0f86f10a4819b9b1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:00:86:e0:aa:dc:a2:ed:fa:ff:b3:3d:57:df:
75:39:f2:b5:b5:07:b9:43:1f:43:57:45:72:d3:68:
3c:0f:06:68:25:10:63:a0:a0:fc:09:ac:c8:3a:7e:
0c:0b:64:d7:6a:c8:57:99:48:0c:5b:3c:83:4b:3e:
ed:4f:aa:7b:0d:24:9d:68:e4:fd:86:0e:ce:4f:40:
42:ee:38:da:0c:3c:3c:c4:b2:52:87:10:af:f5:9a:
1d:cb:98:af:97:9e:19:05:85:7d:99:da:a9:5a:1b:
e4:68:fa:3c:d4:75:f8:1d:e3:d6:d6:0f:9d:49:0f:
91:45:45:31:d8:16:e0:c8:74:56:38:0c:7d:15:6d:
b8:cc:dc:69:51:a2:c7:f9:d7:f0:ce:07:f6:1b:56:
a8:05:87:ed:96:7d:1f:95:71:ac:a3:b2:2c:8b:11:
88:bf:13:90:5c:8e:15:12:0f:ee:48:82:34:a3:f9:
e1:c9:3d:e0:b6:57:56:ac:d8:00:ab:e5:98:5a:f1:
a0:ce:03:93:74:38:2b:81:93:aa:a6:dd:7c:8e:0e:
05:fa:f5:b1:66:51:73:42:df:da:93:b1:ce:12:09:
f8:1a:78:bb:b4:58:34:da:bb:8e:50:f1:a0:35:04:
e8:00:9d:02:ae:ea:58:2b:b2:40:56:81:0f:49:c9:
57:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F9:04:18:B0:BC:32:E4:98:D7:31:59:7E:3C:8D:FE:23:55:E1:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075::/32
Signature Algorithm: sha256WithRSAEncryption
0d:70:22:94:97:71:e4:74:0b:f5:7d:71:0d:d1:e2:81:64:6e:
61:43:37:d9:9a:ac:6c:22:6c:83:b8:b7:af:9d:08:79:c1:bc:
13:21:dc:43:15:7d:c9:2a:f1:aa:86:10:86:f3:68:0d:e7:f9:
a5:d5:4c:b9:71:ca:4c:7a:bb:95:b2:b9:de:65:a4:97:45:60:
a7:c7:99:1b:72:23:55:06:86:4f:6d:00:72:b5:f1:ee:49:b4:
58:96:c5:7b:79:d6:2f:37:97:1a:93:7b:ea:c5:9e:fa:8d:d1:
53:70:d9:bf:ba:d8:a7:4a:13:5e:f1:d4:03:6e:36:4f:5c:ba:
35:5d:ae:9e:a9:4d:38:39:b0:4d:e4:02:75:a4:ae:fd:6c:78:
dd:e2:9c:2c:b6:25:0a:a3:56:f0:6b:d2:79:3b:7b:77:e8:0b:
72:93:6e:12:07:05:ad:da:44:cc:18:69:20:60:6c:06:fe:e0:
a3:b1:09:e3:fc:51:36:9c:80:c2:26:5f:a1:68:80:a3:65:7b:
c1:74:56:7b:4e:fe:25:b6:ed:d1:64:8a:53:44:50:44:8c:8f:
60:dd:4b:7c:0a:83:6c:a5:14:69:93:d0:2e:3b:f0:9a:50:30:
9a:76:7d:92:20:77:b7:22:26:b7:c2:0f:6e:c8:2b:9b:95:6c:
37:16:c5:41
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUVX1wC07bKvJDUxV2u/Q2s8aeZ3EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzEwNDJaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyYjM4OWViYWU3MzdlYzVkYjM0YmMzMTgyNjM3YTIwNDUwOGZhYmQ2ZTZi
ZGQ4YTBmODZmMTBhNDgxOWI5YjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8AhuCq3KLt+v+zPVffdTnytbUHuUMfQ1dFctNoPA8GaCUQY6Cg/AmsyDp+
DAtk12rIV5lIDFs8g0s+7U+qew0knWjk/YYOzk9AQu442gw8PMSyUocQr/WaHcuY
r5eeGQWFfZnaqVob5Gj6PNR1+B3j1tYPnUkPkUVFMdgW4Mh0VjgMfRVtuMzcaVGi
x/nX8M4H9htWqAWH7ZZ9H5VxrKOyLIsRiL8TkFyOFRIP7kiCNKP54ck94LZXVqzY
AKvlmFrxoM4Dk3Q4K4GTqqbdfI4OBfr1sWZRc0Lf2pOxzhIJ+Bp4u7RYNNq7jlDx
oDUE6ACdAq7qWCuyQFaBD0nJV4ECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQ0+QQY
sLwy5JjXMVl+PI3+I1XhKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkzZjEyNjktM2JhNC00ZGVhLTgyOWEtOTg1ZGRhNjc0OWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HUw
DQYJKoZIhvcNAQELBQADggEBAA1wIpSXceR0C/V9cQ3R4oFkbmFDN9marGwibIO4
t6+dCHnBvBMh3EMVfckq8aqGEIbzaA3n+aXVTLlxykx6u5Wyud5lpJdFYKfHmRty
I1UGhk9tAHK18e5JtFiWxXt51i83lxqTe+rFnvqN0VNw2b+62KdKE17x1ANuNk9c
ujVdrp6pTTg5sE3kAnWkrv1seN3inCy2JQqjVvBr0nk7e3foC3KTbhIHBa3aRMwY
aSBgbAb+4KOxCeP8UTacgMImX6FogKNle8F0VntO/iW27dFkilNEUESMj2DdS3wK
g2ylFGmT0C478JpQMJp2fZIgd7ciJrfCD27IK5uVbDcWxUE=
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:10 2025 by rpki-client