Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4abf1b04-0256-404f-a4c7-5d1c2c8ad9b7.roa
File: 4abf1b04-0256-404f-a4c7-5d1c2c8ad9b7.roa (raw, json)
Hash identifier: baW7BMmSAGiiM8Mq+F9FvNJbCMWuWEgi1iZWqvzNtDc=
Subject key identifier: AB:43:03:B1:50:FC:B5:17:3F:72:CC:17:22:79:28:95:59:93:36:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FED15BEA680DC43A7578C23D34EF3EC754C8D78
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4abf1b04-0256-404f-a4c7-5d1c2c8ad9b7.roa
Signing time: Fri 24 Oct 2025 00:20:06 +0000
ROA not before: Fri 24 Oct 2025 00:20:06 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d034:6040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:ed:15:be:a6:80:dc:43:a7:57:8c:23:d3:4e:f3:ec:75:4c:8d:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:06 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=21cea3f269529486f4ea82fbcb1430c43f5b8cb8a6dff13f9b6c79139d5f9cc1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6f:93:78:39:47:4d:8d:35:97:22:15:6e:27:
24:08:cb:31:c6:24:62:33:cd:5b:6f:92:4f:da:1f:
a3:ed:fd:e8:18:77:0c:e0:0e:95:74:50:44:4b:38:
62:8c:8f:5c:04:df:98:a0:18:b8:23:d9:00:fc:68:
76:17:7a:91:2a:cc:8e:68:2b:b1:a0:e5:f7:c6:3d:
0c:45:7b:aa:2d:72:37:47:f6:25:01:61:75:69:0e:
1e:05:53:05:d7:bb:17:95:6c:f5:06:83:d6:42:dd:
57:26:8d:70:ca:99:06:d7:b2:51:06:fd:1b:4b:ea:
7d:65:2f:a5:9f:1a:a7:46:76:2b:01:87:b0:e4:6b:
d2:4e:8c:60:45:41:35:57:6e:ca:d8:79:a6:a1:93:
8a:ba:f5:75:52:ae:d4:d2:22:f7:c5:27:a9:a5:1b:
0d:f9:0b:b3:ea:2c:81:1d:12:e6:27:68:ca:52:9a:
2b:c8:d7:93:60:82:45:4a:49:93:dd:d8:86:2e:ad:
1e:d3:6c:4e:32:82:bf:5e:8d:c5:5c:78:11:6f:99:
95:4a:53:e3:59:cc:4b:b8:bd:34:c4:ef:80:3b:39:
51:75:ab:8b:79:b7:35:89:de:fd:52:0f:64:3b:cf:
27:a9:34:1b:23:c8:b3:ff:0c:bb:c2:52:de:de:9a:
c6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:43:03:B1:50:FC:B5:17:3F:72:CC:17:22:79:28:95:59:93:36:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4abf1b04-0256-404f-a4c7-5d1c2c8ad9b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6040::/46
Signature Algorithm: sha256WithRSAEncryption
76:77:70:3f:72:09:4f:28:c3:92:ec:82:e3:01:36:60:ba:bf:
77:04:b9:f9:88:a3:d3:9e:d2:ae:51:76:97:98:72:65:2a:0e:
6e:da:cb:c7:a0:95:24:7a:c9:98:03:36:fd:be:1b:da:58:00:
76:e3:52:fb:cb:19:0c:3b:6f:75:e4:78:af:9a:c9:a1:18:55:
14:fb:f4:39:c6:5e:9b:a5:24:db:06:17:67:9d:04:47:f8:fb:
06:03:f1:19:70:d6:4d:9a:1d:91:08:7d:17:ec:f8:dd:a2:89:
b9:f8:fd:07:a0:11:4f:df:51:01:a5:73:df:57:80:25:e3:51:
c3:ec:6c:49:74:c1:c0:4e:38:d4:93:d9:41:09:f1:09:45:af:
95:c0:26:04:e6:17:b7:2b:c3:e0:be:b6:73:72:9a:57:a8:45:
30:fd:6f:1a:b6:e0:2c:86:ce:10:16:76:b6:f0:b8:72:a1:ea:
b5:3a:b7:09:25:64:87:f2:97:25:9a:8e:05:76:f4:4e:90:d3:
f5:eb:86:78:10:dd:d4:30:4f:cf:ca:c4:cc:7c:61:a2:96:c1:
43:99:75:30:ba:b8:fb:d4:e5:f1:16:7e:1c:65:9f:93:48:52:
f9:d8:39:64:d1:60:8d:ee:ff:5f:aa:cd:ea:78:d5:eb:f9:3a:
85:fb:bc:a4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUT+0VvqaA3EOnV4wj007z7HVMjXgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMDZaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxY2VhM2YyNjk1Mjk0ODZmNGVhODJmYmNiMTQzMGM0M2Y1YjhjYjhhNmRm
ZjEzZjliNmM3OTEzOWQ1ZjljYzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9vk3g5R02NNZciFW4nJAjLMcYkYjPNW2+ST9ofo+396Bh3DOAOlXRQREs4
YoyPXATfmKAYuCPZAPxodhd6kSrMjmgrsaDl98Y9DEV7qi1yN0f2JQFhdWkOHgVT
Bde7F5Vs9QaD1kLdVyaNcMqZBteyUQb9G0vqfWUvpZ8ap0Z2KwGHsORr0k6MYEVB
NVduyth5pqGTirr1dVKu1NIi98UnqaUbDfkLs+osgR0S5idoylKaK8jXk2CCRUpJ
k93Yhi6tHtNsTjKCv16NxVx4EW+ZlUpT41nMS7i9NMTvgDs5UXWri3m3NYne/VIP
ZDvPJ6k0GyPIs/8Mu8JS3t6axuUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSrQwOx
UPy1Fz9yzBcieSiVWZM2DDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFiZjFiMDQtMDI1Ni00MDRmLWE0YzctNWQxYzJjOGFkOWI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
QDANBgkqhkiG9w0BAQsFAAOCAQEAdndwP3IJTyjDkuyC4wE2YLq/dwS5+Yij057S
rlF2l5hyZSoObtrLx6CVJHrJmAM2/b4b2lgAduNS+8sZDDtvdeR4r5rJoRhVFPv0
OcZem6Uk2wYXZ50ER/j7BgPxGXDWTZodkQh9F+z43aKJufj9B6ART99RAaVz31eA
JeNRw+xsSXTBwE441JPZQQnxCUWvlcAmBOYXtyvD4L62c3KaV6hFMP1vGrbgLIbO
EBZ2tvC4cqHqtTq3CSVkh/KXJZqOBXb0TpDT9euGeBDd1DBPz8rEzHxhopbBQ5l1
MLq4+9Tl8RZ+HGWfk0hS+dg5ZNFgje7/X6rN6njV6/k6hfu8pA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:10 2025 by rpki-client