Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
File: 538037c5-70a6-4b45-b84c-b4af8015af39.roa (raw, json)
Hash identifier: SPWax2i26TJ5Hr8HE+TIKGWKcGrvI59XtaMNEvBiPZA=
Subject key identifier: 65:67:91:1F:BF:4D:96:BF:1C:30:25:E5:36:5C:20:13:F0:C6:E4:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2CFC4BADD19E497B2ACB4CBC92B8679944A5D9DD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
Signing time: Tue 21 Oct 2025 13:10:06 +0000
ROA not before: Tue 21 Oct 2025 13:10:06 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d029::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:fc:4b:ad:d1:9e:49:7b:2a:cb:4c:bc:92:b8:67:99:44:a5:d9:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:10:06 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=d6df1b5c34ddd67a6905dabcb3de4b25bdd1de713be7a4c2ca0d0d07161d1fb0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6e:8a:1c:10:66:39:70:ce:1d:df:fe:aa:34:
01:3f:53:1d:fa:d8:d2:46:4e:71:36:61:de:0a:d6:
5b:d9:fc:99:12:ab:61:77:b8:1e:3b:6f:06:b1:ce:
f3:c4:a6:8d:af:84:ef:5a:a7:3a:6e:a3:dc:e2:bf:
f7:be:22:86:06:7c:6e:2b:ca:47:50:99:f8:a9:17:
ba:f6:9f:95:31:22:45:4c:10:da:1e:b6:22:ad:49:
44:b1:12:bc:3c:21:cf:20:d9:33:5f:df:eb:3e:01:
6e:8d:20:59:a8:21:7a:99:85:8d:48:ba:21:ea:a6:
ef:45:4b:00:1b:bb:a7:6c:06:cc:63:44:89:8d:e9:
48:7f:34:f1:17:15:61:eb:10:c3:5d:9e:a4:cc:3f:
9e:ba:23:11:04:ee:94:b6:91:ee:80:fb:58:19:96:
06:c4:05:ce:bb:87:73:af:39:b0:0f:28:9f:7c:d7:
57:21:66:ce:00:2b:e6:71:f8:16:be:e7:64:f6:f5:
b7:90:44:07:bd:a5:14:1f:1a:e2:b1:1f:ff:fd:29:
dd:71:ad:ee:0b:e4:71:77:28:63:74:bd:db:fd:a5:
9f:36:d9:fc:38:41:a8:e3:6e:54:54:10:bf:f8:72:
88:92:82:38:0d:a9:7d:26:f3:ec:d1:7c:d2:24:b8:
de:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:67:91:1F:BF:4D:96:BF:1C:30:25:E5:36:5C:20:13:F0:C6:E4:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d029::/36
Signature Algorithm: sha256WithRSAEncryption
12:06:91:f7:34:d8:be:58:79:1f:96:14:b8:36:da:fb:18:ab:
79:c6:0c:dc:be:9d:18:17:da:33:a6:c8:1a:b5:ce:31:69:a1:
cf:fa:85:24:5e:09:ca:f5:1f:cb:e5:a3:6e:26:db:eb:7b:67:
b3:a4:54:5a:83:fd:a2:e0:de:6e:b4:5b:78:89:3b:4b:5b:ed:
3d:cf:ba:9b:3e:e2:e2:4e:07:d9:65:7b:4e:f4:d9:bb:bb:84:
c5:53:3b:bd:ff:3a:db:f1:e1:7c:7a:68:5a:82:46:a3:d8:f1:
ba:d1:60:dd:1b:64:3d:45:ed:26:67:4e:0a:58:c5:5b:49:d6:
2d:97:bf:f3:51:8e:d8:75:ab:29:ca:94:ad:9d:9d:cc:f2:4d:
3d:d2:24:f2:4c:6f:ed:a9:af:aa:6c:ee:99:05:c6:0f:81:cc:
f6:5f:ec:2f:f3:ee:db:e0:83:a6:f7:fa:13:4b:54:91:c5:35:
ef:07:eb:00:d1:b1:a7:1c:2e:f1:29:c9:42:dd:f1:25:c4:b2:
a4:2e:29:14:eb:5c:d9:7f:45:c5:be:d7:3a:ff:60:f5:d4:a4:
7c:0b:dc:c6:39:1c:1d:25:e1:c0:a3:b9:d0:28:b0:87:43:75:
e6:54:77:19:b9:57:af:23:00:71:89:fa:8a:ec:ad:5b:d8:a6:
ea:ad:c3:cf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULPxLrdGeSXsqy0y8krhnmUSl2d0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzEwMDZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2ZGYxYjVjMzRkZGQ2N2E2OTA1ZGFiY2IzZGU0YjI1YmRkMWRlNzEzYmU3
YTRjMmNhMGQwZDA3MTYxZDFmYjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1uihwQZjlwzh3f/qo0AT9THfrY0kZOcTZh3grWW9n8mRKrYXe4HjtvBrHO
88Smja+E71qnOm6j3OK/974ihgZ8bivKR1CZ+KkXuvaflTEiRUwQ2h62Iq1JRLES
vDwhzyDZM1/f6z4Bbo0gWaghepmFjUi6Ieqm70VLABu7p2wGzGNEiY3pSH808RcV
YesQw12epMw/nrojEQTulLaR7oD7WBmWBsQFzruHc685sA8on3zXVyFmzgAr5nH4
Fr7nZPb1t5BEB72lFB8a4rEf//0p3XGt7gvkcXcoY3S92/2lnzbZ/DhBqONuVFQQ
v/hyiJKCOA2pfSbz7NF80iS43kMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRlZ5Ef
v02WvxwwJeU2XCAT8MbkEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4MDM3YzUtNzBhNi00YjQ1LWI4NGMtYjRhZjgwMTVhZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CkA
MA0GCSqGSIb3DQEBCwUAA4IBAQASBpH3NNi+WHkflhS4Ntr7GKt5xgzcvp0YF9oz
psgatc4xaaHP+oUkXgnK9R/L5aNuJtvre2ezpFRag/2i4N5utFt4iTtLW+09z7qb
PuLiTgfZZXtO9Nm7u4TFUzu9/zrb8eF8emhagkaj2PG60WDdG2Q9Re0mZ04KWMVb
SdYtl7/zUY7YdaspypStnZ3M8k090iTyTG/tqa+qbO6ZBcYPgcz2X+wv8+7b4IOm
9/oTS1SRxTXvB+sA0bGnHC7xKclC3fElxLKkLikU61zZf0XFvtc6/2D11KR8C9zG
ORwdJeHAo7nQKLCHQ3XmVHcZuVevIwBxifqK7K1b2KbqrcPP
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:13 2025 by rpki-client