Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6027ce14-95d4-4f5a-9a58-52d26678ea8f.roa
File: 6027ce14-95d4-4f5a-9a58-52d26678ea8f.roa (raw, json)
Hash identifier: ZN+fICxUpuHurIWM1m/Bd4XIRutCfyPc33Plrci6V9M=
Subject key identifier: FE:90:E9:35:A7:C6:84:73:45:55:72:49:BA:FE:44:9C:6F:BF:BD:12
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B949BC1515EEB2CBC18F0A822B73649F9CAD777
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6027ce14-95d4-4f5a-9a58-52d26678ea8f.roa
Signing time: Fri 24 Oct 2025 00:20:13 +0000
ROA not before: Fri 24 Oct 2025 00:20:13 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:94:9b:c1:51:5e:eb:2c:bc:18:f0:a8:22:b7:36:49:f9:ca:d7:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:13 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=6884a737acc9999f8addfaa2852e4235c318fd2a659e7323663fa10a133ba798, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d3:33:ef:a4:57:50:1d:41:23:48:81:5b:48:
e1:39:ae:ca:5c:75:f2:db:f1:e7:ef:0f:38:12:06:
c5:88:fa:70:40:e9:a6:51:1f:52:ad:9e:f5:eb:52:
ee:a3:ce:53:12:b2:47:6f:b9:f3:87:bc:76:c2:e3:
2e:15:c7:9a:e9:89:de:b8:6f:d7:4e:44:83:78:33:
32:df:f5:34:c1:87:53:a7:fb:f6:9b:c8:c9:13:57:
26:42:ac:2b:53:16:5d:81:97:76:7a:a1:d6:70:ff:
27:e6:ff:53:a8:c3:b0:33:60:13:9a:21:ff:3d:9e:
70:2a:57:9d:e5:1c:76:ea:2b:df:ac:7e:ae:3f:68:
99:2f:80:3e:af:6c:89:ea:20:d0:43:e4:5a:38:c9:
44:ae:b5:08:67:ed:d6:bd:dd:18:02:49:1b:88:b7:
7c:37:65:ca:82:b4:96:a2:c5:63:39:51:84:50:25:
d4:1f:97:2b:f4:2d:2b:4c:bc:9a:06:59:b9:fb:87:
f2:e1:ee:58:5b:87:02:54:31:ca:33:d0:de:d7:86:
16:6b:71:9b:d8:bd:02:31:b8:37:3e:f2:1b:13:77:
e7:7e:20:86:c9:9f:e3:a8:aa:36:f3:fa:e5:b8:80:
86:e5:5f:66:6a:9e:55:ea:bd:5f:9f:32:17:f4:e5:
ee:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:90:E9:35:A7:C6:84:73:45:55:72:49:BA:FE:44:9C:6F:BF:BD:12
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6027ce14-95d4-4f5a-9a58-52d26678ea8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:8080::/48
Signature Algorithm: sha256WithRSAEncryption
72:f5:6c:ac:fb:36:f6:fd:af:d4:30:c4:55:f3:6c:d7:16:10:
0a:c4:de:80:6a:76:3c:38:83:84:e7:cf:e5:44:4a:f9:70:1a:
a3:42:b4:86:94:b2:d3:fc:65:11:e7:48:9f:df:7c:66:9c:5d:
77:d2:20:f8:e2:dc:9c:5d:85:72:de:99:5a:46:33:58:eb:75:
22:13:75:47:d0:45:5d:1f:1b:13:b1:85:6e:67:b2:fe:4e:89:
30:a7:be:e1:ab:42:d0:7f:2a:97:0a:0f:a8:a0:54:dc:83:74:
e1:cc:7c:37:51:11:05:00:de:c9:d0:95:d4:a7:8d:6c:3d:26:
3a:c1:8f:66:77:cc:e0:da:6a:00:0a:c3:82:0f:64:5e:da:4c:
e6:8a:98:42:1b:02:d8:00:eb:10:cf:73:e1:89:fb:e7:11:07:
82:fa:61:b5:0f:64:8e:22:e9:ac:de:54:16:31:0e:64:e4:bb:
7d:ea:06:4b:7d:9a:9a:3a:92:31:78:7f:15:73:20:2e:7d:a0:
1c:0a:98:f9:e7:ec:56:7c:ac:23:90:8d:e4:c8:59:67:8f:da:
4f:62:57:c8:83:54:8f:62:e4:99:7f:88:02:5f:fa:38:77:e9:
d3:b7:c9:07:65:b9:f2:a6:5c:3f:c5:ae:2a:67:10:fd:52:d6:
36:99:01:ff
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe5SbwVFe6yy8GPCoIrc2SfnK13cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMTNaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4ODRhNzM3YWNjOTk5OWY4YWRkZmFhMjg1MmU0MjM1YzMxOGZkMmE2NTll
NzMyMzY2M2ZhMTBhMTMzYmE3OTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvTM++kV1AdQSNIgVtI4Tmuylx18tvx5+8POBIGxYj6cEDpplEfUq2e9etS
7qPOUxKyR2+584e8dsLjLhXHmumJ3rhv105Eg3gzMt/1NMGHU6f79pvIyRNXJkKs
K1MWXYGXdnqh1nD/J+b/U6jDsDNgE5oh/z2ecCpXneUcduor36x+rj9omS+APq9s
ieog0EPkWjjJRK61CGft1r3dGAJJG4i3fDdlyoK0lqLFYzlRhFAl1B+XK/QtK0y8
mgZZufuH8uHuWFuHAlQxyjPQ3teGFmtxm9i9AjG4Nz7yGxN3534ghsmf46iqNvP6
5biAhuVfZmqeVeq9X58yF/Tl7ssCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT+kOk1
p8aEc0VVckm6/kScb7+9EjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjAyN2NlMTQtOTVkNC00ZjVhLTlhNTgtNTJkMjY2NzhlYThmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G2A
gDANBgkqhkiG9w0BAQsFAAOCAQEAcvVsrPs29v2v1DDEVfNs1xYQCsTegGp2PDiD
hOfP5URK+XAao0K0hpSy0/xlEedIn998Zpxdd9Ig+OLcnF2Fct6ZWkYzWOt1IhN1
R9BFXR8bE7GFbmey/k6JMKe+4atC0H8qlwoPqKBU3IN04cx8N1ERBQDeydCV1KeN
bD0mOsGPZnfM4NpqAArDgg9kXtpM5oqYQhsC2ADrEM9z4Yn75xEHgvphtQ9kjiLp
rN5UFjEOZOS7feoGS32amjqSMXh/FXMgLn2gHAqY+efsVnysI5CN5MhZZ4/aT2JX
yINUj2LkmX+IAl/6OHfp07fJB2W58qZcP8WuKmcQ/VLWNpkB/w==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:06 2025 by rpki-client