Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
File: 79440387-66a3-4852-a94b-8a3250f20726.roa (raw, json)
Hash identifier: a3qwYVaXoyO4HM0CJgUtgWnDwT5GfGBwAMZm6Caa5X0=
Subject key identifier: 33:FC:FE:E1:BE:57:3D:0D:C8:74:94:E8:40:5A:81:E7:B7:21:FB:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FC1D60BE31A7268279B74B1935AA5D7EFA0499E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
Signing time: Tue 21 Oct 2025 12:30:17 +0000
ROA not before: Tue 21 Oct 2025 12:30:17 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:c1:d6:0b:e3:1a:72:68:27:9b:74:b1:93:5a:a5:d7:ef:a0:49:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 12:30:17 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=050b2587745749b2ffa9b7acae92bf2304ae80d29460b278eb3c4cadd31d55cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9a:0d:93:0c:be:5a:b9:60:fc:ff:cc:04:0c:
41:91:65:bf:12:8c:a0:29:73:53:9e:d2:aa:97:06:
89:39:d9:ff:61:ee:e0:1c:18:6a:c4:fe:88:69:d8:
07:f5:e4:ea:41:39:cb:13:3a:c8:5a:91:73:2f:eb:
e6:34:34:f7:ab:13:95:de:f4:e1:cf:ff:05:30:63:
bd:a6:9d:64:7c:bc:44:a9:05:18:62:9f:d3:69:28:
5d:c6:1d:c4:5e:d1:a3:c2:34:4f:99:52:16:d8:a0:
bc:4e:18:ae:43:7e:64:49:d0:d6:2a:4a:a2:4b:d2:
22:2c:60:17:46:10:0c:3b:1a:79:c0:f0:4a:05:fe:
1b:df:fc:3f:82:c7:79:3b:fe:06:09:98:27:db:25:
ad:dd:0a:3c:0a:16:4e:d6:48:6e:73:ad:44:a9:0a:
75:8a:85:ed:62:3f:e1:a5:92:81:65:60:f2:b9:ec:
1d:92:59:b0:59:da:d3:e4:f4:e8:5b:0a:18:cb:7f:
31:b7:12:a5:88:b4:71:10:21:61:fc:b1:87:e0:75:
9d:41:44:9c:16:5b:8f:f0:a7:32:ad:d0:36:90:8b:
68:c4:7b:59:d6:6c:9e:ea:ea:ab:c0:c1:08:1d:0b:
dc:45:d7:83:6a:b4:0f:b3:d3:20:5f:5a:6b:25:ac:
4c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:FC:FE:E1:BE:57:3D:0D:C8:74:94:E8:40:5A:81:E7:B7:21:FB:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a040::/48
Signature Algorithm: sha256WithRSAEncryption
0d:36:41:db:ce:d2:10:c3:f3:44:90:54:4a:25:0a:6d:b4:cd:
d6:e9:07:65:d1:04:b9:0e:cf:05:d1:b8:c6:ae:48:d4:96:86:
61:fd:cb:f4:f1:76:5b:56:d9:09:20:41:68:33:bd:a6:ed:1a:
f0:0b:ab:55:26:ac:7b:a4:8c:00:d6:60:de:ea:61:ce:07:56:
af:a7:9a:83:d7:5f:f9:d6:07:52:f8:58:95:58:ba:52:3a:41:
6e:e4:14:76:c1:7c:d7:74:ce:f6:5e:83:26:e6:3f:00:8d:85:
c9:7a:2d:23:48:16:59:05:8d:11:41:6a:63:c6:64:d9:c0:3e:
fc:e3:e9:10:69:46:ee:b9:66:c6:22:28:12:25:71:31:44:66:
c1:f5:09:92:e9:92:a1:47:c8:1c:84:59:ee:4e:e2:b1:e9:44:
c8:d8:5b:0d:68:98:4a:0a:24:e1:94:02:ca:0a:35:4e:03:c9:
70:8b:50:1d:51:96:e0:26:6e:8c:85:4c:92:96:10:39:59:a4:
c0:d7:44:16:50:09:ab:15:96:43:91:03:fe:f8:78:42:4a:db:
f0:fa:3c:fb:2a:fb:ab:54:83:37:9e:1e:d9:5d:2f:f0:3e:21:
8b:fc:b1:55:b7:60:70:c8:be:3a:7a:c6:90:b4:ae:f3:e1:70:
2c:ff:ab:35
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUb8HWC+Macmgnm3Sxk1ql1++gSZ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMjMwMTdaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1MGIyNTg3NzQ1NzQ5YjJmZmE5YjdhY2FlOTJiZjIzMDRhZTgwZDI5NDYw
YjI3OGViM2M0Y2FkZDMxZDU1Y2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMiaDZMMvlq5YPz/zAQMQZFlvxKMoClzU57SqpcGiTnZ/2Hu4BwYasT+iGnY
B/Xk6kE5yxM6yFqRcy/r5jQ096sTld704c//BTBjvaadZHy8RKkFGGKf02koXcYd
xF7Ro8I0T5lSFtigvE4YrkN+ZEnQ1ipKokvSIixgF0YQDDsaecDwSgX+G9/8P4LH
eTv+BgmYJ9slrd0KPAoWTtZIbnOtRKkKdYqF7WI/4aWSgWVg8rnsHZJZsFna0+T0
6FsKGMt/MbcSpYi0cRAhYfyxh+B1nUFEnBZbj/CnMq3QNpCLaMR7WdZsnurqq8DB
CB0L3EXXg2q0D7PTIF9aayWsTM0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQz/P7h
vlc9Dch0lOhAWoHntyH7fzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzk0NDAzODctNjZhMy00ODUyLWE5NGItOGEzMjUwZjIwNzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
QDANBgkqhkiG9w0BAQsFAAOCAQEADTZB287SEMPzRJBUSiUKbbTN1ukHZdEEuQ7P
BdG4xq5I1JaGYf3L9PF2W1bZCSBBaDO9pu0a8AurVSase6SMANZg3uphzgdWr6ea
g9df+dYHUvhYlVi6UjpBbuQUdsF813TO9l6DJuY/AI2FyXotI0gWWQWNEUFqY8Zk
2cA+/OPpEGlG7rlmxiIoEiVxMURmwfUJkumSoUfIHIRZ7k7iselEyNhbDWiYSgok
4ZQCygo1TgPJcItQHVGW4CZujIVMkpYQOVmkwNdEFlAJqxWWQ5ED/vh4Qkrb8Po8
+yr7q1SDN54e2V0v8D4hi/yxVbdgcMi+OnrGkLSu8+FwLP+rNQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:21:14 2025 by rpki-client