Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
File: 7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa (raw, json)
Hash identifier: 2kx3p+NT9GFHMjWPWAEycY1Hc9Ls0uD/s5U3xeykShc=
Subject key identifier: 9A:00:68:29:D7:DD:32:A3:1C:C7:ED:26:C2:5C:4C:67:2B:32:FE:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43908011DF2AE949CEEACA878C0F8874A553D149
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
Signing time: Tue 21 Oct 2025 14:30:28 +0000
ROA not before: Tue 21 Oct 2025 14:30:28 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:90:80:11:df:2a:e9:49:ce:ea:ca:87:8c:0f:88:74:a5:53:d1:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:30:28 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=cea26c28324f9b364553ae091ab7a9965f717cb4baa5143765a5a53aa33a0de2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:38:26:40:92:e3:bb:96:4a:0b:3e:71:ea:c1:
69:58:50:92:a2:d0:91:3c:d9:9d:a5:c6:c9:66:2d:
a4:b1:eb:c8:7a:a2:7c:ad:4f:de:d7:e7:4d:37:07:
8f:0c:da:e9:5f:53:2e:1c:7c:37:d1:ef:5a:fb:7b:
52:d7:7a:7a:8c:3a:96:80:9b:86:d3:bc:5d:b5:22:
0d:a1:78:5c:74:66:52:31:9c:02:76:5e:c6:d0:f6:
fe:5d:be:9b:68:28:61:9e:50:14:e8:40:a9:4e:13:
3f:9c:a1:73:2c:06:e7:65:2a:f7:2e:16:c7:39:ff:
ea:eb:9d:7e:46:47:2b:11:af:f1:36:0f:d1:46:bd:
ec:c4:36:83:64:53:aa:e6:d0:b8:7d:c0:88:0f:c3:
17:f2:c9:4c:cc:16:03:8c:84:ff:ca:98:a0:5a:46:
9b:f7:32:4e:22:f6:fb:60:0a:e1:3a:6e:9b:2b:0f:
ad:28:5d:ee:b0:2d:7e:6e:1e:91:64:49:62:59:52:
32:6d:88:3d:d8:cf:2e:d1:cd:a4:2b:fa:ae:00:7d:
9a:2b:b4:ed:76:d6:b4:a1:18:aa:00:9c:58:0a:a4:
89:12:39:13:b2:5c:e6:ce:b6:e3:c6:b0:7c:5e:b7:
75:de:3d:c1:91:8a:b7:2f:dd:57:9c:86:dd:38:d0:
f5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:00:68:29:D7:DD:32:A3:1C:C7:ED:26:C2:5C:4C:67:2B:32:FE:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012::/36
Signature Algorithm: sha256WithRSAEncryption
57:48:bc:d8:47:38:ca:25:95:68:40:79:a7:51:8d:5a:ce:9c:
b7:a9:1f:da:aa:af:20:ed:05:de:7d:ff:e7:49:03:84:9e:c5:
78:a0:7a:3d:81:5f:77:1a:72:78:72:12:9c:27:ab:09:d1:56:
58:97:75:33:b6:92:3a:22:64:4a:d0:96:dd:6a:56:f2:5a:d1:
e0:ee:51:82:bd:e5:fd:c7:02:58:92:bd:08:54:68:84:80:7d:
80:91:ad:6a:3a:e0:b5:18:c0:3c:15:9a:33:ba:6d:90:61:99:
56:20:57:4f:c5:87:83:7a:2f:df:b4:ed:e8:3d:7b:eb:b9:4d:
e7:03:34:e6:a9:9f:0d:06:18:d3:6b:67:68:5e:58:fa:5d:76:
b2:55:39:d4:fb:e0:5b:84:d3:6d:51:35:0d:00:5a:85:ac:25:
9d:15:b6:c5:e0:49:ef:b6:fc:6a:3a:1b:eb:d9:65:5f:7f:d8:
cc:23:0c:32:8e:f4:48:15:24:f7:3c:10:8a:b4:15:c1:48:db:
de:35:f5:05:a1:64:de:9c:9d:e0:92:e5:cb:e0:83:a9:6b:aa:
3f:bd:73:25:c9:ae:da:e5:3e:9e:43:b8:32:5c:5e:ed:a1:f9:
12:be:d9:d4:b1:ef:33:1b:1a:c6:94:b3:95:f2:1d:3a:d5:fa:
97:51:fd:81
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ5CAEd8q6UnO6sqHjA+IdKVT0UkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMwMjhaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlYTI2YzI4MzI0ZjliMzY0NTUzYWUwOTFhYjdhOTk2NWY3MTdjYjRiYWE1
MTQzNzY1YTVhNTNhYTMzYTBkZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMY4JkCS47uWSgs+cerBaVhQkqLQkTzZnaXGyWYtpLHryHqifK1P3tfnTTcH
jwza6V9TLhx8N9HvWvt7Utd6eow6loCbhtO8XbUiDaF4XHRmUjGcAnZextD2/l2+
m2goYZ5QFOhAqU4TP5yhcywG52Uq9y4Wxzn/6uudfkZHKxGv8TYP0Ua97MQ2g2RT
qubQuH3AiA/DF/LJTMwWA4yE/8qYoFpGm/cyTiL2+2AK4TpumysPrShd7rAtfm4e
kWRJYllSMm2IPdjPLtHNpCv6rgB9miu07XbWtKEYqgCcWAqkiRI5E7Jc5s6248aw
fF63dd49wZGKty/dV5yG3TjQ9TMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSaAGgp
190yoxzH7SbCXExnKzL+dDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RmNzY2NDktZGNjMC00ZjhjLWJlNmItMTNmY2EyN2VjNGYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BIA
MA0GCSqGSIb3DQEBCwUAA4IBAQBXSLzYRzjKJZVoQHmnUY1azpy3qR/aqq8g7QXe
ff/nSQOEnsV4oHo9gV93GnJ4chKcJ6sJ0VZYl3UztpI6ImRK0JbdalbyWtHg7lGC
veX9xwJYkr0IVGiEgH2Aka1qOuC1GMA8FZozum2QYZlWIFdPxYeDei/ftO3oPXvr
uU3nAzTmqZ8NBhjTa2doXlj6XXayVTnU++BbhNNtUTUNAFqFrCWdFbbF4Envtvxq
Ohvr2WVff9jMIwwyjvRIFST3PBCKtBXBSNveNfUFoWTenJ3gkuXL4IOpa6o/vXMl
ya7a5T6eQ7gyXF7tofkSvtnUse8zGxrGlLOV8h061fqXUf2B
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:12 2025 by rpki-client