Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
File: b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa (raw, json)
Hash identifier: /z4FA7ZSLqqPiNhVKxfyYc0SVV5yPaD/5KRqQQ8j+2I=
Subject key identifier: 71:75:94:57:C2:C5:A4:DC:C6:8A:6E:3D:C1:E3:B8:9E:53:AE:B3:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22360179F1C4043FEA81DDFD39F23112147EB2BD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
Signing time: Tue 21 Oct 2025 14:00:05 +0000
ROA not before: Tue 21 Oct 2025 14:00:05 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:36:01:79:f1:c4:04:3f:ea:81:dd:fd:39:f2:31:12:14:7e:b2:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:00:05 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=7c3cf4e60f550ed4b93a842b07553c198dc41f8a3cd76b3904dd493ac5722081, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0b:1e:ad:d3:1a:fa:f3:2e:bf:37:cf:45:2d:
8e:6c:51:45:ba:28:97:2a:6a:b1:55:0a:bb:4a:5d:
db:c0:6f:c0:16:f9:fd:06:67:b6:e2:1a:f4:93:2e:
ba:b9:b8:06:f2:82:e8:91:7f:8e:ba:a6:d6:0e:7b:
cf:39:be:0e:85:9c:11:5a:64:6e:1a:9b:d3:38:ab:
11:14:63:9e:06:94:bb:59:3d:a2:7c:51:50:f1:17:
0b:0a:66:65:71:5c:a1:02:4a:3e:6f:d8:67:db:34:
04:4b:be:71:32:49:d8:cd:66:11:ef:e0:ec:90:e7:
dc:a1:c7:b8:f2:fd:99:fb:8c:dd:73:4c:47:d7:8f:
79:bd:b3:15:8a:fc:87:1a:08:db:12:e2:54:aa:11:
07:61:31:d4:b5:07:85:68:1c:58:d0:db:18:0b:b5:
1f:79:48:d5:a0:da:66:88:dc:d9:4b:aa:eb:9d:98:
b3:84:ea:d0:01:12:25:3f:8b:e3:0f:50:3f:c5:18:
a0:26:9a:c3:52:a2:93:64:c1:59:24:86:2f:ca:a9:
f4:50:51:1e:b5:0b:67:bd:00:a5:10:5e:fe:86:08:
4c:ca:40:4b:fd:a6:80:dc:95:84:66:db:02:37:40:
eb:42:f8:62:05:c5:4e:dd:29:4c:74:f2:3f:ef:21:
a4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:75:94:57:C2:C5:A4:DC:C6:8A:6E:3D:C1:E3:B8:9E:53:AE:B3:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b:800::/37
Signature Algorithm: sha256WithRSAEncryption
4c:7f:c2:58:a0:cd:25:bd:b6:ba:99:0a:8d:3c:74:10:f0:29:
44:27:fa:86:11:33:5c:5e:49:f1:a7:49:d5:82:87:d3:97:fc:
3d:87:d6:6b:a0:55:b5:ba:95:76:fc:91:71:20:be:75:46:06:
80:47:55:23:dd:95:79:5e:75:3e:2a:b0:e9:fa:4a:a7:6a:b8:
b2:5f:df:cd:58:42:24:df:76:69:3e:75:94:4d:06:fd:c4:de:
c7:84:07:1b:d8:6c:72:4f:77:2f:a0:19:8f:39:35:4d:5d:c0:
53:9f:0f:bb:43:45:02:73:c6:76:8a:66:c8:e5:fb:c5:1f:42:
95:e9:10:b6:28:f6:51:ad:13:20:99:72:51:24:75:55:d0:e0:
2e:38:b9:a1:e2:ec:94:26:70:bb:84:a4:6a:88:5a:de:02:99:
1a:c4:f7:3e:67:39:1f:03:1d:60:b9:14:08:6a:8e:d0:6e:82:
6d:04:23:06:81:87:b9:10:38:4b:f2:a0:d3:aa:61:0f:4f:93:
03:1a:71:c8:c8:c1:50:fd:84:40:2a:d0:db:33:ae:16:60:30:
6c:92:ba:7b:3e:99:b5:e3:6b:16:29:6e:fa:bc:d6:d5:c9:53:
11:6c:61:00:b9:71:12:09:32:51:f1:a4:86:2b:52:a8:9b:0b:
c9:2b:14:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIjYBefHEBD/qgd39OfIxEhR+sr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDAwMDVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjM2NmNGU2MGY1NTBlZDRiOTNhODQyYjA3NTUzYzE5OGRjNDFmOGEzY2Q3
NmIzOTA0ZGQ0OTNhYzU3MjIwODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANELHq3TGvrzLr83z0UtjmxRRboolypqsVUKu0pd28BvwBb5/QZntuIa9JMu
urm4BvKC6JF/jrqm1g57zzm+DoWcEVpkbhqb0zirERRjngaUu1k9onxRUPEXCwpm
ZXFcoQJKPm/YZ9s0BEu+cTJJ2M1mEe/g7JDn3KHHuPL9mfuM3XNMR9ePeb2zFYr8
hxoI2xLiVKoRB2Ex1LUHhWgcWNDbGAu1H3lI1aDaZojc2Uuq652Ys4Tq0AESJT+L
4w9QP8UYoCaaw1Kik2TBWSSGL8qp9FBRHrULZ70ApRBe/oYITMpAS/2mgNyVhGbb
AjdA60L4YgXFTt0pTHTyP+8hpCMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRxdZRX
wsWk3MaKbj3B47ieU66zgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjNiMTg2NDgtYmVhMC00ZjdlLThmMGYtNWFkMmQyZjA1ZWE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0CsI
MA0GCSqGSIb3DQEBCwUAA4IBAQBMf8JYoM0lvba6mQqNPHQQ8ClEJ/qGETNcXknx
p0nVgofTl/w9h9ZroFW1upV2/JFxIL51RgaAR1Uj3ZV5XnU+KrDp+kqnariyX9/N
WEIk33ZpPnWUTQb9xN7HhAcb2GxyT3cvoBmPOTVNXcBTnw+7Q0UCc8Z2imbI5fvF
H0KV6RC2KPZRrRMgmXJRJHVV0OAuOLmh4uyUJnC7hKRqiFreApkaxPc+ZzkfAx1g
uRQIao7QboJtBCMGgYe5EDhL8qDTqmEPT5MDGnHIyMFQ/YRAKtDbM64WYDBskrp7
Ppm142sWKW76vNbVyVMRbGEAuXESCTJR8aSGK1KomwvJKxS5
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:16 2025 by rpki-client