Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
File: c6b4bacc-5824-4f9c-a10d-49f145db8549.roa (raw, json)
Hash identifier: Q14PdU7PYuNWpYnA8EcCG+XyHmAEQHSkV18gX67rlD8=
Subject key identifier: 43:AC:8B:DF:E2:ED:8D:C3:26:4A:A5:EB:3C:86:F6:97:93:C3:8D:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52F7F0969372F6C719305456BFA93BBDFACB883E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
Signing time: Fri 24 Oct 2025 00:20:05 +0000
ROA not before: Fri 24 Oct 2025 00:20:05 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02f::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:f7:f0:96:93:72:f6:c7:19:30:54:56:bf:a9:3b:bd:fa:cb:88:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:05 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=db8426243faf29916b349c30ee681f44ca1d076f61d8313450b995a92b6040cf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d7:43:c1:69:34:36:5a:05:67:c5:c6:b9:f4:
2c:6e:79:a6:e4:b0:a4:d5:ad:fb:d3:5d:f1:3d:7e:
63:3d:2e:66:f1:2a:88:8a:81:55:83:03:72:ed:f4:
2d:f9:e1:cc:a4:a2:44:2e:ad:ae:72:0d:ac:6e:62:
61:95:30:16:fa:67:a5:36:e8:95:b5:f0:c7:40:36:
b9:2d:05:ff:e1:bc:3c:e6:97:40:a9:03:4f:2c:0a:
b7:a8:b8:bd:d3:89:59:6a:7d:45:23:b6:6a:5f:c7:
70:45:f5:87:bc:a5:e3:3e:87:8a:0e:9c:c4:3d:68:
8d:52:47:21:0f:04:75:02:78:29:a5:11:c1:91:8b:
a0:e0:cb:72:e0:ba:21:11:21:5f:3e:28:a2:a1:81:
bc:1f:eb:ae:89:ce:45:4f:27:fd:9b:83:98:ac:8e:
8b:54:df:41:55:b6:3b:6a:aa:c0:1b:1b:2a:8b:7d:
ca:83:ce:86:b3:46:ac:2e:17:33:b8:49:4d:37:3c:
e7:14:e4:c9:98:b8:3b:6e:24:5a:bb:7c:ee:6c:73:
b5:84:d4:b2:56:a2:67:5e:c8:81:c6:c7:f2:26:e4:
34:79:6d:d9:f2:9b:ed:38:5b:9e:6b:ae:c7:bc:46:
85:cc:1a:a8:1d:4a:d4:f3:8c:a1:7f:15:99:a7:44:
fa:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:AC:8B:DF:E2:ED:8D:C3:26:4A:A5:EB:3C:86:F6:97:93:C3:8D:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02f::/36
Signature Algorithm: sha256WithRSAEncryption
a8:84:98:7d:3e:bb:82:ad:57:d6:96:63:f4:81:f8:14:6e:b7:
a6:46:01:bb:5f:1c:10:4e:43:95:da:ac:8d:8f:06:fe:c9:6e:
5f:5f:e8:cf:de:4e:46:0a:3e:63:ee:ee:63:ba:88:bd:04:3f:
7d:37:95:9c:5c:d2:e9:da:ad:67:01:cf:2f:d2:2e:4b:eb:eb:
cc:8d:1a:10:35:fd:2d:20:32:ac:4f:65:1e:60:30:3d:c7:af:
6c:8e:39:f0:2b:9b:75:d4:41:7e:56:c6:4e:24:38:a8:69:0c:
d8:9a:83:bb:c4:04:50:ba:ad:84:88:7c:bc:78:50:95:f4:46:
45:0a:6a:9d:f3:93:6e:b3:ec:9b:a0:71:00:2d:0a:e0:75:fc:
c0:58:81:9a:09:78:bb:38:2f:d8:25:28:34:05:bb:e2:98:dc:
b6:5b:18:67:6d:57:5f:18:55:54:47:2e:cc:ad:b1:09:95:cf:
58:66:35:42:5e:42:b9:ce:ff:29:7b:46:5f:3f:cf:4c:f5:28:
64:ce:1d:cd:be:dd:3b:a0:be:0e:94:6e:45:65:97:7d:04:0f:
4b:85:0c:6b:29:4d:af:42:cb:e8:23:8b:92:fd:90:ce:89:01:
04:4a:27:a9:c5:21:5a:3e:21:15:12:5b:b4:ec:2e:40:99:5e:
62:f3:80:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUvfwlpNy9scZMFRWv6k7vfrLiD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMDVaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiODQyNjI0M2ZhZjI5OTE2YjM0OWMzMGVlNjgxZjQ0Y2ExZDA3NmY2MWQ4
MzEzNDUwYjk5NWE5MmI2MDQwY2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvXQ8FpNDZaBWfFxrn0LG55puSwpNWt+9Nd8T1+Yz0uZvEqiIqBVYMDcu30
LfnhzKSiRC6trnINrG5iYZUwFvpnpTbolbXwx0A2uS0F/+G8POaXQKkDTywKt6i4
vdOJWWp9RSO2al/HcEX1h7yl4z6Hig6cxD1ojVJHIQ8EdQJ4KaURwZGLoODLcuC6
IREhXz4ooqGBvB/rronORU8n/ZuDmKyOi1TfQVW2O2qqwBsbKot9yoPOhrNGrC4X
M7hJTTc85xTkyZi4O24kWrt87mxztYTUslaiZ17IgcbH8ibkNHlt2fKb7Thbnmuu
x7xGhcwaqB1K1POMoX8VmadE+o0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRDrIvf
4u2NwyZKpes8hvaXk8ONXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzZiNGJhY2MtNTgyNC00ZjljLWExMGQtNDlmMTQ1ZGI4NTQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C8A
MA0GCSqGSIb3DQEBCwUAA4IBAQCohJh9PruCrVfWlmP0gfgUbremRgG7XxwQTkOV
2qyNjwb+yW5fX+jP3k5GCj5j7u5juoi9BD99N5WcXNLp2q1nAc8v0i5L6+vMjRoQ
Nf0tIDKsT2UeYDA9x69sjjnwK5t11EF+VsZOJDioaQzYmoO7xARQuq2EiHy8eFCV
9EZFCmqd85Nus+yboHEALQrgdfzAWIGaCXi7OC/YJSg0BbvimNy2WxhnbVdfGFVU
Ry7MrbEJlc9YZjVCXkK5zv8pe0ZfP89M9Shkzh3Nvt07oL4OlG5FZZd9BA9LhQxr
KU2vQsvoI4uS/ZDOiQEESiepxSFaPiEVElu07C5AmV5i84Cc
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:12:00 2025 by rpki-client