Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
File: cd129ecb-5978-40fd-ada8-5ab27adcb622.roa (raw, json)
Hash identifier: WxFjXVKpK7GQUftjKuj6gyHcs8IxuLwhj7TBmo8jZ4I=
Subject key identifier: 79:8A:D9:57:90:6B:4B:65:E2:47:0A:39:C7:E0:3A:7F:2F:10:9B:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5DB5DF3ED69912DDFBB1CCB3D3D16A90B7D27DB1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
Signing time: Tue 21 Oct 2025 14:20:03 +0000
ROA not before: Tue 21 Oct 2025 14:20:03 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:b5:df:3e:d6:99:12:dd:fb:b1:cc:b3:d3:d1:6a:90:b7:d2:7d:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:20:03 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=00fbc90dfeebe86c1361c91c7b0e80b314c672527d4299b9c851e0a00ad339f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a7:18:6a:11:80:e9:46:89:ba:26:fe:73:8d:
8a:4c:0f:8d:cf:37:d8:3e:55:b5:b0:e2:04:76:c6:
55:28:0d:13:b9:c2:73:27:13:89:e5:64:07:42:3d:
57:2f:d2:7c:78:e2:f1:e1:c3:5c:7b:59:ec:ef:c2:
a5:e5:ba:c3:59:1f:3d:2b:9d:5e:94:92:9e:82:84:
24:4c:ce:38:1a:7c:bb:f3:bc:77:42:8a:68:df:95:
52:82:a0:d2:a6:09:fe:7c:21:b6:a9:63:d8:1f:5e:
65:0a:60:d8:6a:74:5c:eb:63:dc:05:20:60:67:c1:
9f:6a:3f:a2:33:45:c4:d0:e5:1d:7f:bb:c6:8e:03:
e0:71:21:8b:dd:4b:69:3d:ce:14:8a:4d:06:3e:e3:
03:bd:8d:19:58:4a:ba:8f:9d:ae:a6:68:f2:87:b4:
03:3c:db:5f:56:31:bb:25:57:fa:55:d7:14:c2:98:
54:b4:f0:c2:35:ba:b6:8b:d1:67:2b:25:b7:e1:65:
a8:1f:4c:ba:85:97:88:dc:01:e8:95:94:5e:e7:25:
a7:67:a8:cc:38:53:e3:6e:34:5c:70:5d:32:bf:7c:
6a:42:7d:87:a8:15:3a:51:85:cd:0a:41:be:80:be:
05:b3:06:56:21:4a:ce:9d:57:f4:cd:f3:41:bc:e3:
7c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:8A:D9:57:90:6B:4B:65:E2:47:0A:39:C7:E0:3A:7F:2F:10:9B:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
ab:35:ff:34:20:e1:11:62:4a:c1:b6:05:12:b2:8d:08:91:97:
f0:af:24:90:60:fb:28:3e:66:6f:3d:b7:6c:d2:a0:7e:42:c1:
7f:2f:50:55:da:5d:37:77:69:7d:21:ee:99:d0:b9:86:b6:2a:
f6:c3:64:b5:17:87:ab:b1:9f:6a:c3:6f:22:de:ce:0c:2e:93:
14:0b:9a:59:77:5c:5b:79:30:0b:2e:7c:20:ae:9a:51:27:1a:
95:7c:4f:38:8f:ef:68:cb:fb:41:92:b3:bd:08:3f:a6:89:26:
98:19:e4:0c:79:51:94:09:45:fa:35:9e:8e:73:f5:b5:d3:74:
e9:07:61:ca:35:43:a9:b4:6b:b7:06:19:dd:dc:df:f1:9c:d9:
e0:82:cd:94:9a:ac:a5:e3:c9:40:6d:10:07:53:2a:6d:a9:86:
e1:27:d1:f2:8d:32:86:d6:20:de:63:de:dd:5f:e0:50:35:7b:
c9:5d:c7:ae:26:4e:42:ce:12:f3:60:15:57:a9:3a:0b:68:0f:
59:59:62:64:9a:bd:8c:36:84:79:a2:27:64:df:e4:39:44:fa:
9a:5f:bc:e0:b9:d6:4b:d4:f0:fe:1b:f0:78:52:89:6d:e6:ee:
3c:cb:59:56:18:da:a9:fb:35:49:ea:4c:33:c7:c5:d4:16:5d:
39:af:c9:b4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXbXfPtaZEt37scyz09FqkLfSfbEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDIwMDNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwZmJjOTBkZmVlYmU4NmMxMzYxYzkxYzdiMGU4MGIzMTRjNjcyNTI3ZDQy
OTliOWM4NTFlMGEwMGFkMzM5ZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI6nGGoRgOlGibom/nONikwPjc832D5VtbDiBHbGVSgNE7nCcycTieVkB0I9
Vy/SfHji8eHDXHtZ7O/CpeW6w1kfPSudXpSSnoKEJEzOOBp8u/O8d0KKaN+VUoKg
0qYJ/nwhtqlj2B9eZQpg2Gp0XOtj3AUgYGfBn2o/ojNFxNDlHX+7xo4D4HEhi91L
aT3OFIpNBj7jA72NGVhKuo+drqZo8oe0AzzbX1YxuyVX+lXXFMKYVLTwwjW6tovR
Zyslt+FlqB9MuoWXiNwB6JWUXuclp2eozDhT4240XHBdMr98akJ9h6gVOlGFzQpB
voC+BbMGViFKzp1X9M3zQbzjfPkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR5itlX
kGtLZeJHCjnH4Dp/LxCblTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2QxMjllY2ItNTk3OC00MGZkLWFkYTgtNWFiMjdhZGNiNjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
wDANBgkqhkiG9w0BAQsFAAOCAQEAqzX/NCDhEWJKwbYFErKNCJGX8K8kkGD7KD5m
bz23bNKgfkLBfy9QVdpdN3dpfSHumdC5hrYq9sNktReHq7GfasNvIt7ODC6TFAua
WXdcW3kwCy58IK6aUScalXxPOI/vaMv7QZKzvQg/pokmmBnkDHlRlAlF+jWejnP1
tdN06QdhyjVDqbRrtwYZ3dzf8ZzZ4ILNlJqspePJQG0QB1MqbamG4SfR8o0yhtYg
3mPe3V/gUDV7yV3HriZOQs4S82AVV6k6C2gPWVliZJq9jDaEeaInZN/kOUT6ml+8
4LnWS9Tw/hvweFKJbebuPMtZVhjaqfs1SepMM8fF1BZdOa/JtA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:28 2025 by rpki-client