Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8bdec55-5207-4e20-a65b-ee864a734245.roa
File: d8bdec55-5207-4e20-a65b-ee864a734245.roa (raw, json)
Hash identifier: ByKQEmHySrT1XJ/2avTocIUY3vtp8fx/TWv3WnQebIY=
Subject key identifier: 4C:AF:DB:51:85:95:24:1D:14:21:3E:BE:88:6F:AC:EE:69:F9:B1:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14044ABCF2B908A6FBDD20AB20937BB2B3E487C7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8bdec55-5207-4e20-a65b-ee864a734245.roa
Signing time: Fri 24 Oct 2025 00:20:09 +0000
ROA not before: Fri 24 Oct 2025 00:20:09 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d034:8080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:04:4a:bc:f2:b9:08:a6:fb:dd:20:ab:20:93:7b:b2:b3:e4:87:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 24 00:20:09 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=78125ae4e8e0b4b3e533dadba4d5944898321ae54436b9cf9f235ccc79d02a46, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3c:32:e0:81:02:96:7b:76:e5:20:f5:1d:64:
43:9f:1d:a5:a1:f7:b1:e5:bc:fa:c2:b2:4b:cb:96:
7f:54:25:cf:df:93:4b:38:b5:95:a5:b8:13:8c:e0:
4e:36:80:11:eb:b6:2d:2b:5e:be:4e:75:01:dc:0f:
d0:4c:57:38:cd:1e:79:09:73:16:77:64:52:60:79:
8c:4e:d0:fa:48:f1:2b:8c:ff:60:45:15:c0:18:cd:
9a:19:43:00:4b:2c:a3:e4:51:86:c5:0e:3a:2b:c9:
90:eb:58:2d:bd:59:55:e0:4d:ae:8f:0f:56:90:2c:
cd:cc:a3:b8:8e:d8:c0:e8:03:31:65:0a:40:3d:9d:
60:91:f5:13:2c:c1:da:57:27:a2:5d:d6:80:e4:72:
d5:1c:16:51:8f:d1:55:8d:64:26:f4:ca:76:13:ef:
38:c2:6d:39:36:d1:a4:56:2e:6d:14:76:81:c5:1f:
76:cd:e3:b2:87:29:fa:f6:11:b9:76:83:1b:9c:f7:
3a:aa:27:44:91:98:af:d2:31:0d:63:06:b3:f4:84:
df:87:1a:4e:13:1e:18:a2:3e:96:c4:9a:58:f6:cb:
60:8a:82:e4:86:2b:fe:15:fd:75:5c:b0:8e:d2:37:
f5:0f:45:15:16:b5:c4:21:de:42:6b:31:17:cf:d1:
87:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:AF:DB:51:85:95:24:1D:14:21:3E:BE:88:6F:AC:EE:69:F9:B1:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8bdec55-5207-4e20-a65b-ee864a734245.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:8080::/46
Signature Algorithm: sha256WithRSAEncryption
4e:0b:66:d6:cd:82:54:68:bc:90:91:5a:9c:2e:e9:9c:8e:b5:
c9:ab:67:7c:ec:be:80:b7:b9:43:83:ad:ed:8b:e4:d0:1a:f5:
a1:b1:f2:03:f0:c6:14:50:ba:82:09:ad:bd:48:2b:f2:8e:89:
ba:3c:9f:0b:3d:c6:a1:4f:fc:1e:9e:02:a8:d7:6e:50:f4:73:
df:a3:af:b9:3d:63:21:70:b5:93:1d:f2:a0:0d:21:72:58:0d:
70:ce:d7:bc:4d:d1:b0:83:11:e1:47:54:da:83:bc:79:53:1d:
c0:51:b8:94:e5:35:2b:bc:bf:22:c5:4c:4d:31:9e:e6:02:8d:
cb:9f:41:25:15:df:20:73:00:bc:49:02:58:e0:91:64:fb:df:
c9:ab:9a:b0:8c:4b:18:84:1d:0c:9d:11:e5:5d:51:07:1b:cb:
5d:b3:cf:16:71:b9:ca:f3:d9:4b:34:7f:d8:43:30:28:ba:2a:
0c:70:d7:01:d6:de:0a:b5:98:75:9d:dc:f7:e7:fa:a0:84:14:
e0:24:15:ed:4c:b0:5c:af:26:cd:71:19:7c:1f:d7:95:1e:8d:
8f:ff:86:b8:9a:bf:fd:b1:61:5b:cf:31:27:55:7a:eb:46:8e:
d7:55:e4:26:ee:b7:84:8d:07:3c:76:6b:15:3d:40:ee:65:97:
e2:b6:1b:f6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFARKvPK5CKb73SCrIJN7srPkh8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjQwMDIwMDlaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4MTI1YWU0ZThlMGI0YjNlNTMzZGFkYmE0ZDU5NDQ4OTgzMjFhZTU0NDM2
YjljZjlmMjM1Y2NjNzlkMDJhNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKU8MuCBApZ7duUg9R1kQ58dpaH3seW8+sKyS8uWf1Qlz9+TSzi1laW4E4zg
TjaAEeu2LStevk51AdwP0ExXOM0eeQlzFndkUmB5jE7Q+kjxK4z/YEUVwBjNmhlD
AEsso+RRhsUOOivJkOtYLb1ZVeBNro8PVpAszcyjuI7YwOgDMWUKQD2dYJH1EyzB
2lcnol3WgORy1RwWUY/RVY1kJvTKdhPvOMJtOTbRpFYubRR2gcUfds3jsocp+vYR
uXaDG5z3OqonRJGYr9IxDWMGs/SE34caThMeGKI+lsSaWPbLYIqC5IYr/hX9dVyw
jtI39Q9FFRa1xCHeQmsxF8/Rh88CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRMr9tR
hZUkHRQhPr6Ib6zuafmx9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDhiZGVjNTUtNTIwNy00ZTIwLWE2NWItZWU4NjRhNzM0MjQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DSA
gDANBgkqhkiG9w0BAQsFAAOCAQEATgtm1s2CVGi8kJFanC7pnI61yatnfOy+gLe5
Q4Ot7Yvk0Br1obHyA/DGFFC6ggmtvUgr8o6JujyfCz3GoU/8Hp4CqNduUPRz36Ov
uT1jIXC1kx3yoA0hclgNcM7XvE3RsIMR4UdU2oO8eVMdwFG4lOU1K7y/IsVMTTGe
5gKNy59BJRXfIHMAvEkCWOCRZPvfyauasIxLGIQdDJ0R5V1RBxvLXbPPFnG5yvPZ
SzR/2EMwKLoqDHDXAdbeCrWYdZ3c9+f6oIQU4CQV7UywXK8mzXEZfB/XlR6Nj/+G
uJq//bFhW88xJ1V660aO11XkJu63hI0HPHZrFT1A7mWX4rYb9g==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:36 2025 by rpki-client