Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
File: e69b1519-f345-43aa-8c6b-cd786ee13404.roa (raw, json)
Hash identifier: wp37EHnhXxEqwbxkuPH6OBCI/UP8yLzyImL4PaGw32s=
Subject key identifier: 2A:CB:E9:17:23:DB:39:38:4F:30:AD:01:14:6A:CB:B6:24:70:BD:43
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B9D03D45C7E55498A74281F5A09E2A748EE10CE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
Signing time: Tue 21 Oct 2025 14:10:44 +0000
ROA not before: Tue 21 Oct 2025 14:10:44 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 07 Nov 2025 06:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:9d:03:d4:5c:7e:55:49:8a:74:28:1f:5a:09:e2:a7:48:ee:10:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:10:44 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=ae8d7cc6341125b8c63136f9d023c83534218e99125ab100cc0a01047b5794f1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:09:ee:96:63:a8:5a:09:33:f9:20:bd:c1:54:
79:b8:05:fb:ce:3f:25:df:a8:52:12:21:68:e1:b0:
34:6f:6b:99:5a:18:df:65:a7:d1:bc:71:2f:b8:c1:
77:84:71:49:4b:99:8c:95:3f:fe:3f:09:29:1f:0f:
b9:42:41:28:f2:0e:ae:22:e6:90:57:59:11:bc:d8:
61:67:8b:1c:5c:0c:57:a2:05:0a:c1:ec:43:c2:07:
ec:d6:13:11:bc:ed:b3:ce:71:92:19:f8:68:43:e2:
43:92:ea:ac:04:eb:cb:09:da:fb:55:9e:fe:31:bd:
af:2d:96:57:c5:21:e2:77:cf:f5:17:d0:74:3e:0d:
f8:18:17:09:4f:c6:75:e9:1d:34:9b:63:79:db:74:
29:ed:9e:3f:e8:3f:25:86:5c:4b:49:86:3b:61:f4:
32:51:2b:1a:5a:4b:ae:8c:e5:59:00:42:53:94:a3:
62:3a:74:b4:14:b3:07:6f:64:73:f7:7d:d3:f4:23:
5e:7f:5b:bc:00:49:69:2c:40:19:75:a2:5c:79:be:
06:ed:02:50:a3:3d:4e:ee:14:39:76:1a:7f:49:dc:
91:50:78:92:c5:2b:6b:0e:35:54:7d:85:68:2c:94:
61:64:c2:16:fd:92:4d:c2:6c:fe:b8:f6:42:98:29:
49:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:CB:E9:17:23:DB:39:38:4F:30:AD:01:14:6A:CB:B6:24:70:BD:43
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:5000::/40
Signature Algorithm: sha256WithRSAEncryption
a8:ea:3e:a2:b3:1a:cd:c6:7d:95:64:35:8c:9e:41:cd:04:d5:
4c:f2:8b:c3:ce:91:b8:9f:83:30:cf:30:57:9a:2f:df:e2:55:
4b:ec:6c:f3:51:f9:ad:af:5d:8a:d7:43:c6:79:7f:09:bf:b5:
fa:f8:4b:e8:65:98:3f:11:b1:58:39:a0:5c:76:33:23:7a:a7:
21:73:f7:7d:d5:38:d6:40:8b:79:4c:da:00:78:81:e6:e5:49:
c1:ef:ec:8a:a1:c7:24:eb:e9:94:73:ec:13:8b:51:5f:d0:8a:
f4:a7:28:26:77:80:ad:e3:da:24:ac:b7:5f:7b:5e:68:5b:7f:
3c:97:07:de:d9:df:45:98:82:f5:1b:78:ab:aa:69:2d:44:61:
b4:4b:22:6b:1b:d2:5b:f0:ca:dc:f1:ff:b8:83:25:82:5a:87:
cd:4a:26:91:23:93:3a:41:ca:54:45:5a:65:b8:1b:7c:b7:f1:
a5:09:b4:1f:e1:e3:6e:be:4f:f1:14:88:b7:89:60:79:61:1b:
1b:ac:23:b9:50:43:1e:0b:e3:10:b6:f8:5d:fc:d9:18:e9:32:
2c:62:47:9a:57:48:20:cd:4a:e0:4f:90:95:6c:4f:8b:29:e2:
0d:b2:4c:26:1e:8e:0c:8c:f6:8d:2c:fd:39:1c:56:a6:2d:f6:
55:74:fc:82
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUO50D1Fx+VUmKdCgfWgnip0juEM4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDEwNDRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlOGQ3Y2M2MzQxMTI1YjhjNjMxMzZmOWQwMjNjODM1MzQyMThlOTkxMjVh
YjEwMGNjMGEwMTA0N2I1Nzk0ZjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANIJ7pZjqFoJM/kgvcFUebgF+84/Jd+oUhIhaOGwNG9rmVoY32Wn0bxxL7jB
d4RxSUuZjJU//j8JKR8PuUJBKPIOriLmkFdZEbzYYWeLHFwMV6IFCsHsQ8IH7NYT
Ebzts85xkhn4aEPiQ5LqrATrywna+1We/jG9ry2WV8Uh4nfP9RfQdD4N+BgXCU/G
dekdNJtjedt0Ke2eP+g/JYZcS0mGO2H0MlErGlpLrozlWQBCU5SjYjp0tBSzB29k
c/d90/QjXn9bvABJaSxAGXWiXHm+Bu0CUKM9Tu4UOXYaf0nckVB4ksUraw41VH2F
aCyUYWTCFv2STcJs/rj2QpgpSfkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQqy+kX
I9s5OE8wrQEUasu2JHC9QzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTY5YjE1MTktZjM0NS00M2FhLThjNmItY2Q3ODZlZTEzNDA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCo6j6isxrNxn2VZDWMnkHNBNVM8ovDzpG4n4Mw
zzBXmi/f4lVL7GzzUfmtr12K10PGeX8Jv7X6+EvoZZg/EbFYOaBcdjMjeqchc/d9
1TjWQIt5TNoAeIHm5UnB7+yKocck6+mUc+wTi1Ff0Ir0pygmd4Ct49okrLdfe15o
W388lwfe2d9FmIL1G3irqmktRGG0SyJrG9Jb8Mrc8f+4gyWCWofNSiaRI5M6QcpU
RVpluBt8t/GlCbQf4eNuvk/xFIi3iWB5YRsbrCO5UEMeC+MQtvhd/NkY6TIsYkea
V0ggzUrgT5CVbE+LKeINskwmHo4MjPaNLP05HFamLfZVdPyC
-----END CERTIFICATE-----
Generated at Thu Nov 6 13:04:05 2025 by rpki-client