Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7109e934-b803-4bd3-8dfc-cfe0c2222824.roa
File: 7109e934-b803-4bd3-8dfc-cfe0c2222824.roa (raw, json)
Hash identifier: I88OhYjYduC/BQPjMhmGzGvvEbo4XShL/0aSKtQO6uQ=
Subject key identifier: 03:F7:93:72:15:02:99:3B:03:F2:05:D0:02:EA:BD:27:9B:E8:C0:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FC043FD97BB8AC052EB32925FD0185220DFF0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7109e934-b803-4bd3-8dfc-cfe0c2222824.roa
Signing time: Fri 31 Oct 2025 01:40:04 +0000
ROA not before: Fri 31 Oct 2025 01:40:04 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:5040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:c0:43:fd:97:bb:8a:c0:52:eb:32:92:5f:d0:18:52:20:df:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 01:40:04 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=9096edf4d86950e0e92f92d5a8d5e32d5963a065fdf064d8f7a4cc5ab4217933, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7b:9a:56:9c:64:fe:de:01:24:31:0b:7a:54:
fe:54:c1:af:52:b9:8f:fc:24:34:50:fd:6d:d9:22:
e3:7d:98:29:23:ab:f2:f2:7d:17:db:5a:b4:ea:2c:
8f:3e:b9:2b:8d:4b:16:6c:60:1d:f9:27:2c:64:8c:
65:77:8c:e5:f9:88:9d:c7:ec:94:8f:13:ad:9b:f4:
b1:71:fc:6e:2f:b7:b4:88:7e:0a:f4:55:89:a1:74:
61:55:0e:5d:cc:f0:3a:ae:b6:23:b5:39:db:bc:d0:
3b:e3:6b:f2:bb:4e:45:ae:2c:4d:31:cb:09:54:e2:
01:04:7f:5e:18:ad:71:11:91:75:d6:08:3c:ac:56:
e2:4d:3b:59:94:30:9d:74:29:73:26:45:4e:ca:60:
cf:b3:ea:0f:8f:0c:13:25:27:68:ab:7c:6b:bd:9a:
86:a3:26:33:3d:6f:45:46:00:af:5b:1e:fc:cb:90:
97:83:da:d3:a2:3a:1d:9e:e2:75:d9:cd:44:eb:06:
50:4c:e9:72:98:62:2a:36:88:b5:28:67:ce:67:21:
c6:fa:c0:3b:3c:34:e0:25:bb:08:67:c3:d1:0e:e6:
c2:ae:2b:0d:22:47:4a:9e:81:9e:f5:ae:62:c0:91:
d6:93:3a:62:ef:5f:64:62:df:82:db:81:9b:dd:71:
93:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F7:93:72:15:02:99:3B:03:F2:05:D0:02:EA:BD:27:9B:E8:C0:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7109e934-b803-4bd3-8dfc-cfe0c2222824.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:5040::/46
Signature Algorithm: sha256WithRSAEncryption
75:de:0f:70:bd:5a:37:14:fa:fe:fe:e6:6b:3d:b8:36:48:1b:
65:52:c1:29:f0:f7:aa:70:14:11:a6:f3:67:66:86:6d:cd:f2:
16:e1:9a:f9:66:2d:95:7d:cd:4d:86:40:79:8a:a3:d8:2d:9d:
d0:2a:59:45:09:32:3a:47:0a:af:95:cd:02:13:b9:54:51:f8:
69:4b:ed:f7:7d:1a:f0:6e:d8:bf:22:22:f4:a0:6d:e3:35:cc:
6f:60:d5:d1:00:0d:14:d7:6b:b1:e9:0d:d8:57:56:b1:b8:07:
48:7b:9f:13:66:21:10:27:01:9d:39:1b:e6:8a:a7:c8:0e:75:
a8:92:d8:88:98:aa:69:ac:69:6d:20:ad:32:30:0a:b8:e2:c8:
8d:3f:f2:6e:51:77:f6:0a:20:26:c7:a3:0c:67:45:b4:e6:6e:
62:8b:ff:95:3b:2a:8e:4c:7d:00:37:10:e2:2c:6e:e8:e0:07:
43:83:f2:9b:1d:29:1b:eb:82:58:dc:a1:40:6e:31:83:97:85:
68:f7:e5:66:7a:f8:ac:46:5d:84:99:5b:0b:68:e8:20:58:e3:
a4:78:b4:1e:a3:0b:79:5b:16:ee:9a:6d:27:69:c5:2d:0b:8e:
d2:15:c7:f3:d1:8d:66:6b:8f:c8:09:3c:d0:da:d1:39:11:5f:
15:14:de:56
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgITb8BD/Ze7isBS6zKSX9AYUiDf8DANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MTAzMTAxNDAwNFoXDTI1MTIwNTIzNTk1OVowejFJMEcGA1UE
BRNAOTA5NmVkZjRkODY5NTBlMGU5MmY5MmQ1YThkNWUzMmQ1OTYzYTA2NWZkZjA2
NGQ4ZjdhNGNjNWFiNDIxNzkzMzEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1nuaVpxk/t4BJDELelT+VMGvUrmP/CQ0UP1t2SLjfZgpI6vy8n0X21q06iyP
PrkrjUsWbGAd+ScsZIxld4zl+Yidx+yUjxOtm/SxcfxuL7e0iH4K9FWJoXRhVQ5d
zPA6rrYjtTnbvNA742vyu05FrixNMcsJVOIBBH9eGK1xEZF11gg8rFbiTTtZlDCd
dClzJkVOymDPs+oPjwwTJSdoq3xrvZqGoyYzPW9FRgCvWx78y5CXg9rTojodnuJ1
2c1E6wZQTOlymGIqNoi1KGfOZyHG+sA7PDTgJbsIZ8PRDubCrisNIkdKnoGe9a5i
wJHWkzpi719kYt+C24Gb3XGT+wIDAQABo4ICJDCCAiAwHQYDVR0OBBYEFAP3k3IV
Apk7A/IF0ALqvSeb6MAAMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC83
MTA5ZTkzNC1iODAzLTRiZDMtOGRmYy1jZmUwYzIyMjI4MjQucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKgXQc1BA
MA0GCSqGSIb3DQEBCwUAA4IBAQB13g9wvVo3FPr+/uZrPbg2SBtlUsEp8PeqcBQR
pvNnZoZtzfIW4Zr5Zi2Vfc1NhkB5iqPYLZ3QKllFCTI6Rwqvlc0CE7lUUfhpS+33
fRrwbti/IiL0oG3jNcxvYNXRAA0U12ux6Q3YV1axuAdIe58TZiEQJwGdORvmiqfI
DnWoktiImKpprGltIK0yMAq44siNP/JuUXf2CiAmx6MMZ0W05m5ii/+VOyqOTH0A
NxDiLG7o4AdDg/KbHSkb64JY3KFAbjGDl4Vo9+VmevisRl2EmVsLaOggWOOkeLQe
owt5Wxbumm0nacUtC47SFcfz0Y1ma4/ICTzQ2tE5EV8VFN5W
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:43:56 2025 by rpki-client