Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c003c5ac-b21f-4a15-a460-19115830800b.roa
File: c003c5ac-b21f-4a15-a460-19115830800b.roa (raw, json)
Hash identifier: 7Asc9CIbZ88h5k0+3ZS9JI/N0SW9RXneuK2x9tMvgO8=
Subject key identifier: 67:88:13:6F:9C:BE:2F:3F:4F:B6:53:F5:85:0E:72:48:4F:6B:6D:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B22711B6194BC9EE3A56A86F0DF8426797A689B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c003c5ac-b21f-4a15-a460-19115830800b.roa
Signing time: Wed 29 Oct 2025 07:36:51 +0000
ROA not before: Wed 29 Oct 2025 07:36:51 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:22:71:1b:61:94:bc:9e:e3:a5:6a:86:f0:df:84:26:79:7a:68:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:36:51 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=32effb74824e5ec68996963cf4c4322de673d992cb4402e30988dec64eef35e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:95:77:a9:74:cf:b9:b6:5d:a1:54:1b:54:5e:
c8:bf:6f:ce:0d:b3:2c:b7:77:e1:37:34:b9:5a:13:
5d:5c:5a:22:27:d5:e3:fb:62:76:05:cf:07:81:a9:
28:a6:e9:04:4d:9a:1b:fe:48:57:74:24:86:b4:6b:
22:66:26:5a:58:fa:24:f8:7d:aa:b3:d5:ad:52:aa:
a4:ee:8f:07:a2:0d:68:a3:e2:a8:7f:30:5b:ae:c0:
bf:00:ac:67:20:85:81:68:17:99:f7:70:32:ae:2a:
54:45:70:44:7e:bd:2a:fe:9e:24:73:0f:ab:74:3f:
2e:55:ac:c5:f0:91:c2:1b:42:63:8c:c4:ee:e7:da:
96:6a:b1:dc:2d:d3:d7:22:25:0e:1a:88:de:64:3e:
2f:41:ba:ea:0c:6f:6a:52:40:72:7c:fc:14:d9:ba:
8c:3d:ff:88:9c:e8:4f:c9:a1:3f:b2:fb:62:80:52:
3f:4f:0b:f1:31:03:71:6f:83:1d:5c:d6:ec:51:22:
a1:a8:f2:46:e0:67:39:ae:3e:09:2a:a4:36:3c:89:
0a:4e:3e:70:22:87:22:f9:52:18:bf:c7:6a:03:47:
fc:f9:82:77:7b:64:16:7d:98:78:68:b5:1a:8b:6d:
e3:0e:48:72:67:a3:02:26:0a:0a:a9:6b:04:bc:2a:
f5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:88:13:6F:9C:BE:2F:3F:4F:B6:53:F5:85:0E:72:48:4F:6B:6D:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c003c5ac-b21f-4a15-a460-19115830800b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:b000::/40
Signature Algorithm: sha256WithRSAEncryption
14:ae:ea:03:49:21:34:5b:aa:eb:c7:93:2d:4c:ec:46:a9:8d:
f9:0b:34:eb:32:f6:8c:c9:77:a6:18:f0:f4:10:fc:8c:14:93:
f6:5a:17:74:b3:c3:02:9a:4c:fd:85:40:62:ad:d2:9a:56:4b:
8c:16:a4:0a:c9:59:34:ef:9e:80:f0:d3:e3:88:2c:0c:d3:82:
d4:d9:b7:a1:11:7f:e2:c5:fb:44:60:26:ae:3f:e7:f4:9b:ae:
f3:91:18:35:f7:cf:f4:b7:8e:a6:7a:0e:22:a5:49:2e:6d:64:
b1:1a:61:e3:a5:1f:1e:80:80:e7:11:76:38:3a:ee:62:0b:39:
1f:73:c3:1b:9e:f3:5f:6d:fb:52:ed:8e:f0:cd:28:08:ba:62:
16:6d:84:80:60:30:9c:3e:39:8e:35:77:08:75:0e:ae:e5:6e:
17:07:87:21:9c:0e:68:2a:0c:33:2a:90:0a:e2:20:9d:95:66:
f4:22:63:84:46:0a:ea:82:6b:e1:ab:32:fa:a2:85:e7:cf:b9:
a6:b1:d5:57:23:7b:69:9a:8a:c5:c3:ae:49:aa:7c:b3:aa:ce:
4e:13:0f:84:c5:15:59:b0:df:4b:0c:24:66:28:f1:33:59:d2:
95:9e:fd:85:ce:ba:ec:2b:41:24:fc:28:d6:85:f0:9f:f3:7b:
94:da:e4:3f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUayJxG2GUvJ7jpWqG8N+EJnl6aJswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzM2NTFaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyZWZmYjc0ODI0ZTVlYzY4OTk2OTYzY2Y0YzQzMjJkZTY3M2Q5OTJjYjQ0
MDJlMzA5ODhkZWM2NGVlZjM1ZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO2Vd6l0z7m2XaFUG1ReyL9vzg2zLLd34Tc0uVoTXVxaIifV4/tidgXPB4Gp
KKbpBE2aG/5IV3QkhrRrImYmWlj6JPh9qrPVrVKqpO6PB6INaKPiqH8wW67AvwCs
ZyCFgWgXmfdwMq4qVEVwRH69Kv6eJHMPq3Q/LlWsxfCRwhtCY4zE7ufalmqx3C3T
1yIlDhqI3mQ+L0G66gxvalJAcnz8FNm6jD3/iJzoT8mhP7L7YoBSP08L8TEDcW+D
HVzW7FEioajyRuBnOa4+CSqkNjyJCk4+cCKHIvlSGL/HagNH/PmCd3tkFn2YeGi1
Gott4w5IcmejAiYKCqlrBLwq9Z8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRniBNv
nL4vP0+2U/WFDnJIT2ttwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzAwM2M1YWMtYjIxZi00YTE1LWE0NjAtMTkxMTU4MzA4MDBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Gqw
MA0GCSqGSIb3DQEBCwUAA4IBAQAUruoDSSE0W6rrx5MtTOxGqY35CzTrMvaMyXem
GPD0EPyMFJP2Whd0s8MCmkz9hUBirdKaVkuMFqQKyVk0756A8NPjiCwM04LU2beh
EX/ixftEYCauP+f0m67zkRg198/0t46meg4ipUkubWSxGmHjpR8egIDnEXY4Ou5i
Czkfc8MbnvNfbftS7Y7wzSgIumIWbYSAYDCcPjmONXcIdQ6u5W4XB4chnA5oKgwz
KpAK4iCdlWb0ImOERgrqgmvhqzL6ooXnz7mmsdVXI3tpmorFw65Jqnyzqs5OEw+E
xRVZsN9LDCRmKPEzWdKVnv2FzrrsK0Ek/CjWhfCf83uU2uQ/
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:54:57 2025 by rpki-client