Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
File: dedc9540-e267-4454-a449-e65933af6f0f.roa (raw, json)
Hash identifier: /GKd4FwQ1tpQZNoEeCisExuIPg7ElF2N68YVz8qwpGY=
Subject key identifier: 3C:E4:03:38:18:0B:B7:0F:DD:F9:7A:86:83:F4:E3:D3:45:7D:ED:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B8607DE757607EAE3C501F70C84D7396EC126CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
Signing time: Tue 21 Oct 2025 14:30:31 +0000
ROA not before: Tue 21 Oct 2025 14:30:31 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:86:07:de:75:76:07:ea:e3:c5:01:f7:0c:84:d7:39:6e:c1:26:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:30:31 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=62f84469c7cb24188f950b1cb71f85970d279cbcf48011e904c53276d2cb15ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:8b:64:3a:34:a3:58:6c:72:7d:ac:b3:4a:9c:
b6:41:c9:f9:45:0b:44:08:04:27:21:a2:ea:aa:3f:
81:60:ff:87:20:7f:d3:7a:64:d9:65:21:55:2c:4a:
d4:81:c6:52:61:17:b8:c8:a7:74:cf:ea:bb:1d:35:
2c:8d:47:c9:50:c9:cb:3d:9d:b0:a8:f6:ed:f2:35:
ec:e5:98:40:31:da:0a:c9:e8:44:f6:2d:40:59:f0:
2d:73:ff:0d:45:67:bb:6c:00:57:ae:ad:3b:7c:fd:
8c:f7:fa:e5:b6:db:4c:8b:3d:a2:7d:ee:a2:44:f4:
5f:da:be:63:3a:39:e1:5b:3c:cd:67:d5:a3:d3:8a:
bf:94:fd:77:f5:32:1a:50:9b:9b:03:84:03:4f:6a:
02:ee:65:2e:eb:58:93:23:a7:ea:23:8c:8d:ef:fd:
e4:9c:d6:35:50:eb:f3:d1:4e:ca:12:e5:f7:d1:cd:
92:18:ef:35:45:7f:1f:d9:ca:3d:07:e7:2b:09:dc:
3b:58:af:ef:7d:02:5d:ae:2c:4f:a0:0a:51:37:5a:
d3:a3:9a:fd:bb:c0:d5:b1:e8:41:5e:cc:f9:35:3d:
a1:5d:b0:3f:8b:71:8f:d5:b3:60:de:e2:a0:ac:7d:
33:93:e5:21:f6:ea:28:da:bd:f1:69:44:1f:67:1c:
cd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E4:03:38:18:0B:B7:0F:DD:F9:7A:86:83:F4:E3:D3:45:7D:ED:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:1000::/40
Signature Algorithm: sha256WithRSAEncryption
2c:fc:73:d9:4f:19:92:d4:99:f3:91:ad:79:6f:a6:57:5f:e6:
25:dc:5c:e7:65:31:32:a9:6a:49:ce:87:6e:12:46:c9:cc:68:
f0:cd:4f:a6:2a:85:3a:bf:18:67:8f:17:b7:0c:94:ae:5f:82:
3f:b7:94:22:67:bf:84:f1:a3:81:64:54:88:d1:6b:ce:ef:2a:
10:3c:ec:e7:bd:d8:04:04:49:1a:52:d8:91:a0:cd:d4:5d:9e:
34:ec:0f:08:49:58:ae:68:7e:9e:24:ca:ea:dc:95:db:0b:df:
99:35:8b:13:2c:68:31:11:e5:b9:df:61:d9:eb:3d:a6:17:8d:
e8:0d:d4:29:de:c9:ba:8b:4e:f6:41:18:fb:b6:c3:0f:71:f7:
97:5c:40:99:f9:4b:e3:e0:94:f1:74:3a:72:e9:44:8a:f5:c6:
a7:9a:f2:a6:81:8d:c0:c9:fa:c6:bf:16:3d:cc:6b:da:01:01:
b2:b8:eb:54:42:4e:55:fc:63:4b:9e:e2:0a:89:54:d9:de:46:
03:3b:9f:d9:00:e7:43:37:0b:c7:27:0f:c2:0d:81:e3:bb:5d:
5b:07:81:95:d5:19:6d:2d:a3:9c:95:a0:80:04:af:50:a0:69:
2b:35:39:22:d8:ed:de:ab:8c:7b:6a:98:f3:50:4f:e2:e3:4a:
dd:94:9e:94
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC4YH3nV2B+rjxQH3DITXOW7BJsswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMwMzFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyZjg0NDY5YzdjYjI0MTg4Zjk1MGIxY2I3MWY4NTk3MGQyNzljYmNmNDgw
MTFlOTA0YzUzMjc2ZDJjYjE1ZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANmLZDo0o1hscn2ss0qctkHJ+UULRAgEJyGi6qo/gWD/hyB/03pk2WUhVSxK
1IHGUmEXuMindM/qux01LI1HyVDJyz2dsKj27fI17OWYQDHaCsnoRPYtQFnwLXP/
DUVnu2wAV66tO3z9jPf65bbbTIs9on3uokT0X9q+Yzo54Vs8zWfVo9OKv5T9d/Uy
GlCbmwOEA09qAu5lLutYkyOn6iOMje/95JzWNVDr89FOyhLl99HNkhjvNUV/H9nK
PQfnKwncO1iv730CXa4sT6AKUTda06Oa/bvA1bHoQV7M+TU9oV2wP4txj9WzYN7i
oKx9M5PlIfbqKNq98WlEH2cczUsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ85AM4
GAu3D935eoaD9OPTRX3tczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGVkYzk1NDAtZTI2Ny00NDU0LWE0NDktZTY1OTMzYWY2ZjBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAs/HPZTxmS1Jnzka15b6ZXX+Yl3FznZTEyqWpJ
zoduEkbJzGjwzU+mKoU6vxhnjxe3DJSuX4I/t5QiZ7+E8aOBZFSI0WvO7yoQPOzn
vdgEBEkaUtiRoM3UXZ407A8ISViuaH6eJMrq3JXbC9+ZNYsTLGgxEeW532HZ6z2m
F43oDdQp3sm6i072QRj7tsMPcfeXXECZ+Uvj4JTxdDpy6USK9canmvKmgY3AyfrG
vxY9zGvaAQGyuOtUQk5V/GNLnuIKiVTZ3kYDO5/ZAOdDNwvHJw/CDYHju11bB4GV
1RltLaOclaCABK9QoGkrNTki2O3eq4x7apjzUE/i40rdlJ6U
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:43:48 2025 by rpki-client