Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/efb32bd0-8689-4ff1-8b63-f633c6cd1a19.roa
File: efb32bd0-8689-4ff1-8b63-f633c6cd1a19.roa (raw, json)
Hash identifier: NOflufodcD5eZaj2MQZFuPIbidwCjHfDWHTHvIXWCPo=
Subject key identifier: FC:CB:E3:69:0E:3E:D9:16:E3:09:C4:34:9B:C9:3E:31:DC:0A:50:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E5378219F7B56086172AD6FD114513460945BB7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/efb32bd0-8689-4ff1-8b63-f633c6cd1a19.roa
Signing time: Wed 29 Oct 2025 07:36:41 +0000
ROA not before: Wed 29 Oct 2025 07:36:41 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:b080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:53:78:21:9f:7b:56:08:61:72:ad:6f:d1:14:51:34:60:94:5b:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 29 07:36:41 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=cd3589c3a7708741eb2ef164a03d9513f2a94a59f0af3c042ce6a5219edef4c6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c2:b5:d8:0c:6a:37:ae:2f:ac:52:af:bd:5d:
c9:16:95:8f:f4:2d:14:c0:ce:3d:44:21:b2:ea:c5:
a6:61:8c:36:fc:c5:16:d7:4f:c2:30:62:51:77:d3:
f3:b6:2b:9f:2b:f6:0c:55:f4:3c:01:ac:39:3b:e3:
e5:e5:5e:51:a9:ea:e8:cb:6a:b0:75:0f:a1:63:46:
de:9c:f6:22:95:98:c5:b8:d4:d1:f0:93:26:c0:ac:
73:c7:51:ff:14:e9:0d:ce:b4:ce:44:10:b3:45:36:
93:0b:05:1a:5b:cb:2d:92:b4:14:6a:b1:a7:68:dd:
48:bd:70:32:99:b2:c5:5a:84:c1:83:06:99:9a:65:
27:e5:66:3a:c2:8e:cb:23:71:66:da:3a:9c:76:3e:
78:e4:6e:df:68:38:1f:eb:0f:80:d8:0f:a6:10:51:
be:a5:c5:bf:1d:9d:41:4f:ce:68:09:00:c8:5c:50:
e5:57:c0:bf:67:c7:8a:9d:91:de:c2:84:27:f6:f2:
c0:a1:39:24:1c:d7:cd:f7:69:80:b2:f4:b0:a6:f9:
84:94:94:a5:8b:0f:e5:40:6b:bc:64:61:ac:85:f6:
ee:a6:a0:d2:3c:ea:f7:d1:64:76:d0:e7:89:49:d5:
b4:9f:e9:2b:c1:74:ae:2b:73:75:c0:40:39:75:03:
d0:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:CB:E3:69:0E:3E:D9:16:E3:09:C4:34:9B:C9:3E:31:DC:0A:50:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/efb32bd0-8689-4ff1-8b63-f633c6cd1a19.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:b080::/48
Signature Algorithm: sha256WithRSAEncryption
38:44:6c:a4:50:f4:45:01:0b:16:4f:cd:09:24:eb:7c:6f:e7:
c3:a0:3f:ba:7b:81:11:93:0c:af:48:d7:ac:5f:d2:c8:54:4d:
62:4d:8d:c2:fa:7d:51:49:cc:74:0c:0c:96:f4:d0:a0:f1:4c:
bb:40:ed:1f:44:b0:99:b5:7d:b8:de:d0:7d:73:62:e0:46:66:
9a:fa:3a:1b:56:0e:66:07:81:a8:44:9b:42:b6:c7:7e:7b:de:
b2:d1:15:69:c1:9a:e9:5e:d9:8a:77:18:62:54:9e:ab:37:e7:
8d:85:4a:7b:69:cf:7e:73:da:9b:3d:d7:35:aa:95:af:5e:ac:
dc:3f:41:07:ab:78:5d:05:11:b2:31:fa:80:e3:fe:89:f2:3e:
fc:25:75:38:80:fd:3b:a7:fa:c4:57:49:61:93:a0:ae:6f:c7:
e9:99:f7:69:69:70:8b:61:e7:73:fd:f1:8f:76:31:01:f4:44:
de:ef:08:3e:2c:9e:a3:ca:31:7a:27:ab:78:03:d1:d5:2d:68:
95:dd:56:3e:4f:aa:3c:26:66:19:d8:16:a7:6a:1c:f7:cd:f6:
bc:75:bf:f2:31:02:c5:1c:21:93:27:fa:a0:7d:9f:84:5f:70:
9f:54:b8:c7:71:56:12:b1:96:44:14:f4:fc:86:9d:97:52:cc:
6d:95:d7:2e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUblN4IZ97Vghhcq1v0RRRNGCUW7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjkwNzM2NDFaFw0yNTEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkMzU4OWMzYTc3MDg3NDFlYjJlZjE2NGEwM2Q5NTEzZjJhOTRhNTlmMGFm
M2MwNDJjZTZhNTIxOWVkZWY0YzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHCtdgMajeuL6xSr71dyRaVj/QtFMDOPUQhsurFpmGMNvzFFtdPwjBiUXfT
87Yrnyv2DFX0PAGsOTvj5eVeUanq6MtqsHUPoWNG3pz2IpWYxbjU0fCTJsCsc8dR
/xTpDc60zkQQs0U2kwsFGlvLLZK0FGqxp2jdSL1wMpmyxVqEwYMGmZplJ+VmOsKO
yyNxZto6nHY+eORu32g4H+sPgNgPphBRvqXFvx2dQU/OaAkAyFxQ5VfAv2fHip2R
3sKEJ/bywKE5JBzXzfdpgLL0sKb5hJSUpYsP5UBrvGRhrIX27qag0jzq99FkdtDn
iUnVtJ/pK8F0ritzdcBAOXUD0NkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT8y+Np
Dj7ZFuMJxDSbyT4x3ApQgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWZiMzJiZDAtODY4OS00ZmYxLThiNjMtZjYzM2M2Y2QxYTE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gqw
gDANBgkqhkiG9w0BAQsFAAOCAQEAOERspFD0RQELFk/NCSTrfG/nw6A/unuBEZMM
r0jXrF/SyFRNYk2Nwvp9UUnMdAwMlvTQoPFMu0DtH0SwmbV9uN7QfXNi4EZmmvo6
G1YOZgeBqESbQrbHfnvestEVacGa6V7ZincYYlSeqzfnjYVKe2nPfnPamz3XNaqV
r16s3D9BB6t4XQURsjH6gOP+ifI+/CV1OID9O6f6xFdJYZOgrm/H6Zn3aWlwi2Hn
c/3xj3YxAfRE3u8IPiyeo8oxeiereAPR1S1old1WPk+qPCZmGdgWp2oc9832vHW/
8jECxRwhkyf6oH2fhF9wn1S4x3FWErGWRBT0/Iadl1LMbZXXLg==
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:46:42 2025 by rpki-client