Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
File: 7dbe70b9-8807-4382-b0db-753dfbe69012.roa (raw, json)
Hash identifier: w/wiXOHn+STgXeHCREUfJeSWWhLdELfgGtmIuM2cbk8=
Subject key identifier: EA:41:1C:DF:85:B9:BB:BB:FE:80:24:EB:3F:17:C2:F6:AC:FA:93:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27C8111CC32CEE190913D878646C2A08F00911B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
Signing time: Fri 26 Sep 2025 20:11:19 +0000
ROA not before: Fri 26 Sep 2025 20:11:19 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:c8:11:1c:c3:2c:ee:19:09:13:d8:78:64:6c:2a:08:f0:09:11:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:11:19 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=d6b059c8f9fb3c8c118ba7232e278579f951438b04d3f5a2a11c8b42096933c1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:79:c5:d7:cc:15:b3:a7:05:a2:c1:99:82:20:
10:21:e8:ab:b8:b9:15:a3:61:1c:00:43:bf:f0:3e:
55:0e:f9:36:80:a4:a5:16:f2:48:48:f3:6c:d5:3b:
21:58:7e:d3:5d:f1:81:b5:9b:8e:70:8a:4c:8a:05:
39:31:8e:6c:de:c7:76:99:2b:c0:b4:60:3b:aa:e5:
c6:90:28:20:f1:24:e2:a4:38:d8:6c:f5:04:b1:0e:
5f:80:4e:12:66:81:cf:3e:b4:74:9d:3b:df:6a:ea:
98:3d:7f:64:c1:9a:24:36:de:19:7f:b9:7a:94:2c:
75:ce:e4:ee:dc:b7:66:2d:a1:75:7a:69:0b:dc:c8:
ec:a8:dd:fd:f8:7f:b4:fb:c5:99:5f:6f:49:80:54:
1e:9d:68:59:22:8d:90:4b:08:eb:26:83:4b:b6:f3:
a0:77:4d:d9:a7:8f:4d:d4:12:23:00:1b:c9:b2:63:
30:81:4a:8a:3b:34:bd:de:41:bd:fb:0b:87:85:4d:
4d:73:87:28:85:4f:b7:07:9d:1d:18:79:ec:9e:74:
a9:54:76:1d:10:c6:ef:40:8a:7b:fa:16:f4:61:08:
98:96:f9:3f:28:88:24:4a:28:51:7e:1e:fc:f2:74:
26:cd:b4:df:2f:05:fb:bd:01:3b:0a:ef:7d:09:20:
0b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:41:1C:DF:85:B9:BB:BB:FE:80:24:EB:3F:17:C2:F6:AC:FA:93:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/37
Signature Algorithm: sha256WithRSAEncryption
b8:5b:c9:54:ae:63:38:5f:a9:aa:ad:e9:36:f1:4d:b5:a7:97:
81:c3:1b:9d:a1:2b:c7:27:c7:bf:42:7f:6e:79:c1:e5:4c:8e:
39:94:84:a6:98:3a:3b:1d:a4:0d:81:a7:8a:f7:77:bf:9d:19:
7f:5c:17:ba:c5:c7:98:65:5c:65:2c:e1:85:3f:04:f0:1b:c2:
01:fb:5c:d8:46:60:91:f5:b7:53:76:7b:99:af:87:74:0f:3f:
be:f5:e1:58:ab:6f:68:0c:e4:b8:ce:b7:9c:5f:4a:67:da:16:
e1:6b:79:2f:6f:38:56:91:e2:a3:fe:f0:4f:3a:70:f4:8b:24:
46:d1:a6:47:6c:5d:33:66:ee:10:75:c6:c5:e6:9e:05:d6:e6:
4c:e3:d0:8e:f6:fc:7d:75:bc:82:d9:0a:c9:9a:d4:b6:65:05:
a0:d9:88:bd:b2:50:4a:17:bf:3a:00:76:6c:da:9a:16:b8:d7:
ce:77:85:3a:35:21:e7:d9:82:3a:14:67:c7:fb:99:47:43:e4:
f4:17:04:b0:65:e7:d9:29:8b:38:8f:78:f8:5c:62:8d:ff:6e:
a2:d6:a5:87:68:8a:0a:d8:06:fb:ab:35:05:1a:8d:99:ce:9f:
46:2e:f8:c8:dd:11:a5:fc:27:b9:32:b3:13:18:db:b0:1d:7c:
bd:5a:5a:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJ8gRHMMs7hkJE9h4ZGwqCPAJEbYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDExMTlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2YjA1OWM4ZjlmYjNjOGMxMThiYTcyMzJlMjc4NTc5Zjk1MTQzOGIwNGQz
ZjVhMmExMWM4YjQyMDk2OTMzYzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKF5xdfMFbOnBaLBmYIgECHoq7i5FaNhHABDv/A+VQ75NoCkpRbySEjzbNU7
IVh+013xgbWbjnCKTIoFOTGObN7HdpkrwLRgO6rlxpAoIPEk4qQ42Gz1BLEOX4BO
EmaBzz60dJ0732rqmD1/ZMGaJDbeGX+5epQsdc7k7ty3Zi2hdXppC9zI7Kjd/fh/
tPvFmV9vSYBUHp1oWSKNkEsI6yaDS7bzoHdN2aePTdQSIwAbybJjMIFKijs0vd5B
vfsLh4VNTXOHKIVPtwedHRh57J50qVR2HRDG70CKe/oW9GEImJb5PyiIJEooUX4e
/PJ0Js203y8F+70BOwrvfQkgC68CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTqQRzf
hbm7u/6AJOs/F8L2rPqTuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RiZTcwYjktODgwNy00MzgyLWIwZGItNzUzZGZiZTY5MDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQC4W8lUrmM4X6mqrek28U21p5eBwxudoSvHJ8e/
Qn9uecHlTI45lISmmDo7HaQNgaeK93e/nRl/XBe6xceYZVxlLOGFPwTwG8IB+1zY
RmCR9bdTdnuZr4d0Dz++9eFYq29oDOS4zrecX0pn2hbha3kvbzhWkeKj/vBPOnD0
iyRG0aZHbF0zZu4QdcbF5p4F1uZM49CO9vx9dbyC2QrJmtS2ZQWg2Yi9slBKF786
AHZs2poWuNfOd4U6NSHn2YI6FGfH+5lHQ+T0FwSwZefZKYs4j3j4XGKN/26i1qWH
aIoK2Ab7qzUFGo2Zzp9GLvjI3RGl/Ce5MrMTGNuwHXy9WlqO
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:18:45 2025 by rpki-client