Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
File: 92652652-28d6-49c1-8ea6-f5079f374345.roa (raw, json)
Hash identifier: n7GE0DHmgtCIsUfzUsBANnBSbKplcGhBllIvUgphXB8=
Subject key identifier: 76:F0:CD:B2:6D:E2:CB:C4:24:8C:DB:A1:1D:88:20:1F:50:79:3E:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5863EB571BFEE2723571749D42F56255F65436CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
Signing time: Fri 26 Sep 2025 18:51:25 +0000
ROA not before: Fri 26 Sep 2025 18:51:25 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:63:eb:57:1b:fe:e2:72:35:71:74:9d:42:f5:62:55:f6:54:36:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:51:25 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=43917d7c877dabe4f8a84378fa328df3aa9eef971e5c5e3d50c12d160b5c8290, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ff:50:b4:c4:f9:79:93:05:da:1a:79:73:1a:
e7:58:fa:60:68:b1:31:6e:fc:52:47:83:48:e4:2b:
00:6b:72:4d:cd:31:65:bf:01:a4:78:ab:2e:48:bb:
2c:38:4b:0a:2d:4c:77:75:73:3b:d7:f3:e7:89:a9:
03:83:e8:78:96:82:23:da:7e:a9:0f:ce:d4:e0:57:
8c:ff:ee:eb:d1:1c:00:f2:69:b2:1f:9e:a5:44:2c:
0d:82:99:4d:66:c4:88:08:b9:0f:1f:f3:b7:c1:f7:
09:64:1b:41:16:41:30:22:a1:a9:70:9e:42:9d:60:
d6:40:d1:c5:8b:a6:78:0d:a1:dd:35:53:fb:98:5c:
44:0f:40:71:da:d4:db:18:b9:0c:3f:49:3c:01:33:
6f:5c:12:bb:6f:89:68:85:24:54:9b:7e:42:f3:48:
9b:ca:25:b7:2a:06:2f:42:58:13:6f:98:8e:7b:ff:
ab:f7:10:de:f0:60:3a:e3:48:32:c6:72:83:5b:85:
5f:10:48:60:be:03:77:f2:fd:9a:09:4e:9e:1f:70:
33:ab:fb:fd:12:1b:2c:65:2c:30:28:d8:65:b6:06:
f0:40:cf:49:d0:09:1d:a7:27:93:45:06:25:67:8d:
0b:d8:4c:0d:68:97:bd:1b:a0:a3:74:b4:96:50:e6:
be:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:F0:CD:B2:6D:E2:CB:C4:24:8C:DB:A1:1D:88:20:1F:50:79:3E:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4060::/48
Signature Algorithm: sha256WithRSAEncryption
a6:0e:ac:6c:81:dd:12:fb:70:70:ca:aa:a6:b4:a3:49:45:ae:
ad:64:60:4d:16:4f:ef:3f:ae:d5:1e:b1:92:c3:f5:dd:b3:ae:
68:e3:8b:fa:7e:0b:52:14:2a:c7:00:d8:17:d6:2b:1b:3f:8b:
f1:c5:9c:19:3b:a5:60:f9:16:be:b2:08:17:88:ea:dd:27:d1:
db:fc:1d:55:ab:82:51:7d:3b:36:30:38:23:95:dc:d4:5e:bd:
c8:8d:d9:4c:86:99:5b:73:e8:06:4e:84:10:31:3b:73:3b:bf:
05:df:46:28:eb:77:9a:18:97:19:a8:02:63:44:b9:b3:9c:f6:
a5:28:b0:f6:68:45:f8:74:a3:e7:8b:04:8c:b5:19:78:de:f0:
f3:4e:0a:01:b2:50:9d:6d:19:dd:00:15:74:22:b0:aa:a1:4a:
16:3a:66:5a:3f:85:33:ca:3e:b9:76:78:dc:9e:fd:f6:e6:c9:
c2:42:1f:99:7a:25:79:76:78:1e:4b:d1:23:72:e3:80:4e:c8:
14:ca:9b:b9:ff:a2:80:b9:50:e9:bf:fb:91:43:1a:16:1b:5b:
f7:5d:4c:80:6c:4f:71:f3:93:8d:bd:e5:5b:e1:88:d5:85:91:
0a:aa:6e:15:85:07:63:88:9e:da:aa:65:e7:56:6e:42:a0:57:
7a:89:23:02
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWGPrVxv+4nI1cXSdQvViVfZUNsswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODUxMjVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzOTE3ZDdjODc3ZGFiZTRmOGE4NDM3OGZhMzI4ZGYzYWE5ZWVmOTcxZTVj
NWUzZDUwYzEyZDE2MGI1YzgyOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANH/ULTE+XmTBdoaeXMa51j6YGixMW78UkeDSOQrAGtyTc0xZb8BpHirLki7
LDhLCi1Md3VzO9fz54mpA4PoeJaCI9p+qQ/O1OBXjP/u69EcAPJpsh+epUQsDYKZ
TWbEiAi5Dx/zt8H3CWQbQRZBMCKhqXCeQp1g1kDRxYumeA2h3TVT+5hcRA9AcdrU
2xi5DD9JPAEzb1wSu2+JaIUkVJt+QvNIm8oltyoGL0JYE2+Yjnv/q/cQ3vBgOuNI
MsZyg1uFXxBIYL4Dd/L9mglOnh9wM6v7/RIbLGUsMCjYZbYG8EDPSdAJHacnk0UG
JWeNC9hMDWiXvRugo3S0llDmvj0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR28M2y
beLLxCSM26EdiCAfUHk+eTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTI2NTI2NTItMjhkNi00OWMxLThlYTYtZjUwNzlmMzc0MzQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
YDANBgkqhkiG9w0BAQsFAAOCAQEApg6sbIHdEvtwcMqqprSjSUWurWRgTRZP7z+u
1R6xksP13bOuaOOL+n4LUhQqxwDYF9YrGz+L8cWcGTulYPkWvrIIF4jq3SfR2/wd
VauCUX07NjA4I5Xc1F69yI3ZTIaZW3PoBk6EEDE7czu/Bd9GKOt3mhiXGagCY0S5
s5z2pSiw9mhF+HSj54sEjLUZeN7w804KAbJQnW0Z3QAVdCKwqqFKFjpmWj+FM8o+
uXZ43J799ubJwkIfmXoleXZ4HkvRI3LjgE7IFMqbuf+igLlQ6b/7kUMaFhtb911M
gGxPcfOTjb3lW+GI1YWRCqpuFYUHY4ie2qpl51ZuQqBXeokjAg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:17 2025 by rpki-client