Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7d60b22-a804-4cf7-a2f7-bc112f72af02.roa
File: c7d60b22-a804-4cf7-a2f7-bc112f72af02.roa (raw, json)
Hash identifier: 4lhmRHm/NooxokM/y+bNsZzrVrCkO+0N6F+csPLxvYM=
Subject key identifier: 92:55:03:83:2C:92:4A:7D:78:2D:C8:A6:24:3B:E9:8F:A2:D9:7A:EB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07FCEE1DD1556CC3D63F1EB96BE8D47B7521D798
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7d60b22-a804-4cf7-a2f7-bc112f72af02.roa
Signing time: Mon 06 Oct 2025 17:50:07 +0000
ROA not before: Mon 06 Oct 2025 17:50:07 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:fc:ee:1d:d1:55:6c:c3:d6:3f:1e:b9:6b:e8:d4:7b:75:21:d7:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:50:07 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=bf7d349304b45130f467b566dbfa9edaf79498e593a48be3b3568d4dd7ed0ed6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:2f:dc:f7:c9:e9:26:be:8f:30:83:1d:d5:f3:
75:8c:3a:92:73:c1:c6:21:c2:62:c6:c7:e5:e2:df:
6e:ea:9d:f7:1a:34:67:cc:dc:78:84:68:29:94:d5:
fd:8f:a2:3a:ac:63:3c:4a:b8:6a:ed:70:cc:81:06:
c7:20:6c:97:a5:38:00:d6:9c:f9:87:0b:f6:aa:4c:
e9:73:01:28:a8:c8:ad:b2:78:81:8a:38:b1:6e:6e:
fe:6d:96:d4:c9:9e:37:14:d6:ea:65:9d:33:ad:6d:
7b:8f:4c:f3:74:7e:42:a3:b2:e7:55:1e:1b:10:a7:
b5:06:a0:d0:6f:9c:33:bc:16:5d:4e:9e:4e:db:2f:
8f:a0:12:00:20:17:2d:3d:e8:e5:3e:ef:bd:2f:df:
f8:2f:78:e7:90:17:18:ad:14:96:08:92:97:f3:b3:
d2:4f:03:fc:8e:58:f9:04:43:be:c3:1a:5c:88:89:
11:55:e3:32:86:4d:23:0f:67:86:45:4c:91:7a:cc:
59:bd:02:c6:35:61:26:d3:bf:2a:16:fb:43:be:8a:
b8:eb:a8:de:0c:0f:9d:65:de:c7:2c:16:ff:6a:cc:
35:6f:ac:1c:22:7a:64:a2:91:27:b7:8e:9e:0a:69:
01:a1:9a:57:11:c9:1f:39:fe:2c:fe:3b:ef:35:a8:
a5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:55:03:83:2C:92:4A:7D:78:2D:C8:A6:24:3B:E9:8F:A2:D9:7A:EB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7d60b22-a804-4cf7-a2f7-bc112f72af02.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:a040::/48
Signature Algorithm: sha256WithRSAEncryption
0e:f0:7a:e2:f0:7f:c5:ad:6e:24:94:d4:c3:27:5c:d0:7f:ea:
b6:a6:52:ff:d5:06:bf:3b:9a:f7:c6:aa:8e:8e:49:ca:62:6a:
2b:d8:59:e6:70:93:01:61:64:54:8b:8c:03:56:e2:fe:6f:ed:
4b:ab:0f:ce:cd:61:1a:8e:51:03:1e:f4:3e:4a:21:cf:c4:33:
36:1f:0b:32:41:23:ad:e1:d3:85:2f:88:71:39:94:b7:d2:e2:
fd:aa:03:03:45:86:03:fc:9c:df:68:c2:74:39:13:4e:c5:8d:
d6:9f:43:10:36:09:30:e9:76:d4:66:b1:52:ba:d4:3d:bd:26:
a5:4f:df:d5:d2:3c:a6:24:d3:9c:c7:2d:7f:5a:65:8c:34:14:
32:06:57:db:ad:f4:37:e0:8c:62:f3:b9:5b:c5:51:1e:9f:af:
a2:2d:5a:9a:fd:6d:d1:41:a4:34:87:c4:db:08:d7:22:79:ac:
a0:00:2e:37:6d:18:0e:92:da:3f:ed:b9:50:97:bb:43:b4:45:
4f:d1:b8:69:b0:a3:4d:c6:7c:c9:e0:8c:8b:d4:db:fe:34:f8:
d6:68:cc:b3:36:83:c8:bc:f4:ca:98:a0:01:f5:ae:a2:f1:ff:
47:0b:e9:ff:9a:b9:65:f5:7d:8c:85:15:49:c2:12:7d:e4:bc:
33:79:22:0c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUB/zuHdFVbMPWPx65a+jUe3Uh15gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUwMDdaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmN2QzNDkzMDRiNDUxMzBmNDY3YjU2NmRiZmE5ZWRhZjc5NDk4ZTU5M2E0
OGJlM2IzNTY4ZDRkZDdlZDBlZDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO8v3PfJ6Sa+jzCDHdXzdYw6knPBxiHCYsbH5eLfbuqd9xo0Z8zceIRoKZTV
/Y+iOqxjPEq4au1wzIEGxyBsl6U4ANac+YcL9qpM6XMBKKjIrbJ4gYo4sW5u/m2W
1MmeNxTW6mWdM61te49M83R+QqOy51UeGxCntQag0G+cM7wWXU6eTtsvj6ASACAX
LT3o5T7vvS/f+C9455AXGK0UlgiSl/Oz0k8D/I5Y+QRDvsMaXIiJEVXjMoZNIw9n
hkVMkXrMWb0CxjVhJtO/Khb7Q76KuOuo3gwPnWXexywW/2rMNW+sHCJ6ZKKRJ7eO
ngppAaGaVxHJHzn+LP477zWopeMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSSVQOD
LJJKfXgtyKYkO+mPotl66zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzdkNjBiMjItYTgwNC00Y2Y3LWEyZjctYmMxMTJmNzJhZjAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H2g
QDANBgkqhkiG9w0BAQsFAAOCAQEADvB64vB/xa1uJJTUwydc0H/qtqZS/9UGvzua
98aqjo5JymJqK9hZ5nCTAWFkVIuMA1bi/m/tS6sPzs1hGo5RAx70Pkohz8QzNh8L
MkEjreHThS+IcTmUt9Li/aoDA0WGA/yc32jCdDkTTsWN1p9DEDYJMOl21GaxUrrU
Pb0mpU/f1dI8piTTnMctf1pljDQUMgZX2630N+CMYvO5W8VRHp+voi1amv1t0UGk
NIfE2wjXInmsoAAuN20YDpLaP+25UJe7Q7RFT9G4abCjTcZ8yeCMi9Tb/jT41mjM
szaDyLz0ypigAfWuovH/Rwvp/5q5ZfV9jIUVScISfeS8M3kiDA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:33 2025 by rpki-client