Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dcc22b26-6ca0-4e83-b784-c5c5985ecf43.roa
File: dcc22b26-6ca0-4e83-b784-c5c5985ecf43.roa (raw, json)
Hash identifier: mnL4BHS8BuPGyRniYWbR80Za6gvhAwA5hxx7hJhiKA0=
Subject key identifier: 91:06:99:37:4A:FE:BD:CA:13:A6:8B:59:01:A1:EA:25:89:29:F3:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3367394ACD20825691CB67E8642C07BBC223E256
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dcc22b26-6ca0-4e83-b784-c5c5985ecf43.roa
Signing time: Mon 06 Oct 2025 17:50:35 +0000
ROA not before: Mon 06 Oct 2025 17:50:35 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:67:39:4a:cd:20:82:56:91:cb:67:e8:64:2c:07:bb:c2:23:e2:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:50:35 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=527ecc4ec11a1714db69837be73b4c1a48a58476123772c5f2d5e39e08415474, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9f:0c:fc:d7:05:9c:28:90:de:ad:69:98:78:
e1:54:53:33:68:f8:46:ab:3d:d9:02:ef:d5:78:56:
2b:09:8c:39:81:c3:8c:3e:b1:c5:d8:0f:47:02:ab:
29:d1:cf:75:76:1f:48:46:a2:4c:44:da:91:a2:c9:
41:f1:9f:6c:5b:5e:76:59:fe:44:a7:7a:4a:1b:23:
04:de:47:5d:2f:f9:4f:b7:fc:b0:0d:c0:0a:98:b3:
58:e4:7b:4c:9f:5e:c8:ea:63:f4:7f:99:d7:62:d5:
a0:db:63:72:f9:25:6b:20:85:72:00:f7:42:0e:c7:
ac:fa:e6:89:72:b8:5a:b9:02:7a:b7:07:ec:66:7f:
9d:cd:6a:47:d8:e8:52:96:44:c5:d7:da:03:d3:15:
3d:59:1d:e3:00:b7:87:e6:fd:80:51:8b:f4:b9:92:
06:f5:0d:35:a9:74:df:0f:b9:77:10:1c:1d:a2:f4:
b6:4d:09:94:07:12:38:06:cb:c8:5e:21:35:a2:96:
1a:e6:bf:ad:72:8d:88:87:92:ce:da:df:cc:76:93:
45:55:ec:1b:2d:b3:0b:ae:8c:8f:83:91:4e:04:66:
88:bc:83:24:3e:db:a7:e5:1f:61:27:10:1d:42:10:
dc:b4:53:f2:e3:06:c2:8f:63:06:ca:96:cf:cc:09:
be:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:06:99:37:4A:FE:BD:CA:13:A6:8B:59:01:A1:EA:25:89:29:F3:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dcc22b26-6ca0-4e83-b784-c5c5985ecf43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:8040::/48
Signature Algorithm: sha256WithRSAEncryption
72:bd:a1:ee:03:54:ce:34:4b:65:fb:62:c0:f0:38:ce:bc:2a:
d7:c4:94:ed:7e:bd:79:7c:49:57:52:eb:1c:41:5f:37:d7:6c:
8c:2c:70:4c:0e:19:4f:3a:6e:c2:9b:35:38:08:ca:55:78:4d:
16:af:2e:50:8d:f3:49:6c:94:d6:ea:ac:0d:fe:56:f5:07:09:
e3:a4:11:64:4a:fc:ac:23:03:f2:26:a2:cb:43:10:71:4c:f9:
3a:bb:97:59:07:a5:90:1e:5e:22:b7:2c:80:98:9d:f6:2e:79:
34:dd:53:32:c8:51:2f:10:59:b3:9f:0e:d8:6e:53:4f:36:38:
87:66:ec:ff:74:9e:8e:80:6e:d6:cd:35:ef:11:1c:74:ae:f6:
42:db:07:84:f3:db:c4:ec:3c:a6:ef:c9:29:6f:63:7f:1e:9d:
d8:e1:03:ea:6a:85:1c:2e:cc:02:6a:6a:95:c8:1b:20:73:a6:
af:92:14:d8:88:59:02:c6:12:d4:72:86:ef:37:5f:f9:62:fb:
cf:65:de:e6:83:d3:b1:0a:59:49:5c:bc:b0:82:99:cd:83:57:
c3:51:f4:67:34:4d:9d:36:2c:6b:96:fc:85:0e:2f:46:44:43:
d3:03:9e:8c:6d:ee:f4:12:80:41:ee:ae:44:49:47:44:0b:25:
5e:f5:d5:98
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUM2c5Ss0gglaRy2foZCwHu8Ij4lYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUwMzVaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyN2VjYzRlYzExYTE3MTRkYjY5ODM3YmU3M2I0YzFhNDhhNTg0NzYxMjM3
NzJjNWYyZDVlMzllMDg0MTU0NzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALafDPzXBZwokN6taZh44VRTM2j4Rqs92QLv1XhWKwmMOYHDjD6xxdgPRwKr
KdHPdXYfSEaiTETakaLJQfGfbFtedln+RKd6ShsjBN5HXS/5T7f8sA3ACpizWOR7
TJ9eyOpj9H+Z12LVoNtjcvklayCFcgD3Qg7HrPrmiXK4WrkCercH7GZ/nc1qR9jo
UpZExdfaA9MVPVkd4wC3h+b9gFGL9LmSBvUNNal03w+5dxAcHaL0tk0JlAcSOAbL
yF4hNaKWGua/rXKNiIeSztrfzHaTRVXsGy2zC66Mj4ORTgRmiLyDJD7bp+UfYScQ
HUIQ3LRT8uMGwo9jBsqWz8wJvtkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSRBpk3
Sv69yhOmi1kBoeoliSnzUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGNjMjJiMjYtNmNhMC00ZTgzLWI3ODQtYzVjNTk4NWVjZjQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H2A
QDANBgkqhkiG9w0BAQsFAAOCAQEAcr2h7gNUzjRLZftiwPA4zrwq18SU7X69eXxJ
V1LrHEFfN9dsjCxwTA4ZTzpuwps1OAjKVXhNFq8uUI3zSWyU1uqsDf5W9QcJ46QR
ZEr8rCMD8iaiy0MQcUz5OruXWQelkB5eIrcsgJid9i55NN1TMshRLxBZs58O2G5T
TzY4h2bs/3SejoBu1s017xEcdK72QtsHhPPbxOw8pu/JKW9jfx6d2OED6mqFHC7M
AmpqlcgbIHOmr5IU2IhZAsYS1HKG7zdf+WL7z2Xe5oPTsQpZSVy8sIKZzYNXw1H0
ZzRNnTYsa5b8hQ4vRkRD0wOejG3u9BKAQe6uRElHRAslXvXVmA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:25 2025 by rpki-client