Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
File: bad2460c-8206-4534-9b9b-355c2d524858.roa (raw, json)
Hash identifier: qM/SqWJSO6oVaYd//H9dLhhoRBxpzBffBnqOa4kmMIU=
Subject key identifier: 20:7F:E1:6A:F0:5A:D6:7A:1B:09:01:16:F5:87:15:17:BC:0C:7E:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 799EFD9DE094157537F8D70C0EB71D59D6E1243E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
Signing time: Mon 01 Sep 2025 20:41:03 +0000
ROA not before: Mon 01 Sep 2025 20:41:03 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:9e:fd:9d:e0:94:15:75:37:f8:d7:0c:0e:b7:1d:59:d6:e1:24:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:41:03 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=e2548c4cc680d68c64005d7209f810adfa2776e524cefa21635a0b65c67d98fa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:3f:b8:be:af:7b:a9:1f:16:fc:b7:cf:24:9a:
f0:a8:8c:f8:82:4c:64:8f:df:3e:49:26:ae:d3:81:
7c:81:c4:c1:6f:94:1c:f3:d7:d4:6f:0b:af:6b:89:
53:ba:64:e0:bb:cf:e4:15:14:9e:e9:78:9e:ba:7b:
a5:08:73:60:a2:a2:a9:11:a8:97:4b:79:06:26:d9:
36:7f:93:75:5f:d1:e4:c3:71:57:85:e4:75:c3:96:
57:95:a5:96:07:ab:73:1e:23:09:d2:52:1e:11:89:
34:d8:58:ac:09:11:cd:69:c9:0f:ef:d9:e8:fb:9b:
5b:b3:2f:24:7c:f6:17:af:6b:89:7c:a9:b8:dc:49:
8a:5e:87:36:bb:ab:a2:ec:49:04:4d:24:3b:65:4d:
1a:12:fa:80:1f:d6:25:35:ac:6b:1e:3a:15:22:cc:
c6:55:ec:c5:62:46:d7:d8:87:55:a7:fb:f6:92:9e:
32:46:37:25:22:3b:ab:1c:00:65:75:06:11:c1:2a:
9c:78:61:04:fd:97:9b:a6:96:8f:ca:06:fe:c8:cd:
07:20:9a:bb:dd:fa:f1:26:6b:8b:42:fe:9c:5f:8d:
ac:34:1b:d7:86:90:91:a9:4b:e9:b9:56:10:32:f9:
c1:2d:31:89:d1:d2:0b:e6:04:74:a3:93:60:47:bf:
00:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:7F:E1:6A:F0:5A:D6:7A:1B:09:01:16:F5:87:15:17:BC:0C:7E:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:6000::/40
Signature Algorithm: sha256WithRSAEncryption
6c:56:78:26:76:79:ec:61:7e:16:8d:68:05:9d:bd:2b:a2:da:
f3:17:ed:10:01:26:24:cf:db:ae:c2:2b:99:20:a7:4f:61:5e:
f5:05:57:d9:f1:bf:6b:33:10:69:1f:41:6b:81:58:48:8d:02:
f7:d1:d4:33:6d:71:94:d1:11:13:55:ff:80:c6:14:a3:4e:59:
e7:f0:e2:46:fb:1e:b8:e0:97:a7:1a:8a:23:6f:19:e1:0d:34:
a0:95:95:9a:c9:ef:75:22:1d:e4:13:7f:c5:6e:0e:e3:85:b4:
fe:12:b7:23:af:d7:bc:81:fd:a1:83:16:b7:8a:a2:21:de:b0:
1b:13:f6:24:f1:51:6c:fa:0e:88:82:18:83:1e:b9:dc:ec:b2:
13:e7:f1:46:58:32:27:78:a0:9f:0b:f2:01:b1:1f:5e:21:0c:
ad:f0:cd:ac:43:c2:1e:ef:2a:af:7c:99:63:2f:ce:1d:9a:6c:
53:c5:af:76:e6:5c:95:59:94:dd:3a:38:6a:6c:17:bc:2b:d9:
7a:bd:15:97:a7:31:4a:42:aa:99:78:43:7c:ae:01:7a:7f:04:
2d:9f:77:b9:6f:90:14:fc:a0:93:89:28:ce:24:9d:e7:50:3a:
28:72:2f:5e:45:46:1b:8a:c4:1c:01:fb:e1:2f:72:67:33:d2:
ba:8f:c2:97
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeZ79neCUFXU3+NcMDrcdWdbhJD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQxMDNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyNTQ4YzRjYzY4MGQ2OGM2NDAwNWQ3MjA5ZjgxMGFkZmEyNzc2ZTUyNGNl
ZmEyMTYzNWEwYjY1YzY3ZDk4ZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOc/uL6ve6kfFvy3zySa8KiM+IJMZI/fPkkmrtOBfIHEwW+UHPPX1G8Lr2uJ
U7pk4LvP5BUUnul4nrp7pQhzYKKiqRGol0t5BibZNn+TdV/R5MNxV4XkdcOWV5Wl
lgercx4jCdJSHhGJNNhYrAkRzWnJD+/Z6PubW7MvJHz2F69riXypuNxJil6HNrur
ouxJBE0kO2VNGhL6gB/WJTWsax46FSLMxlXsxWJG19iHVaf79pKeMkY3JSI7qxwA
ZXUGEcEqnHhhBP2Xm6aWj8oG/sjNByCau9368SZri0L+nF+NrDQb14aQkalL6blW
EDL5wS0xidHSC+YEdKOTYEe/AMMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQgf+Fq
8FrWehsJARb1hxUXvAx+JjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmFkMjQ2MGMtODIwNi00NTM0LTliOWItMzU1YzJkNTI0ODU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5g
MA0GCSqGSIb3DQEBCwUAA4IBAQBsVngmdnnsYX4WjWgFnb0rotrzF+0QASYkz9uu
wiuZIKdPYV71BVfZ8b9rMxBpH0FrgVhIjQL30dQzbXGU0RETVf+AxhSjTlnn8OJG
+x644JenGoojbxnhDTSglZWaye91Ih3kE3/Fbg7jhbT+Ercjr9e8gf2hgxa3iqIh
3rAbE/Yk8VFs+g6IghiDHrnc7LIT5/FGWDIneKCfC/IBsR9eIQyt8M2sQ8Ie7yqv
fJljL84dmmxTxa925lyVWZTdOjhqbBe8K9l6vRWXpzFKQqqZeEN8rgF6fwQtn3e5
b5AU/KCTiSjOJJ3nUDooci9eRUYbisQcAfvhL3JnM9K6j8KX
-----END CERTIFICATE-----
Generated at Mon Sep 15 12:02:05 2025 by rpki-client