Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
File: 04593af5-4653-4d6a-8bb5-65270db84a4f.roa (raw, json)
Hash identifier: +WgpghN8iwBY9tl1b6ugO8VswM7j8otrxvv2BvSnY3o=
Subject key identifier: 9D:05:18:12:25:C4:8B:B6:25:C4:39:2D:1F:77:8E:5E:15:CA:08:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E21D19F32EF5A6A2047B7E64C7C2D4811B28F5C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
Signing time: Fri 26 Sep 2025 20:10:12 +0000
ROA not before: Fri 26 Sep 2025 20:10:12 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02d::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:21:d1:9f:32:ef:5a:6a:20:47:b7:e6:4c:7c:2d:48:11:b2:8f:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:10:12 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a2be76c0d1b76f7cd5b397f8ab907d1e3e5d0fbe40ed07b6abd199214218e919, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c4:0e:b5:1d:c7:f9:c4:78:df:3f:4b:b4:4a:
03:59:81:ea:6b:74:08:f1:16:14:cc:ed:88:68:d8:
6c:ea:da:51:27:1d:92:06:ac:a8:a0:2e:17:ee:f5:
d1:84:81:e7:27:a5:01:fe:46:a8:8e:5a:0b:bf:8d:
2a:ae:28:93:d6:76:30:d5:ac:ba:ab:2e:b9:48:8c:
c2:16:b0:56:12:d9:1a:9e:de:80:eb:68:cc:6c:21:
33:7e:a1:ed:83:e9:1f:66:62:5c:d3:dc:1b:88:0b:
7b:9f:af:b2:31:3b:e3:6e:ca:1e:63:8d:3e:f6:3e:
39:47:e3:5e:d0:c0:ae:d1:47:cd:f5:06:30:1c:4e:
2d:d6:f5:05:eb:26:72:15:e1:4f:63:2d:67:97:a1:
dd:2c:30:f2:73:67:3a:ed:c5:76:c2:9e:55:5f:2e:
d8:c9:c0:80:95:d0:b8:2f:89:38:c4:a4:f1:23:8b:
f8:c2:22:7b:ff:b6:3b:14:02:ab:b1:1a:f7:78:08:
79:72:6b:30:2f:68:aa:8d:8e:68:2f:e6:07:84:7e:
1d:dc:5f:3f:60:06:b8:22:bf:f1:6e:5f:ae:59:f7:
6b:74:fe:31:86:2a:28:a9:6e:4f:89:22:bc:49:22:
ca:9d:27:de:77:b3:dc:92:c0:43:68:71:1c:48:ec:
3e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:05:18:12:25:C4:8B:B6:25:C4:39:2D:1F:77:8E:5E:15:CA:08:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02d::/36
Signature Algorithm: sha256WithRSAEncryption
96:70:44:a6:2e:d8:75:91:ee:53:aa:27:f1:ce:62:1e:33:18:
eb:ff:70:c9:ac:26:82:49:4e:0e:88:07:2a:7c:0a:ff:5d:88:
62:f4:1f:78:fa:fd:40:57:48:28:1f:d5:f0:78:3f:37:25:c9:
0b:f7:88:49:3c:d5:eb:66:82:df:89:56:7c:ba:a9:29:e2:bf:
a0:53:65:f7:b9:67:bf:97:c6:ae:03:32:37:33:6f:a1:34:14:
16:98:73:3e:f7:44:12:cd:78:b7:fe:b0:d3:79:dc:df:c7:3d:
f6:d8:5c:0d:88:31:17:5f:a0:c6:0f:41:e8:6c:e9:53:fd:42:
b4:49:a4:56:07:6a:c3:57:ff:fd:14:9b:24:39:09:21:6e:88:
68:5e:ee:11:17:b8:18:c9:4a:3a:43:40:c8:d2:f1:c1:6d:44:
d1:c5:80:82:9f:96:df:d5:2c:88:11:1a:92:bb:13:52:19:8f:
e6:27:20:7a:87:11:71:74:62:42:73:7a:3d:cf:8f:1c:48:58:
12:98:7e:a6:7c:bf:ea:da:81:f6:ed:69:eb:3f:dd:84:53:0c:
68:d9:f6:82:e6:4e:34:24:35:0f:19:3e:32:ec:b4:0c:c7:92:
7b:90:d8:8a:7a:52:8d:67:33:cf:c2:ef:b2:c0:b9:7b:cf:19:
80:88:c1:de
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfiHRnzLvWmogR7fmTHwtSBGyj1wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDEwMTJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyYmU3NmMwZDFiNzZmN2NkNWIzOTdmOGFiOTA3ZDFlM2U1ZDBmYmU0MGVk
MDdiNmFiZDE5OTIxNDIxOGU5MTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANnEDrUdx/nEeN8/S7RKA1mB6mt0CPEWFMztiGjYbOraUScdkgasqKAuF+71
0YSB5yelAf5GqI5aC7+NKq4ok9Z2MNWsuqsuuUiMwhawVhLZGp7egOtozGwhM36h
7YPpH2ZiXNPcG4gLe5+vsjE7427KHmONPvY+OUfjXtDArtFHzfUGMBxOLdb1Besm
chXhT2MtZ5eh3Sww8nNnOu3FdsKeVV8u2MnAgJXQuC+JOMSk8SOL+MIie/+2OxQC
q7Ea93gIeXJrMC9oqo2OaC/mB4R+HdxfP2AGuCK/8W5frln3a3T+MYYqKKluT4ki
vEkiyp0n3nez3JLAQ2hxHEjsPv8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSdBRgS
JcSLtiXEOS0fd45eFcoIXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ1OTNhZjUtNDY1My00ZDZhLThiYjUtNjUyNzBkYjg0YTRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C0A
MA0GCSqGSIb3DQEBCwUAA4IBAQCWcESmLth1ke5TqifxzmIeMxjr/3DJrCaCSU4O
iAcqfAr/XYhi9B94+v1AV0goH9XweD83JckL94hJPNXrZoLfiVZ8uqkp4r+gU2X3
uWe/l8auAzI3M2+hNBQWmHM+90QSzXi3/rDTedzfxz322FwNiDEXX6DGD0HobOlT
/UK0SaRWB2rDV//9FJskOQkhbohoXu4RF7gYyUo6Q0DI0vHBbUTRxYCCn5bf1SyI
ERqSuxNSGY/mJyB6hxFxdGJCc3o9z48cSFgSmH6mfL/q2oH27WnrP92EUwxo2faC
5k40JDUPGT4y7LQMx5J7kNiKelKNZzPPwu+ywLl7zxmAiMHe
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:10 2025 by rpki-client