Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa
File: 88e98e26-39c9-4a1c-82e8-cc63267ca942.roa (raw, json)
Hash identifier: gjxBlknMqmH5HZwwdlsS9BlQlI3rLwVQL1EnmS1EV0A=
Subject key identifier: B5:F4:36:BA:C8:FF:B3:0A:03:AE:DE:DE:A1:0E:D7:B2:AF:20:18:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B53BAE7447E3E99D1CA61DE9821290481CF62DD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa
Signing time: Mon 06 Oct 2025 17:50:41 +0000
ROA not before: Mon 06 Oct 2025 17:50:41 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:8020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:53:ba:e7:44:7e:3e:99:d1:ca:61:de:98:21:29:04:81:cf:62:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:50:41 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=d21bf2dd93efb2941e46e5b8bf9b8c88fb78de060e7e750a1330ecdf7d43128e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:00:18:d9:b6:a2:9c:a4:f3:a6:18:5d:16:ed:
2c:0a:d8:3f:5a:a5:3c:74:84:87:14:a8:aa:92:ee:
b8:d1:5a:87:4e:6d:73:2e:88:7a:56:8a:86:d4:65:
9a:c6:28:e6:79:82:3b:8a:5d:cf:d5:fc:d4:e4:96:
e0:50:8c:d7:9e:cd:85:f4:76:1b:1d:06:a2:33:ae:
51:7f:58:2a:b3:c1:be:be:1f:83:e0:ec:c5:83:b3:
c6:1e:8b:d2:67:1f:3c:2e:d5:c6:0d:92:92:02:34:
be:ed:91:19:8e:40:ea:ce:35:17:1a:61:ee:27:f7:
c1:62:99:7b:a8:7b:de:f4:83:32:41:db:0e:cc:a3:
f2:ec:4a:47:53:69:9c:8d:b8:63:dc:7b:08:1a:8d:
b0:19:65:b0:5c:72:eb:19:7d:97:b6:6c:c5:d6:e6:
1e:92:7b:b8:ad:9f:d5:ee:a7:fa:cc:42:a3:92:97:
e3:fd:9f:f6:0b:ba:28:1e:10:1a:a8:f3:1e:c1:f0:
a8:aa:e1:c7:a3:bd:f9:d5:00:e2:8a:5d:2f:c5:08:
74:63:d4:24:7e:8c:93:73:f8:92:1c:4b:79:b4:19:
16:8d:dc:59:d2:0c:3d:68:e4:5d:02:e0:11:87:7d:
65:47:4b:4e:52:67:f2:2a:40:55:5b:c0:74:81:b3:
81:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F4:36:BA:C8:FF:B3:0A:03:AE:DE:DE:A1:0E:D7:B2:AF:20:18:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:8020::/46
Signature Algorithm: sha256WithRSAEncryption
ad:0c:bc:25:82:54:e8:38:37:58:16:81:14:0a:dc:a5:64:f4:
c6:b1:b4:87:6f:9b:f1:b7:72:f6:fe:b6:00:b8:83:9e:d3:98:
fa:bd:bc:a3:6e:16:b8:f1:f6:7e:65:1a:0c:94:41:1b:b3:8f:
8d:7a:12:f7:5f:8a:f3:d0:1a:17:1f:b3:38:db:dd:0a:a6:6a:
9e:99:05:a5:8b:c7:f2:5b:23:86:f1:f8:25:e4:8a:be:db:75:
21:79:d4:35:b6:a7:d2:0a:e6:48:56:4b:72:ca:2b:69:05:9e:
f8:b5:ae:7c:77:46:d2:42:01:44:3a:5b:f6:33:6b:4f:3b:da:
5a:d0:a8:e3:e2:8a:c1:fe:7a:5f:f1:67:55:d1:2c:1e:ef:02:
0c:99:3c:63:fc:79:0b:f7:c6:8a:fa:c9:21:e2:50:3d:03:ca:
e8:2d:04:ae:b6:96:df:56:a1:8c:04:60:f7:5a:06:67:c7:05:
06:17:61:99:27:0c:47:a7:64:cf:ba:51:a5:b4:55:ca:1d:a1:
30:66:49:15:9f:c9:41:a7:89:c8:8b:8e:c9:b8:79:49:e8:cf:
26:f4:73:1d:ff:fc:1f:19:64:ab:cb:85:a7:d3:4c:91:de:b8:
1c:bd:c3:f8:23:2d:22:04:ae:2d:3c:19:c1:13:e7:45:18:72:
5c:02:35:2f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUO1O650R+PpnRymHemCEpBIHPYt0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUwNDFaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyMWJmMmRkOTNlZmIyOTQxZTQ2ZTViOGJmOWI4Yzg4ZmI3OGRlMDYwZTdl
NzUwYTEzMzBlY2RmN2Q0MzEyOGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJoAGNm2opyk86YYXRbtLArYP1qlPHSEhxSoqpLuuNFah05tcy6IelaKhtRl
msYo5nmCO4pdz9X81OSW4FCM157NhfR2Gx0GojOuUX9YKrPBvr4fg+DsxYOzxh6L
0mcfPC7Vxg2SkgI0vu2RGY5A6s41Fxph7if3wWKZe6h73vSDMkHbDsyj8uxKR1Np
nI24Y9x7CBqNsBllsFxy6xl9l7ZsxdbmHpJ7uK2f1e6n+sxCo5KX4/2f9gu6KB4Q
GqjzHsHwqKrhx6O9+dUA4opdL8UIdGPUJH6Mk3P4khxLebQZFo3cWdIMPWjkXQLg
EYd9ZUdLTlJn8ipAVVvAdIGzgdcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS19Da6
yP+zCgOu3t6hDteyryAYNjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODhlOThlMjYtMzljOS00YTFjLTgyZTgtY2M2MzI2N2NhOTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA
IDANBgkqhkiG9w0BAQsFAAOCAQEArQy8JYJU6Dg3WBaBFArcpWT0xrG0h2+b8bdy
9v62ALiDntOY+r28o24WuPH2fmUaDJRBG7OPjXoS91+K89AaFx+zONvdCqZqnpkF
pYvH8lsjhvH4JeSKvtt1IXnUNban0grmSFZLcsoraQWe+LWufHdG0kIBRDpb9jNr
TzvaWtCo4+KKwf56X/FnVdEsHu8CDJk8Y/x5C/fGivrJIeJQPQPK6C0ErraW31ah
jARg91oGZ8cFBhdhmScMR6dkz7pRpbRVyh2hMGZJFZ/JQaeJyIuOybh5SejPJvRz
Hf/8Hxlkq8uFp9NMkd64HL3D+CMtIgSuLTwZwRPnRRhyXAI1Lw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:58 2025 by rpki-client