Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
File: 93932fd5-a431-4690-94d6-ed2f97f585c1.roa (raw, json)
Hash identifier: XVVtHugR1aeyMxTs15+TvYwoX1f8Xmpet8bTEw+iqDY=
Subject key identifier: 92:0F:A4:53:3C:B3:1E:0C:66:C4:E2:39:23:8A:B6:09:93:EA:4D:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D8CE15C711473EAD75ABD7F9DEC0795CC4ACA8E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
Signing time: Fri 26 Sep 2025 19:51:36 +0000
ROA not before: Fri 26 Sep 2025 19:51:36 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:8c:e1:5c:71:14:73:ea:d7:5a:bd:7f:9d:ec:07:95:cc:4a:ca:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:51:36 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=92c120f972f7daced8e8e6edac48d0f688f37f81688904632c0d851e84f3f0ca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:54:10:2d:34:92:e8:0d:3a:be:78:ee:dc:9f:
fb:16:05:49:f2:13:e1:d3:ce:b2:49:ba:90:bf:12:
f5:f7:64:61:41:72:70:f7:39:da:e3:eb:ac:f2:7f:
72:c6:76:ec:7b:66:b7:9b:de:08:54:25:be:a8:8f:
e6:ec:0f:89:c6:0e:35:96:16:02:72:0b:0a:76:0d:
a4:15:a4:22:4b:4d:e4:46:eb:96:60:0f:d6:8f:8d:
19:ef:86:74:f9:05:20:c6:43:5d:cb:1f:89:8d:ea:
a4:ce:34:5d:67:41:99:ec:7f:6b:51:8b:5b:f9:54:
fb:d9:bf:25:64:4e:be:24:83:d9:23:c1:61:b9:35:
0f:f9:11:62:72:c7:29:52:40:70:88:76:a0:a3:fc:
eb:5d:d8:34:78:86:2b:01:24:dd:14:17:43:26:9a:
7b:2c:30:51:59:4c:b0:c1:f1:d2:13:5b:22:17:a4:
09:a6:34:00:be:49:54:d9:67:be:38:bd:b0:bc:30:
8c:b2:c1:0c:f8:ba:74:a0:8e:c1:72:c2:1f:5c:9d:
3a:e0:f9:f7:f9:3f:43:81:d9:5c:78:d2:2a:0a:64:
21:8a:a0:04:ad:c1:5e:96:15:88:55:b8:84:5b:3f:
40:64:b1:bb:da:75:c8:1e:ae:9a:2a:83:d2:99:76:
1c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:0F:A4:53:3C:B3:1E:0C:66:C4:E2:39:23:8A:B6:09:93:EA:4D:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:800::/38
Signature Algorithm: sha256WithRSAEncryption
a7:d6:c3:a0:9a:08:26:93:ab:66:29:4c:66:69:48:26:b0:1a:
af:a6:1e:72:4b:98:62:a7:3a:4b:3b:73:53:cb:8c:90:2a:0d:
cd:ec:4d:52:0c:2b:15:a3:c1:94:7a:cf:8e:b4:6a:c8:a5:32:
ae:98:3a:4e:da:db:fc:c4:ed:1f:7d:a7:73:c3:fb:d9:cf:74:
8e:88:cc:11:1f:79:88:c5:bc:69:2a:9f:d9:0d:d0:2e:83:70:
c1:81:27:80:23:93:1b:34:60:98:3b:19:ed:ba:93:81:64:f5:
2d:de:2e:f7:0d:61:2e:f0:c5:54:20:55:a7:87:18:5d:a7:1e:
42:79:f7:26:ba:6d:5b:2e:8d:b4:76:33:08:0a:9e:1d:ab:a1:
49:19:d5:f7:1d:68:03:cd:2d:48:6e:63:c9:42:54:8b:57:ba:
4c:d5:04:57:09:6f:6a:23:30:ed:65:e7:ee:1a:52:b2:6e:4c:
cb:42:ea:a7:8c:1f:39:45:e1:c2:70:d4:6e:19:29:3c:d3:fb:
28:68:10:68:ad:8c:b4:cd:d5:01:89:e1:4c:1b:05:72:e3:d3:
cd:ae:c9:94:97:3f:ae:e6:23:28:89:63:8f:30:53:47:79:58:
21:c1:fd:55:76:fe:9d:84:59:21:5b:24:3f:7d:1a:ab:64:b7:
5d:e1:d7:5c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPYzhXHEUc+rXWr1/newHlcxKyo4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTUxMzZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyYzEyMGY5NzJmN2RhY2VkOGU4ZTZlZGFjNDhkMGY2ODhmMzdmODE2ODg5
MDQ2MzJjMGQ4NTFlODRmM2YwY2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJUEC00kugNOr547tyf+xYFSfIT4dPOskm6kL8S9fdkYUFycPc52uPrrPJ/
csZ27Htmt5veCFQlvqiP5uwPicYONZYWAnILCnYNpBWkIktN5EbrlmAP1o+NGe+G
dPkFIMZDXcsfiY3qpM40XWdBmex/a1GLW/lU+9m/JWROviSD2SPBYbk1D/kRYnLH
KVJAcIh2oKP8613YNHiGKwEk3RQXQyaaeywwUVlMsMHx0hNbIhekCaY0AL5JVNln
vji9sLwwjLLBDPi6dKCOwXLCH1ydOuD59/k/Q4HZXHjSKgpkIYqgBK3BXpYViFW4
hFs/QGSxu9p1yB6umiqD0pl2HFkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSSD6RT
PLMeDGbE4jkjirYJk+pNfTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM5MzJmZDUtYTQzMS00NjkwLTk0ZDYtZWQyZjk3ZjU4NWMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BII
MA0GCSqGSIb3DQEBCwUAA4IBAQCn1sOgmggmk6tmKUxmaUgmsBqvph5yS5hipzpL
O3NTy4yQKg3N7E1SDCsVo8GUes+OtGrIpTKumDpO2tv8xO0ffadzw/vZz3SOiMwR
H3mIxbxpKp/ZDdAug3DBgSeAI5MbNGCYOxntupOBZPUt3i73DWEu8MVUIFWnhxhd
px5Cefcmum1bLo20djMICp4dq6FJGdX3HWgDzS1IbmPJQlSLV7pM1QRXCW9qIzDt
ZefuGlKybkzLQuqnjB85ReHCcNRuGSk80/soaBBorYy0zdUBieFMGwVy49PNrsmU
lz+u5iMoiWOPMFNHeVghwf1Vdv6dhFkhWyQ/fRqrZLdd4ddc
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:30 2025 by rpki-client