Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
File: 5326a6e7-9660-4ae8-a80a-996863be862e.roa (raw, json)
Hash identifier: Z4suG/0ZdqyuLs9lRBpCbuGhEJ/+eRtg2edrRjBm1uQ=
Subject key identifier: 24:5F:8F:F3:13:20:C2:98:40:0D:2D:50:66:04:51:EF:3F:71:3E:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73BBE69C53CF87C372A8E11DD02F3D3E8E9C294F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
Signing time: Wed 22 Oct 2025 00:20:09 +0000
ROA not before: Wed 22 Oct 2025 00:20:09 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:bb:e6:9c:53:cf:87:c3:72:a8:e1:1d:d0:2f:3d:3e:8e:9c:29:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 22 00:20:09 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=e722d997d420b59b05a6d018255b389cea80ac8a186b0024a2a0c06e2b12d5fe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bf:85:0d:02:1f:ba:6b:60:78:56:99:0d:08:
34:b7:01:d7:a3:b7:69:26:2e:fc:b0:96:26:f0:8b:
b4:54:34:cf:68:b7:77:4a:6c:03:21:65:ea:0a:be:
fc:15:7b:a9:6b:13:65:41:05:80:08:99:d8:72:6a:
21:44:63:11:ad:c7:6f:35:2f:f8:c8:91:bf:f7:71:
b2:61:e5:64:73:ec:dd:d5:26:02:a2:cf:15:ae:9b:
8a:86:bd:ca:94:71:87:24:38:14:bb:16:f8:7e:4a:
ff:d3:8e:0f:fb:5e:4e:21:39:3f:f3:76:cd:73:a3:
42:51:f5:69:03:d4:66:d1:ab:41:48:06:1d:81:1f:
b5:76:b4:a7:1d:c7:e6:55:bd:c3:ba:50:9a:cf:a5:
60:d0:38:0c:8c:0a:35:6c:f4:52:3c:28:fa:eb:de:
a3:58:94:e4:66:39:0d:49:0e:27:ec:2a:71:a7:4c:
35:4d:37:d3:a5:c4:ad:7f:62:4d:98:8b:d8:0f:25:
cb:c5:57:75:58:20:b1:76:c4:01:ef:97:09:96:4c:
45:bc:3c:e3:20:49:1e:75:f7:d3:38:86:eb:5c:98:
e4:d5:53:c9:9e:af:09:fb:93:66:48:ba:55:b7:d3:
cf:fc:51:06:2f:a1:f9:8b:ec:58:83:85:ca:33:95:
c4:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:5F:8F:F3:13:20:C2:98:40:0D:2D:50:66:04:51:EF:3F:71:3E:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.64.0/19
Signature Algorithm: sha256WithRSAEncryption
23:f6:49:0c:c2:4d:c0:5f:f7:a8:3b:0f:e3:78:fa:a1:5b:35:
1c:48:de:39:8f:bd:db:63:90:af:6f:af:27:20:62:44:1f:af:
f2:5e:e1:c2:83:0e:a3:48:b2:27:26:9f:1d:5e:fc:1a:1d:80:
6f:f2:20:07:a0:05:5b:14:b5:0d:ec:70:be:66:9f:12:67:be:
f0:ad:11:c1:d4:2f:a1:08:78:59:f9:1d:cd:72:b3:6d:c3:5b:
aa:01:ed:4c:dd:26:f8:a7:62:a2:e8:d8:25:f4:e4:c4:ef:4c:
ee:36:d1:a4:9a:8e:19:0b:9c:95:95:57:cf:dd:70:46:24:0a:
21:fc:b7:5a:8d:c9:82:79:76:3d:70:3a:bf:7d:61:70:08:35:
ed:3e:8a:8f:1f:e1:12:c0:78:a0:67:ea:e7:fa:9a:5a:b0:5b:
74:2d:60:ed:98:eb:b9:e3:23:dc:a5:92:08:53:bc:ed:93:ad:
a6:63:e8:c5:37:7f:33:18:ca:26:15:33:b9:f5:7a:a7:be:58:
d9:9f:11:e1:23:18:ce:df:73:b9:42:33:ad:a9:ed:58:92:a3:
e4:3b:cd:5e:8f:dd:ea:9d:05:1a:75:66:91:42:d2:80:9d:77:
7a:1e:18:34:72:d3:74:45:21:35:73:60:5b:7b:d5:52:2c:74:
56:70:d5:c1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUc7vmnFPPh8NyqOEd0C89Po6cKU8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjIwMDIwMDlaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3MjJkOTk3ZDQyMGI1OWIwNWE2ZDAxODI1NWIzODljZWE4MGFjOGExODZi
MDAyNGEyYTBjMDZlMmIxMmQ1ZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+/hQ0CH7prYHhWmQ0INLcB16O3aSYu/LCWJvCLtFQ0z2i3d0psAyFl6gq+
/BV7qWsTZUEFgAiZ2HJqIURjEa3HbzUv+MiRv/dxsmHlZHPs3dUmAqLPFa6bioa9
ypRxhyQ4FLsW+H5K/9OOD/teTiE5P/N2zXOjQlH1aQPUZtGrQUgGHYEftXa0px3H
5lW9w7pQms+lYNA4DIwKNWz0Ujwo+uveo1iU5GY5DUkOJ+wqcadMNU0306XErX9i
TZiL2A8ly8VXdVggsXbEAe+XCZZMRbw84yBJHnX30ziG61yY5NVTyZ6vCfuTZki6
VbfTz/xRBi+h+YvsWIOFyjOVxK0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQkX4/z
EyDCmEANLVBmBFHvP3E+HTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMyNmE2ZTctOTY2MC00YWU4LWE4MGEtOTk2ODYzYmU4NjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99QDAN
BgkqhkiG9w0BAQsFAAOCAQEAI/ZJDMJNwF/3qDsP43j6oVs1HEjeOY+922OQr2+v
JyBiRB+v8l7hwoMOo0iyJyafHV78Gh2Ab/IgB6AFWxS1DexwvmafEme+8K0RwdQv
oQh4WfkdzXKzbcNbqgHtTN0m+KdioujYJfTkxO9M7jbRpJqOGQuclZVXz91wRiQK
Ify3Wo3Jgnl2PXA6v31hcAg17T6Kjx/hEsB4oGfq5/qaWrBbdC1g7ZjrueMj3KWS
CFO87ZOtpmPoxTd/MxjKJhUzufV6p75Y2Z8R4SMYzt9zuUIzrantWJKj5DvNXo/d
6p0FGnVmkULSgJ13eh4YNHLTdEUhNXNgW3vVUix0VnDVwQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:08 2025 by rpki-client