Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
File: 10e25f26-1142-4a43-8091-69f9ddd435c1.roa (raw, json)
Hash identifier: 8MIbuQY++2a1F8GD0Xd36nOpjgGcCoRS/+xm2/50XkI=
Subject key identifier: 53:90:D7:19:3C:29:ED:4D:4B:98:2D:32:D5:0F:7B:42:35:CA:DF:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 573E075561FC3BAE73A7731A3254D12A18F5F081
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
Signing time: Fri 26 Sep 2025 19:40:59 +0000
ROA not before: Fri 26 Sep 2025 19:40:59 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:3e:07:55:61:fc:3b:ae:73:a7:73:1a:32:54:d1:2a:18:f5:f0:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:40:59 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=72059434a41a16ba696dfb75a264f9ee82432ebcbfc2208c1397ab52dfd15093, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b7:a5:53:51:83:ca:87:9e:e0:ec:71:08:f6:
ae:3d:b8:a1:68:a8:23:01:b2:e6:d4:94:24:99:3a:
10:dc:48:7a:74:00:c4:6b:16:ce:7b:61:9e:fe:46:
21:4f:e7:0e:b3:99:dc:b7:6d:cb:f5:33:51:dd:26:
aa:5f:24:70:b6:84:86:e5:78:68:98:4b:58:34:21:
e5:ab:08:24:29:e2:15:45:f4:c7:b6:59:52:f9:5f:
73:0c:90:36:a3:77:93:20:f7:2e:7b:a2:63:3c:c0:
3b:e4:b2:3d:ff:2c:98:69:ae:bf:f5:f7:67:d2:3d:
a5:51:7d:7c:3c:e9:4e:2f:82:c2:9e:c6:a1:54:02:
47:18:f0:9e:40:2c:3b:d3:25:40:22:3f:cf:9d:8d:
38:54:a5:a0:f0:6e:7a:cb:59:2d:19:0d:3f:5a:c1:
a0:e1:30:1f:09:83:18:38:fc:fa:c5:5d:9a:0c:c5:
8b:f7:5b:66:85:2c:5b:77:aa:fb:ca:16:99:9f:23:
ea:81:06:bf:79:ab:29:1c:c8:d7:75:55:07:be:2d:
0a:61:ab:04:2f:a6:6e:ec:69:5e:27:fc:a8:e1:e2:
b9:f8:ff:c4:f5:35:c3:25:c2:33:b4:c4:ad:3a:c6:
0b:86:42:c7:5e:fe:69:94:e1:f9:00:1f:45:d6:21:
1b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:90:D7:19:3C:29:ED:4D:4B:98:2D:32:D5:0F:7B:42:35:CA:DF:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:1000::/40
Signature Algorithm: sha256WithRSAEncryption
c6:18:a4:29:63:fc:3e:17:2b:f7:2f:75:74:2f:8c:92:d1:53:
0b:36:2d:09:21:8b:9c:a1:27:5f:1f:d9:3b:fa:09:e1:a7:b8:
c2:ce:ac:19:92:e2:24:80:dd:6e:66:ba:f5:17:cf:7a:16:fc:
dc:db:ba:53:9f:cf:bb:eb:ee:fd:31:e0:49:15:3c:77:94:f2:
52:8d:c6:62:15:22:60:02:8c:9e:41:0f:68:83:03:3b:ed:aa:
8c:f1:cd:67:47:3f:5b:5b:47:c7:2a:5e:3b:b0:30:1b:2b:8c:
74:d9:ca:9f:7e:95:3a:63:fa:96:5e:33:cc:c2:ae:29:d4:a6:
f7:73:af:02:43:fa:2b:0b:3b:98:2d:30:f2:7d:d7:0b:0f:3b:
d8:ac:a8:89:49:c2:13:2a:4b:06:12:c7:8e:1a:84:c2:af:11:
aa:a9:f6:bc:96:66:40:67:8a:8d:c4:42:e2:f3:07:11:04:47:
a0:84:4e:9f:45:15:69:d6:b6:3d:32:ea:59:8c:35:da:d6:5e:
7e:7b:cd:72:61:e2:ab:78:12:b0:19:60:1f:69:c7:4c:e9:9d:
c0:ad:b9:2f:ba:33:93:31:43:ff:34:24:c7:50:a4:58:1b:93:
52:70:14:22:f1:89:61:cf:2a:5e:84:e2:dd:0b:c9:c9:c6:b3:
b1:89:a2:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVz4HVWH8O65zp3MaMlTRKhj18IEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQwNTlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyMDU5NDM0YTQxYTE2YmE2OTZkZmI3NWEyNjRmOWVlODI0MzJlYmNiZmMy
MjA4YzEzOTdhYjUyZGZkMTUwOTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMG3pVNRg8qHnuDscQj2rj24oWioIwGy5tSUJJk6ENxIenQAxGsWznthnv5G
IU/nDrOZ3Ldty/UzUd0mql8kcLaEhuV4aJhLWDQh5asIJCniFUX0x7ZZUvlfcwyQ
NqN3kyD3LnuiYzzAO+SyPf8smGmuv/X3Z9I9pVF9fDzpTi+Cwp7GoVQCRxjwnkAs
O9MlQCI/z52NOFSloPBuestZLRkNP1rBoOEwHwmDGDj8+sVdmgzFi/dbZoUsW3eq
+8oWmZ8j6oEGv3mrKRzI13VVB74tCmGrBC+mbuxpXif8qOHiufj/xPU1wyXCM7TE
rTrGC4ZCx17+aZTh+QAfRdYhG8kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRTkNcZ
PCntTUuYLTLVD3tCNcrfIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTBlMjVmMjYtMTE0Mi00YTQzLTgwOTEtNjlmOWRkZDQzNWMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDGGKQpY/w+Fyv3L3V0L4yS0VMLNi0JIYucoSdf
H9k7+gnhp7jCzqwZkuIkgN1uZrr1F896Fvzc27pTn8+76+79MeBJFTx3lPJSjcZi
FSJgAoyeQQ9ogwM77aqM8c1nRz9bW0fHKl47sDAbK4x02cqffpU6Y/qWXjPMwq4p
1Kb3c68CQ/orCzuYLTDyfdcLDzvYrKiJScITKksGEseOGoTCrxGqqfa8lmZAZ4qN
xELi8wcRBEeghE6fRRVp1rY9MupZjDXa1l5+e81yYeKreBKwGWAfacdM6Z3Arbkv
ujOTMUP/NCTHUKRYG5NScBQi8YlhzypehOLdC8nJxrOxiaK5
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:44 2025 by rpki-client