Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82d9b619-a6dc-44c4-9589-f89fef2e61f0.roa
File: 82d9b619-a6dc-44c4-9589-f89fef2e61f0.roa (raw, json)
Hash identifier: pIAu9UqD91qL/uK6mT8mDeY+WUh/XKJJuLz/ZJLonJg=
Subject key identifier: EC:22:73:CD:A2:82:3E:5E:E2:76:E4:38:23:95:41:D7:35:AF:93:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5929A58509EC3D5CFF05C3229662719F97C5FCEC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82d9b619-a6dc-44c4-9589-f89fef2e61f0.roa
Signing time: Mon 06 Oct 2025 18:10:03 +0000
ROA not before: Mon 06 Oct 2025 18:10:03 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:29:a5:85:09:ec:3d:5c:ff:05:c3:22:96:62:71:9f:97:c5:fc:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:10:03 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=1a59dfbe52794721903fd6e9ee01c0e6475405d2e4f6f0934baba5a7dd2dedd1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fd:12:37:f3:d6:77:43:9e:63:e9:1d:a1:f8:
d5:40:68:8f:95:a2:48:33:31:eb:fc:e8:0a:08:d8:
ed:75:2e:17:f8:ac:09:8f:b9:79:0d:15:08:3e:30:
ae:93:7d:a1:05:9c:8a:6c:35:b8:20:14:a6:84:01:
ae:b2:24:49:ba:b4:a0:af:7d:57:a4:a9:3e:b6:8c:
8e:ba:fa:ad:e8:7b:27:a8:15:4e:51:45:b8:fb:dd:
ad:47:dc:7a:ce:f0:da:78:15:69:ed:62:a9:43:5f:
1c:99:d2:94:3b:ec:ba:c7:f2:0d:7c:b6:40:10:87:
0b:f4:ac:81:a6:d2:ce:a8:a9:82:93:0b:54:a6:31:
7e:da:ef:65:c3:c6:43:8b:5d:3d:6a:d6:08:54:64:
75:5b:9b:11:31:bf:11:9a:4e:dd:e4:ad:13:90:b0:
ad:4e:2d:d4:b9:96:1b:5e:98:f1:c8:a6:ad:9b:25:
39:4c:a8:be:0e:e4:46:d5:d7:ca:3e:88:ba:f5:42:
7c:6d:b2:6d:ce:b5:cc:6c:cd:bf:1c:0c:83:3d:15:
5f:2a:d0:8e:6c:68:a5:d0:86:50:40:85:14:ff:b8:
69:20:26:89:03:ff:b2:60:8b:28:3e:60:76:39:f7:
f6:5e:55:66:b8:65:76:de:56:2f:6c:dc:b7:ff:83:
59:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:22:73:CD:A2:82:3E:5E:E2:76:E4:38:23:95:41:D7:35:AF:93:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82d9b619-a6dc-44c4-9589-f89fef2e61f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c000::/40
Signature Algorithm: sha256WithRSAEncryption
29:72:3e:6d:c3:79:99:66:0b:fb:f4:46:eb:86:90:08:a5:f2:
e8:a8:d0:40:90:f2:33:25:c3:53:1e:13:d7:f5:a1:33:24:75:
0d:83:17:68:3d:89:1d:26:a7:13:43:fc:16:7f:30:95:aa:df:
ca:c1:49:a3:c9:de:98:5b:d6:3b:12:90:62:24:d0:49:7a:e8:
16:61:d7:93:9c:81:7f:bd:2b:23:f5:80:6d:27:ab:30:27:00:
f1:0c:e3:b7:53:3b:e2:b3:5b:2f:f7:d9:e3:7e:d3:42:3a:ae:
81:7c:a4:5a:ae:34:8e:23:51:fa:e5:cc:d5:de:d8:f7:c4:de:
54:ec:c2:56:cc:15:4f:f3:9c:95:e9:af:1b:56:2d:0d:4d:dd:
9d:3b:5e:8f:61:0f:45:9c:ba:3b:b0:ad:05:86:28:20:5e:c4:
34:7d:bc:ef:c5:8b:9e:b5:5a:ec:0c:ab:6f:b2:83:e6:92:5d:
1b:14:6e:a1:5c:60:d8:b1:89:a1:4b:3f:57:85:e6:14:c0:33:
bf:02:e6:f9:64:d3:60:f7:ea:cd:a4:b8:bc:82:d9:45:65:62:
58:20:0d:87:58:c2:1b:a2:d0:de:6d:ec:58:84:7b:93:7d:1f:
2c:41:b2:d3:1d:af:2a:39:f3:93:21:d1:ef:6a:ef:7d:16:88:
22:f6:0d:8b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWSmlhQnsPVz/BcMilmJxn5fF/OwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODEwMDNaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhNTlkZmJlNTI3OTQ3MjE5MDNmZDZlOWVlMDFjMGU2NDc1NDA1ZDJlNGY2
ZjA5MzRiYWJhNWE3ZGQyZGVkZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJP9Ejfz1ndDnmPpHaH41UBoj5WiSDMx6/zoCgjY7XUuF/isCY+5eQ0VCD4w
rpN9oQWcimw1uCAUpoQBrrIkSbq0oK99V6SpPraMjrr6reh7J6gVTlFFuPvdrUfc
es7w2ngVae1iqUNfHJnSlDvsusfyDXy2QBCHC/SsgabSzqipgpMLVKYxftrvZcPG
Q4tdPWrWCFRkdVubETG/EZpO3eStE5CwrU4t1LmWG16Y8cimrZslOUyovg7kRtXX
yj6IuvVCfG2ybc61zGzNvxwMgz0VXyrQjmxopdCGUECFFP+4aSAmiQP/smCLKD5g
djn39l5VZrhldt5WL2zct/+DWRUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTsInPN
ooI+XuJ25DgjlUHXNa+TKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODJkOWI2MTktYTZkYy00NGM0LTk1ODktZjg5ZmVmMmU2MWYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HPA
MA0GCSqGSIb3DQEBCwUAA4IBAQApcj5tw3mZZgv79EbrhpAIpfLoqNBAkPIzJcNT
HhPX9aEzJHUNgxdoPYkdJqcTQ/wWfzCVqt/KwUmjyd6YW9Y7EpBiJNBJeugWYdeT
nIF/vSsj9YBtJ6swJwDxDOO3Uzvis1sv99njftNCOq6BfKRarjSOI1H65czV3tj3
xN5U7MJWzBVP85yV6a8bVi0NTd2dO16PYQ9FnLo7sK0FhiggXsQ0fbzvxYuetVrs
DKtvsoPmkl0bFG6hXGDYsYmhSz9XheYUwDO/Aub5ZNNg9+rNpLi8gtlFZWJYIA2H
WMIbotDebexYhHuTfR8sQbLTHa8qOfOTIdHvau99Fogi9g2L
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:44 2025 by rpki-client