Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/00150ff4-0ab9-428f-ae9a-ccd9dc669cb8.roa
File: 00150ff4-0ab9-428f-ae9a-ccd9dc669cb8.roa (raw, json)
Hash identifier: lueDw9VlumoPTJAhIFcq73U9cARBYaRD6tMa8mhLc+s=
Subject key identifier: 23:EA:B6:97:FE:EF:76:12:0D:81:DD:BD:F3:C7:23:5F:36:3D:0E:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34413CACB8089B7CD117A6BE31502EC7BF3D391C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/00150ff4-0ab9-428f-ae9a-ccd9dc669cb8.roa
Signing time: Fri 26 Sep 2025 19:11:18 +0000
ROA not before: Fri 26 Sep 2025 19:11:18 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:41:3c:ac:b8:08:9b:7c:d1:17:a6:be:31:50:2e:c7:bf:3d:39:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:11:18 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=8396f44563fd8d7658beaf02c55e544b77345379b2c547ce47a06d53c6c1c2ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6a:03:d7:7b:45:12:9f:ce:ff:d0:97:3d:a4:
07:9d:53:9b:e5:00:16:82:4c:ec:82:a9:15:ee:fa:
9f:dc:dd:f5:20:3a:48:7c:f0:22:85:24:11:87:d0:
a7:fc:c7:cd:4e:af:98:1c:3d:5a:d0:e4:cf:01:c2:
fb:f9:4e:d0:70:5e:bb:c2:4c:98:e4:3a:9d:04:ee:
de:c4:63:a0:c5:fb:d3:a9:86:0e:b3:3b:51:8a:6f:
93:86:90:f9:cc:7f:3a:96:de:12:82:29:fd:da:ef:
2b:2a:74:37:1c:1e:e0:43:36:76:5e:ee:27:5c:6c:
94:ad:41:28:42:3d:3d:56:10:9f:dc:8e:ed:7d:72:
ab:ad:b9:d8:85:ef:c4:03:01:54:d7:83:88:64:02:
73:7e:e4:3b:77:c7:c7:e5:83:ff:40:d2:30:3b:c3:
a3:48:38:02:cc:f7:91:d9:43:55:99:01:f4:a5:bd:
b3:f8:dd:e0:31:af:81:df:ea:1e:29:62:51:98:c2:
d9:92:2d:d3:9e:2a:6b:71:c5:a4:8f:ee:bf:9e:be:
85:36:e8:ed:81:68:2d:47:2b:b7:c6:f4:83:d3:a7:
3e:9d:3e:71:60:eb:33:4b:2d:af:3a:f8:a2:20:ef:
d6:13:c8:98:6f:75:59:e9:81:da:29:cb:47:98:42:
8d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:EA:B6:97:FE:EF:76:12:0D:81:DD:BD:F3:C7:23:5F:36:3D:0E:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/00150ff4-0ab9-428f-ae9a-ccd9dc669cb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:6000::/40
Signature Algorithm: sha256WithRSAEncryption
25:c9:b4:ce:bf:b3:ec:0a:3f:93:ff:3d:d0:35:0a:3d:5a:0d:
6b:56:ef:44:54:af:7f:d2:5a:8a:c6:88:c0:62:02:ac:2c:c7:
a9:c6:9e:1c:3c:46:ad:8c:e2:31:78:fa:58:e3:87:a9:e0:80:
49:d1:1b:7a:b8:c1:f4:86:52:d9:50:fc:ad:bb:6b:3b:04:85:
51:43:db:d6:56:3e:2e:49:b3:d1:38:91:d1:d6:f3:cb:70:f4:
e4:ab:c4:5b:ad:2e:49:39:76:21:d6:0d:85:5a:a5:b5:c6:6c:
42:fe:6b:c8:27:87:7f:4f:ef:85:e0:66:52:27:9a:8c:7c:6a:
de:b2:9a:0b:2d:14:86:b4:06:94:fe:8d:76:52:50:35:05:67:
5b:b1:67:42:c0:75:16:09:4c:97:a4:6e:dd:14:e1:b2:96:c3:
f9:46:93:6b:10:1b:3c:87:39:16:6b:8b:0d:c9:e5:e1:6c:fe:
ec:6b:cd:63:d5:4b:5d:28:9c:65:92:5e:95:81:50:63:5c:eb:
a9:94:16:2e:87:e2:47:b2:72:96:c3:a3:4c:44:de:f6:fe:43:
53:95:d2:7f:6a:c2:0d:7b:10:cf:a6:16:78:19:d2:c1:f1:8e:
f8:83:a8:87:12:0d:e8:e8:48:54:95:57:29:ff:a3:0a:e3:c9:
fe:33:94:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNEE8rLgIm3zRF6a+MVAux789ORwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTExMThaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzOTZmNDQ1NjNmZDhkNzY1OGJlYWYwMmM1NWU1NDRiNzczNDUzNzliMmM1
NDdjZTQ3YTA2ZDUzYzZjMWMyZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtqA9d7RRKfzv/Qlz2kB51Tm+UAFoJM7IKpFe76n9zd9SA6SHzwIoUkEYfQ
p/zHzU6vmBw9WtDkzwHC+/lO0HBeu8JMmOQ6nQTu3sRjoMX706mGDrM7UYpvk4aQ
+cx/OpbeEoIp/drvKyp0Nxwe4EM2dl7uJ1xslK1BKEI9PVYQn9yO7X1yq6252IXv
xAMBVNeDiGQCc37kO3fHx+WD/0DSMDvDo0g4Asz3kdlDVZkB9KW9s/jd4DGvgd/q
HiliUZjC2ZIt054qa3HFpI/uv56+hTbo7YFoLUcrt8b0g9OnPp0+cWDrM0strzr4
oiDv1hPImG91WemB2inLR5hCjYMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQj6raX
/u92Eg2B3b3zxyNfNj0OlTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDAxNTBmZjQtMGFiOS00MjhmLWFlOWEtY2NkOWRjNjY5Y2I4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9g
MA0GCSqGSIb3DQEBCwUAA4IBAQAlybTOv7PsCj+T/z3QNQo9Wg1rVu9EVK9/0lqK
xojAYgKsLMepxp4cPEatjOIxePpY44ep4IBJ0Rt6uMH0hlLZUPytu2s7BIVRQ9vW
Vj4uSbPROJHR1vPLcPTkq8RbrS5JOXYh1g2FWqW1xmxC/mvIJ4d/T++F4GZSJ5qM
fGrespoLLRSGtAaU/o12UlA1BWdbsWdCwHUWCUyXpG7dFOGylsP5RpNrEBs8hzkW
a4sNyeXhbP7sa81j1UtdKJxlkl6VgVBjXOuplBYuh+JHsnKWw6NMRN72/kNTldJ/
asINexDPphZ4GdLB8Y74g6iHEg3o6EhUlVcp/6MK48n+M5S2
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:24 2025 by rpki-client