Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06687a2b-ee77-4de7-8e26-b9ef155c2fbd.roa
File: 06687a2b-ee77-4de7-8e26-b9ef155c2fbd.roa (raw, json)
Hash identifier: t/H7tcRtmbEczY+JZgKBBwE5G6evkm4qdUElmrDQzTs=
Subject key identifier: 26:A4:0C:17:28:00:E0:98:F0:F8:6C:97:51:56:DE:E8:65:02:7F:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34ABB774732995481B6A51676389777B1B6BD012
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06687a2b-ee77-4de7-8e26-b9ef155c2fbd.roa
Signing time: Mon 06 Oct 2025 17:50:32 +0000
ROA not before: Mon 06 Oct 2025 17:50:32 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:ab:b7:74:73:29:95:48:1b:6a:51:67:63:89:77:7b:1b:6b:d0:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:50:32 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=994b735e0004dd82edf1e03f6c926ea9a6d91750c5130f5eacdf99349e94b2be, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:60:24:80:77:28:37:fd:8b:e1:88:8b:63:3c:
9d:95:38:81:75:f1:89:b8:8a:90:c3:83:b1:55:e6:
12:b0:e0:08:81:47:b9:ec:10:43:aa:2f:53:b6:b0:
98:20:ac:4f:e3:39:02:b2:7b:9c:d8:ba:35:a8:cc:
99:0d:61:17:75:5c:b9:60:99:03:4f:aa:a3:91:31:
9c:4a:93:41:8b:49:dc:19:ea:72:07:17:92:46:4c:
37:93:96:11:e3:fd:62:b1:34:9f:af:75:7e:1a:42:
42:1d:e0:a5:40:70:a0:63:04:8a:91:8c:0a:8c:ce:
1e:b8:84:15:d4:bd:41:4d:1f:e5:b9:22:49:be:4b:
83:76:6a:10:cf:40:07:ec:1d:24:26:00:7b:91:e3:
3b:84:ac:4a:a4:26:7b:88:92:f2:ba:f6:9f:00:7b:
e2:75:1e:0d:1b:14:70:76:55:7d:c2:85:27:ff:fe:
8f:70:cc:3c:76:a9:b0:4d:b9:99:76:33:51:d0:99:
1d:19:27:49:41:37:6c:a7:8b:56:41:a2:d8:ff:a0:
75:cd:d9:06:b5:7f:34:b2:84:e1:5d:05:4d:03:de:
7b:66:cc:6f:2c:86:22:05:ae:bb:61:04:28:37:ab:
8c:e9:3a:1f:f2:f8:7d:26:d9:2d:00:45:d1:6a:a8:
2b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:A4:0C:17:28:00:E0:98:F0:F8:6C:97:51:56:DE:E8:65:02:7F:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06687a2b-ee77-4de7-8e26-b9ef155c2fbd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:c080::/48
Signature Algorithm: sha256WithRSAEncryption
22:77:ae:68:e1:e2:ce:fc:f3:e2:b0:23:12:fa:a6:6d:f4:26:
ad:e7:b2:69:89:a2:15:a6:00:6b:53:35:f1:b4:86:06:1c:5e:
22:22:6a:1c:cc:c9:77:cc:e9:2c:eb:00:2b:77:6f:51:cb:a8:
c8:66:fe:23:0a:ff:70:e1:86:83:fa:1c:fd:99:32:74:7f:9a:
62:62:7c:08:82:6a:96:d8:0c:95:a8:33:ee:75:51:c9:87:c2:
62:74:5f:6c:f2:33:77:df:ec:dd:ef:13:98:d7:c4:c4:14:fb:
c0:91:da:fb:e8:48:19:37:54:63:e5:0a:bc:c5:9a:eb:80:49:
5d:1c:78:2d:de:b4:4f:46:19:81:94:0b:2e:68:49:77:70:52:
41:0e:a3:6d:8f:00:79:72:0d:7d:f0:3b:bf:b0:92:17:b8:31:
ac:e5:6c:79:b3:95:98:bd:1b:93:50:41:bf:be:cd:48:00:43:
b1:07:63:13:90:fa:e3:ab:20:5b:48:b2:98:9f:04:16:26:e4:
28:db:38:ab:d5:de:9d:fe:05:35:24:ae:30:87:67:20:cd:b6:
e4:fa:ab:9c:19:a4:b8:36:06:27:fd:ed:03:bd:02:ef:0e:d5:
b2:17:af:8a:51:19:07:8b:1c:90:87:55:74:88:77:b6:4b:6c:
ce:fc:66:cd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNKu3dHMplUgbalFnY4l3extr0BIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUwMzJaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5NGI3MzVlMDAwNGRkODJlZGYxZTAzZjZjOTI2ZWE5YTZkOTE3NTBjNTEz
MGY1ZWFjZGY5OTM0OWU5NGIyYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO5gJIB3KDf9i+GIi2M8nZU4gXXxibiKkMODsVXmErDgCIFHuewQQ6ovU7aw
mCCsT+M5ArJ7nNi6NajMmQ1hF3VcuWCZA0+qo5ExnEqTQYtJ3BnqcgcXkkZMN5OW
EeP9YrE0n691fhpCQh3gpUBwoGMEipGMCozOHriEFdS9QU0f5bkiSb5Lg3ZqEM9A
B+wdJCYAe5HjO4SsSqQme4iS8rr2nwB74nUeDRsUcHZVfcKFJ//+j3DMPHapsE25
mXYzUdCZHRknSUE3bKeLVkGi2P+gdc3ZBrV/NLKE4V0FTQPee2bMbyyGIgWuu2EE
KDerjOk6H/L4fSbZLQBF0WqoK8cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQmpAwX
KADgmPD4bJdRVt7oZQJ/DjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDY2ODdhMmItZWU3Ny00ZGU3LThlMjYtYjllZjE1NWMyZmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H3A
gDANBgkqhkiG9w0BAQsFAAOCAQEAIneuaOHizvzz4rAjEvqmbfQmreeyaYmiFaYA
a1M18bSGBhxeIiJqHMzJd8zpLOsAK3dvUcuoyGb+Iwr/cOGGg/oc/ZkydH+aYmJ8
CIJqltgMlagz7nVRyYfCYnRfbPIzd9/s3e8TmNfExBT7wJHa++hIGTdUY+UKvMWa
64BJXRx4Ld60T0YZgZQLLmhJd3BSQQ6jbY8AeXINffA7v7CSF7gxrOVsebOVmL0b
k1BBv77NSABDsQdjE5D646sgW0iymJ8EFibkKNs4q9Xenf4FNSSuMIdnIM225Pqr
nBmkuDYGJ/3tA70C7w7VshevilEZB4sckIdVdIh3tktszvxmzQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:29 2025 by rpki-client