Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
File: 0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa (raw, json)
Hash identifier: CBhAttaojUCbr8vw3tK1/E0oWw2FNBGjOxzRphY6Lrw=
Subject key identifier: AF:8D:DB:69:B8:88:B9:94:77:4A:ED:34:8D:31:FB:6B:AF:6B:E5:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35F49C6297DFA1CAEF6450F6A820F49C1682F930
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
Signing time: Fri 26 Sep 2025 20:10:09 +0000
ROA not before: Fri 26 Sep 2025 20:10:09 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:f4:9c:62:97:df:a1:ca:ef:64:50:f6:a8:20:f4:9c:16:82:f9:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:10:09 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=e4b6a25162ab019fabb8221443ed887467328a0985bd15a467721c0603e287c2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:eb:7c:b8:69:09:32:d1:e0:ed:37:a2:54:3c:
56:fa:3e:bc:03:d6:b2:c6:0b:a2:a9:a0:dc:d5:29:
99:34:3f:4c:69:3b:5b:a7:47:d9:79:51:4f:d6:3d:
fa:af:b2:39:d9:f1:07:62:5d:3b:1a:1b:8a:d4:fe:
10:3b:df:57:9d:d9:77:25:e5:e8:5f:6e:56:83:56:
61:aa:c7:a3:46:9d:1b:d5:18:a0:fc:b9:d1:a7:af:
88:6f:7a:b8:df:ac:f0:7f:e3:ba:00:84:6c:be:6f:
05:85:33:ac:52:f4:b7:c5:d6:dc:4f:e0:e9:e7:43:
c5:52:2b:af:ec:14:e7:bd:4c:b2:32:6a:a4:c9:2b:
91:71:eb:7e:c8:ec:aa:4e:75:cb:44:88:99:e9:de:
1f:9c:d5:da:54:a9:9d:1a:a6:d6:3d:50:3e:57:13:
24:da:e4:bc:1e:21:af:44:bb:f9:a6:d9:6b:89:45:
37:80:12:9a:57:7f:3a:58:a5:db:63:88:85:cd:42:
f3:2a:21:e2:f4:68:cc:60:eb:ff:67:a6:44:b2:6e:
6b:cf:43:21:86:ce:4a:8c:d6:b9:5d:13:03:74:07:
c2:bc:a8:e8:2c:92:83:86:78:96:4d:71:4a:87:c0:
b0:22:12:59:90:71:79:e7:10:47:4f:f6:34:cf:8c:
0b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:8D:DB:69:B8:88:B9:94:77:4A:ED:34:8D:31:FB:6B:AF:6B:E5:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:1000::/36
Signature Algorithm: sha256WithRSAEncryption
35:47:5a:52:6d:24:4d:8a:2e:a6:c7:4f:8a:61:c3:46:44:e9:
92:4a:8b:d7:e2:aa:b5:33:9e:3d:8b:49:17:c9:9f:f5:0d:a7:
f4:03:37:26:b6:cd:0a:31:2c:da:54:11:1a:d0:08:8e:99:fe:
2c:f5:16:5c:53:f9:5f:6f:36:2a:3c:ef:7f:1a:66:8b:57:f9:
78:f2:25:6a:70:09:3e:73:a7:4f:2e:2b:a9:2b:f0:fd:b8:d2:
b4:4d:62:64:e9:bc:2f:e5:5b:be:dc:ca:ef:ce:5d:f8:71:42:
d1:2d:85:c5:90:5b:6b:8b:cd:49:1d:44:14:b6:88:da:ea:66:
fd:b3:d7:f4:9a:d8:8d:3a:2c:3d:c7:16:68:1c:a2:3c:10:96:
6f:0a:3d:8c:c4:22:63:8e:fc:cd:a1:b2:bf:f5:90:42:20:92:
91:54:0e:8f:92:3d:9f:f1:a8:6a:61:8a:89:92:34:79:73:a6:
0c:f5:31:11:9c:33:be:f1:d5:a6:a7:2c:9b:57:f3:ab:f8:4f:
20:83:5a:1a:bc:e7:7e:4f:b4:ca:03:e9:b2:84:35:8d:0d:94:
a2:46:ab:c4:4f:f0:16:62:2a:70:ef:1e:38:55:f6:63:1d:ab:
ca:a0:93:ff:2c:4b:a8:9f:4d:bd:60:44:30:bb:4f:b8:3c:52:
41:e8:bc:20
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNfScYpffocrvZFD2qCD0nBaC+TAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDEwMDlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0YjZhMjUxNjJhYjAxOWZhYmI4MjIxNDQzZWQ4ODc0NjczMjhhMDk4NWJk
MTVhNDY3NzIxYzA2MDNlMjg3YzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvrfLhpCTLR4O03olQ8Vvo+vAPWssYLoqmg3NUpmTQ/TGk7W6dH2XlRT9Y9
+q+yOdnxB2JdOxobitT+EDvfV53ZdyXl6F9uVoNWYarHo0adG9UYoPy50aeviG96
uN+s8H/jugCEbL5vBYUzrFL0t8XW3E/g6edDxVIrr+wU571MsjJqpMkrkXHrfsjs
qk51y0SImeneH5zV2lSpnRqm1j1QPlcTJNrkvB4hr0S7+abZa4lFN4ASmld/Olil
22OIhc1C8yoh4vRozGDr/2emRLJua89DIYbOSozWuV0TA3QHwryo6CySg4Z4lk1x
SofAsCISWZBxeecQR0/2NM+MC+cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSvjdtp
uIi5lHdK7TSNMftrr2vlRDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGJmNmNlZjgtOGM2MC00YTBlLTg5MzItY2ZkYTY0OGQyNzcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA1R1pSbSRNii6mx0+KYcNGROmSSovX4qq1M549
i0kXyZ/1Daf0Azcmts0KMSzaVBEa0AiOmf4s9RZcU/lfbzYqPO9/GmaLV/l48iVq
cAk+c6dPLiupK/D9uNK0TWJk6bwv5Vu+3Mrvzl34cULRLYXFkFtri81JHUQUtoja
6mb9s9f0mtiNOiw9xxZoHKI8EJZvCj2MxCJjjvzNobK/9ZBCIJKRVA6Pkj2f8ahq
YYqJkjR5c6YM9TERnDO+8dWmpyybV/Or+E8gg1oavOd+T7TKA+myhDWNDZSiRqvE
T/AWYipw7x44VfZjHavKoJP/LEuon029YEQwu0+4PFJB6Lwg
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:19:00 2025 by rpki-client