Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
File: 0cadec3e-a35e-4321-b172-825de7a521d7.roa (raw, json)
Hash identifier: 18EgZvtXa8z7HPFcryhDOEPW3V1yPyIUhNA0oAGnZuU=
Subject key identifier: 68:78:DC:F5:32:B0:CD:82:52:18:21:7F:2E:18:1E:92:96:02:36:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 681EB3D1BC3ACC1A0D74108D822395A90C100F4C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
Signing time: Fri 26 Sep 2025 18:41:08 +0000
ROA not before: Fri 26 Sep 2025 18:41:08 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:1e:b3:d1:bc:3a:cc:1a:0d:74:10:8d:82:23:95:a9:0c:10:0f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:41:08 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=2e157c6223fb0885a18f5eb6d04c849bb415458fb60a8b5a4198d07af107735c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:93:fb:a2:5b:12:a5:f9:34:0a:bb:20:ca:8b:
05:e5:04:02:ac:db:24:cf:4c:87:e2:e6:fe:9f:28:
76:74:ac:b1:eb:e0:e0:4d:cb:d1:d4:9a:76:12:2b:
2e:7c:de:92:52:53:13:bf:5b:b6:f6:e4:f8:e9:da:
8f:d0:31:17:47:4e:29:f0:b7:51:ca:15:96:93:37:
45:0d:04:47:53:f9:68:ab:92:b6:6a:20:74:09:69:
aa:fa:17:39:de:7a:d9:16:93:ad:e0:03:e5:70:41:
83:38:9d:8c:2a:fd:f4:4c:d6:a4:4e:c0:93:63:30:
0a:93:b2:59:32:9b:19:ee:14:4d:ad:a1:b1:8d:64:
dc:90:a9:59:f5:9a:cc:d8:86:e8:76:a1:8d:c9:6e:
49:60:07:27:ea:d4:fe:4b:5d:6e:29:e4:e3:24:3e:
49:1f:2f:5d:2b:ac:9d:83:ad:eb:d1:7d:2e:37:02:
34:bb:d6:79:59:3d:88:08:73:37:f8:2d:47:19:fb:
52:ce:70:ce:e8:e3:38:b5:bb:c3:09:e3:59:9c:ba:
bb:17:e4:00:38:c1:34:05:02:b6:73:ed:25:9d:40:
44:16:04:d0:b0:61:77:c0:ff:48:d9:11:b1:63:1f:
69:2e:95:7d:2f:66:f7:cd:71:31:60:29:27:17:88:
6b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:78:DC:F5:32:B0:CD:82:52:18:21:7F:2E:18:1E:92:96:02:36:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
87:6f:88:9d:77:58:45:eb:d5:79:1f:8a:c8:3b:94:b9:13:1e:
b5:8b:93:64:78:94:c4:c6:6f:cf:02:20:b0:bd:a7:d7:c0:8e:
b8:2a:b7:10:56:dc:66:b1:17:d1:16:d5:33:59:5e:92:b9:56:
2c:db:ab:64:7d:74:76:34:61:6e:3d:6d:3c:67:63:5e:36:27:
1a:a9:b5:1a:a7:e8:34:5d:9d:29:3d:2a:b1:36:ce:2a:4a:c1:
09:e0:3e:6e:ef:62:c1:4f:c9:fb:4e:d7:34:ea:ee:e3:1f:97:
46:78:c3:60:8b:31:df:b6:df:69:76:4d:56:14:66:30:aa:52:
89:e6:83:92:f3:f3:d3:19:5e:0e:25:f4:29:4f:81:18:8d:b8:
cc:de:9a:a1:a4:0d:5c:43:ed:05:67:68:b2:f1:20:f9:06:a6:
89:23:d2:73:df:53:7e:cd:b2:83:28:da:7f:38:0f:33:52:97:
06:56:97:d8:dc:5d:cd:09:62:27:80:6a:15:31:10:70:49:cc:
06:84:85:6a:a2:c3:78:c7:be:18:e5:f0:db:44:16:b7:76:ab:
a5:4f:1d:20:fe:94:34:a2:92:1e:df:3b:fc:2f:dc:9c:5d:a8:
eb:03:e3:cc:0b:f7:b9:96:5e:2a:33:2f:36:d9:70:0a:0d:bf:
a2:8c:e0:84
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaB6z0bw6zBoNdBCNgiOVqQwQD0wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODQxMDhaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlMTU3YzYyMjNmYjA4ODVhMThmNWViNmQwNGM4NDliYjQxNTQ1OGZiNjBh
OGI1YTQxOThkMDdhZjEwNzczNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJiT+6JbEqX5NAq7IMqLBeUEAqzbJM9Mh+Lm/p8odnSssevg4E3L0dSadhIr
LnzeklJTE79btvbk+Onaj9AxF0dOKfC3UcoVlpM3RQ0ER1P5aKuStmogdAlpqvoX
Od562RaTreAD5XBBgzidjCr99EzWpE7Ak2MwCpOyWTKbGe4UTa2hsY1k3JCpWfWa
zNiG6HahjcluSWAHJ+rU/ktdbink4yQ+SR8vXSusnYOt69F9LjcCNLvWeVk9iAhz
N/gtRxn7Us5wzujjOLW7wwnjWZy6uxfkADjBNAUCtnPtJZ1ARBYE0LBhd8D/SNkR
sWMfaS6VfS9m981xMWApJxeIaw8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRoeNz1
MrDNglIYIX8uGB6SlgI2/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGNhZGVjM2UtYTM1ZS00MzIxLWIxNzItODI1ZGU3YTUyMWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAh2+InXdYRevVeR+KyDuUuRMetYuTZHiUxMZv
zwIgsL2n18COuCq3EFbcZrEX0RbVM1lekrlWLNurZH10djRhbj1tPGdjXjYnGqm1
GqfoNF2dKT0qsTbOKkrBCeA+bu9iwU/J+07XNOru4x+XRnjDYIsx37bfaXZNVhRm
MKpSieaDkvPz0xleDiX0KU+BGI24zN6aoaQNXEPtBWdosvEg+QamiSPSc99Tfs2y
gyjafzgPM1KXBlaX2NxdzQliJ4BqFTEQcEnMBoSFaqLDeMe+GOXw20QWt3arpU8d
IP6UNKKSHt87/C/cnF2o6wPjzAv3uZZeKjMvNtlwCg2/oozghA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:44 2025 by rpki-client