Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
File: 0e68fbde-eead-4e29-b902-4eed053693ac.roa (raw, json)
Hash identifier: 4c9cvOhY2iR5UtgklxyMZgEs/ZoN7N2rvEvDOUCnrrE=
Subject key identifier: 52:8F:BA:C7:D5:D9:4D:07:D5:71:79:12:82:D2:34:53:A3:19:DE:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FECC84B2ECBD3BDAF03F983B7C67791B79B1EF8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
Signing time: Fri 26 Sep 2025 20:11:20 +0000
ROA not before: Fri 26 Sep 2025 20:11:20 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:ec:c8:4b:2e:cb:d3:bd:af:03:f9:83:b7:c6:77:91:b7:9b:1e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:11:20 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=136ed45b30618d27e4b912b7e12e30a2b2d0d228577087d684675c388a4fc90c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f2:54:3c:c5:ab:70:fe:03:d5:ed:7f:de:a5:
5b:9f:49:7b:47:fa:ec:3d:5a:93:32:25:b3:a9:ce:
44:fe:7c:5c:a1:25:6a:90:73:c9:55:bf:75:2f:6c:
97:a4:b1:c1:5a:2f:61:47:ed:6d:0c:4a:35:5b:58:
eb:c3:fa:3e:7c:e9:2d:d4:c4:dc:5a:e4:bb:a2:a7:
c0:32:e7:48:70:88:98:6b:0d:20:d5:9a:39:f0:5e:
ad:62:f6:7c:65:ca:ee:2a:dd:09:87:2a:6a:15:27:
f8:93:72:cd:a3:45:21:5d:54:36:8a:44:fa:c1:13:
9f:9b:23:45:73:a0:b7:64:02:03:88:a7:b9:35:5f:
d5:3b:a8:c3:90:c3:10:f8:57:a0:2b:72:ac:5d:f9:
b1:f9:b1:47:23:29:33:68:ad:b8:8e:aa:34:fd:8e:
cf:3b:78:4e:a2:a8:75:b6:cd:3d:ca:d0:0f:9e:21:
1d:1e:af:ab:dd:81:9e:a5:2a:3a:07:83:39:1e:c3:
75:0a:6a:49:e0:f3:92:9d:8e:99:e9:4f:11:92:ea:
b4:68:e7:8e:2c:a2:b6:fe:69:14:61:2b:40:db:9f:
ca:73:98:ec:e9:f1:ea:dc:69:87:91:6b:36:23:aa:
88:36:50:72:97:0e:72:89:00:fd:54:fc:c7:26:00:
13:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:8F:BA:C7:D5:D9:4D:07:D5:71:79:12:82:D2:34:53:A3:19:DE:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/36
Signature Algorithm: sha256WithRSAEncryption
b7:c5:58:53:a2:c1:01:ad:f4:2a:4b:cf:7a:e0:01:1e:17:66:
0a:58:c2:ce:f3:e7:df:c2:e8:68:b7:aa:5f:a4:42:27:e2:0b:
88:bd:1d:3c:a0:5e:68:4d:14:d2:0e:54:ff:da:31:a5:72:61:
40:f2:20:53:18:27:b7:1e:9e:b6:c2:9a:85:17:03:51:52:61:
3b:dc:c2:d7:43:1e:9f:98:36:87:51:5b:3d:ba:9d:05:6f:1a:
11:24:6a:fa:a8:17:d6:0b:dc:a4:91:92:47:83:d7:6f:a4:dc:
7e:a7:53:04:e5:b4:fe:8f:86:9c:9c:3b:16:c6:9f:3e:3a:17:
f7:6e:f1:57:ea:c5:8f:73:2c:8a:59:49:20:19:ee:1d:98:8f:
33:a4:a3:9f:e6:ac:7d:68:e7:eb:6b:5d:86:55:66:35:df:c4:
87:7f:66:a6:9f:1a:a7:b0:ee:ca:4e:b8:59:78:ec:43:fc:b7:
b9:36:f1:d3:a6:6e:8a:33:93:75:54:09:e7:ab:b5:ca:5c:2a:
67:31:02:ca:97:0c:a8:08:3c:25:a4:ae:89:79:0f:d6:5d:dc:
5b:8b:a6:10:0d:66:40:43:5b:91:73:43:21:1e:58:2c:4c:e3:
2c:c3:71:8e:f7:06:b1:64:6e:e2:8a:b0:f0:af:d6:7b:3a:a0:
bf:90:ac:98
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb+zISy7L072vA/mDt8Z3kbebHvgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDExMjBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzNmVkNDViMzA2MThkMjdlNGI5MTJiN2UxMmUzMGEyYjJkMGQyMjg1Nzcw
ODdkNjg0Njc1YzM4OGE0ZmM5MGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXyVDzFq3D+A9Xtf96lW59Je0f67D1akzIls6nORP58XKElapBzyVW/dS9s
l6SxwVovYUftbQxKNVtY68P6PnzpLdTE3Frku6KnwDLnSHCImGsNINWaOfBerWL2
fGXK7irdCYcqahUn+JNyzaNFIV1UNopE+sETn5sjRXOgt2QCA4inuTVf1Tuow5DD
EPhXoCtyrF35sfmxRyMpM2ituI6qNP2Ozzt4TqKodbbNPcrQD54hHR6vq92BnqUq
OgeDOR7DdQpqSeDzkp2OmelPEZLqtGjnjiyitv5pFGErQNufynOY7Onx6txph5Fr
NiOqiDZQcpcOcokA/VT8xyYAE+0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRSj7rH
1dlNB9VxeRKC0jRToxneGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGU2OGZiZGUtZWVhZC00ZTI5LWI5MDItNGVlZDA1MzY5M2FjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQC3xVhTosEBrfQqS8964AEeF2YKWMLO8+ffwuho
t6pfpEIn4guIvR08oF5oTRTSDlT/2jGlcmFA8iBTGCe3Hp62wpqFFwNRUmE73MLX
Qx6fmDaHUVs9up0FbxoRJGr6qBfWC9ykkZJHg9dvpNx+p1ME5bT+j4acnDsWxp8+
Ohf3bvFX6sWPcyyKWUkgGe4dmI8zpKOf5qx9aOfra12GVWY138SHf2amnxqnsO7K
TrhZeOxD/Le5NvHTpm6KM5N1VAnnq7XKXCpnMQLKlwyoCDwlpK6JeQ/WXdxbi6YQ
DWZAQ1uRc0MhHlgsTOMsw3GO9waxZG7iirDwr9Z7OqC/kKyY
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:10 2025 by rpki-client