Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fdd7c59-0cd8-4088-8ea7-e702d2a863c2.roa
File: 0fdd7c59-0cd8-4088-8ea7-e702d2a863c2.roa (raw, json)
Hash identifier: qrjDl4HM4xv2Zo/d+mUFBgKhPbFMRFDtxFNpcrVA5Pw=
Subject key identifier: 57:19:60:11:32:FD:E0:D3:7B:A5:79:FF:1A:9F:A7:8A:87:EC:94:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43CFE7B5237DCE9EA6B14E9399AF16570E8E4242
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fdd7c59-0cd8-4088-8ea7-e702d2a863c2.roa
Signing time: Mon 06 Oct 2025 17:50:05 +0000
ROA not before: Mon 06 Oct 2025 17:50:05 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:cf:e7:b5:23:7d:ce:9e:a6:b1:4e:93:99:af:16:57:0e:8e:42:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:50:05 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=51ff664fb40fecd9bdbf030a80191cb0116d7d23b8f06c4549fd8f0fe18fa49a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d2:cb:6a:b9:15:b4:7d:56:cc:bd:8e:f6:d0:
2f:96:76:0a:68:94:1c:c6:98:df:b0:bc:ab:b7:56:
d7:63:06:4b:8e:9a:61:ae:6c:87:c1:cb:fe:70:2c:
d1:20:44:e8:19:c9:b7:d6:24:0d:ed:4a:28:8d:e4:
43:5d:b7:b9:ec:c2:7f:7c:eb:72:d8:3f:34:42:05:
89:28:28:be:79:10:08:e8:51:f8:e2:84:05:7b:33:
e4:7a:ab:a5:c2:21:fd:27:fa:10:47:e3:5a:d9:af:
0b:6d:e4:60:f9:ea:6b:df:e0:cc:e3:b4:1d:a7:c8:
ee:63:15:a8:b6:23:1c:7b:21:a5:e4:48:53:54:b7:
c3:f4:8f:ca:7e:ee:4f:ee:fb:9c:2b:f5:b0:f8:9a:
1f:5c:7f:a6:44:e5:32:0c:fe:df:a3:37:d7:f8:a1:
ea:36:28:77:ae:f7:0b:35:39:e5:f0:90:7f:ae:7a:
48:24:c9:b7:db:36:10:9f:2b:98:5b:63:7d:b0:1b:
14:b8:3f:ec:99:9c:14:74:20:3b:d7:3d:01:32:43:
94:53:80:8b:e7:e6:52:ee:9e:75:d7:4d:70:63:34:
b9:1f:75:33:ca:ac:6c:a0:53:4c:0d:43:6e:fd:82:
54:fd:86:c2:af:3a:1f:ed:1f:3a:4b:ba:fd:b4:9d:
cc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:19:60:11:32:FD:E0:D3:7B:A5:79:FF:1A:9F:A7:8A:87:EC:94:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fdd7c59-0cd8-4088-8ea7-e702d2a863c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
bb:ef:7a:9a:44:fa:43:97:1d:0c:51:1d:d3:12:df:2b:b1:3d:
07:56:5f:cd:98:aa:85:e2:43:32:c2:68:cf:7f:25:8a:6c:bf:
78:4a:24:11:00:4a:03:ef:af:a6:a7:b7:0c:0a:2f:28:0a:d3:
e1:ac:d8:16:f7:0f:00:66:b0:d6:90:68:ad:9f:8f:11:b4:17:
71:c0:6d:61:54:17:b9:5b:61:e2:08:e1:6b:ee:91:87:a1:83:
95:cb:b8:0c:41:2d:6d:9b:2b:d5:03:d5:67:90:3e:f7:8d:8e:
94:dd:c0:0a:23:57:05:6d:60:bf:e3:26:99:8a:ae:a9:3f:d7:
8a:2a:91:e8:9a:56:78:0b:98:06:47:e9:7f:22:50:9d:9c:49:
a5:e9:99:ae:2e:02:0b:28:0f:ab:06:69:6c:8a:a8:6f:df:8a:
70:67:0e:38:73:49:bb:b7:52:c3:40:94:09:eb:20:4c:b5:3b:
b5:00:48:67:6c:68:1b:37:8c:1f:12:99:5e:cf:9a:7b:45:41:
7d:3a:ef:3a:01:9b:86:40:57:4e:ef:fc:08:2f:3e:76:94:77:
f6:d2:35:ce:be:a3:bf:3a:0e:dd:81:e9:2e:8c:81:81:7a:1b:
6d:a2:dd:c3:20:f5:11:0d:4f:5e:dc:1f:bf:04:8c:1b:4c:75:
b0:48:83:da
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQ8/ntSN9zp6msU6Tma8WVw6OQkIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUwMDVaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxZmY2NjRmYjQwZmVjZDliZGJmMDMwYTgwMTkxY2IwMTE2ZDdkMjNiOGYw
NmM0NTQ5ZmQ4ZjBmZTE4ZmE0OWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbSy2q5FbR9Vsy9jvbQL5Z2CmiUHMaY37C8q7dW12MGS46aYa5sh8HL/nAs
0SBE6BnJt9YkDe1KKI3kQ123uezCf3zrctg/NEIFiSgovnkQCOhR+OKEBXsz5Hqr
pcIh/Sf6EEfjWtmvC23kYPnqa9/gzOO0HafI7mMVqLYjHHshpeRIU1S3w/SPyn7u
T+77nCv1sPiaH1x/pkTlMgz+36M31/ih6jYod673CzU55fCQf656SCTJt9s2EJ8r
mFtjfbAbFLg/7JmcFHQgO9c9ATJDlFOAi+fmUu6edddNcGM0uR91M8qsbKBTTA1D
bv2CVP2Gwq86H+0fOku6/bSdzE0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRXGWAR
Mv3g03ulef8an6eKh+yUczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGZkZDdjNTktMGNkOC00MDg4LThlYTctZTcwMmQyYTg2M2MyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H2Q
wDANBgkqhkiG9w0BAQsFAAOCAQEAu+96mkT6Q5cdDFEd0xLfK7E9B1ZfzZiqheJD
MsJoz38limy/eEokEQBKA++vpqe3DAovKArT4azYFvcPAGaw1pBorZ+PEbQXccBt
YVQXuVth4gjha+6Rh6GDlcu4DEEtbZsr1QPVZ5A+942OlN3ACiNXBW1gv+MmmYqu
qT/XiiqR6JpWeAuYBkfpfyJQnZxJpemZri4CCygPqwZpbIqob9+KcGcOOHNJu7dS
w0CUCesgTLU7tQBIZ2xoGzeMHxKZXs+ae0VBfTrvOgGbhkBXTu/8CC8+dpR39tI1
zr6jvzoO3YHpLoyBgXobbaLdwyD1EQ1PXtwfvwSMG0x1sEiD2g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:12:53 2025 by rpki-client