Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
File: 0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa (raw, json)
Hash identifier: IA9p5i0VKxuUVjqbpGN0Tz43ML9O2brN4XFRHGGgI4E=
Subject key identifier: 86:C8:5A:BC:20:DF:9C:4C:82:A2:CB:B5:23:7C:1A:FB:A5:F2:A5:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7950D1BD7CB3CBADDABE6026291462ADCC92DB29
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
Signing time: Sat 27 Sep 2025 00:53:29 +0000
ROA not before: Sat 27 Sep 2025 00:53:29 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:50:d1:bd:7c:b3:cb:ad:da:be:60:26:29:14:62:ad:cc:92:db:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 27 00:53:29 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=bc90297a899e711a15c59461253d321e7336ef647814b89d9d05cb0a008b3d9d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:10:1d:40:c2:eb:d0:c5:e1:49:d5:fc:be:ad:
65:e5:1c:f6:de:81:36:ef:16:a8:2d:73:5b:26:f5:
b0:57:72:ef:2a:6c:ac:ae:1b:c9:75:4e:ad:c1:a0:
aa:8e:4c:c3:bf:f5:10:32:2f:c7:aa:09:31:4b:b4:
6e:eb:be:de:dd:03:08:47:d3:77:20:eb:48:3e:ce:
f4:36:a9:c9:64:97:f6:06:ba:cd:59:47:43:c9:b7:
54:8e:1a:62:d5:f0:52:c5:21:fc:1f:9c:b7:0b:f2:
61:c2:e2:e8:ea:8d:e5:2f:a1:1c:6d:ff:a7:de:81:
4b:81:45:cc:be:b1:33:21:ff:ef:43:74:a4:58:22:
47:95:80:d7:75:87:9a:1b:bd:af:bb:5e:9e:0b:27:
43:38:ae:58:7f:88:25:05:b8:3c:b7:38:0a:61:e4:
11:dd:3d:1f:91:61:77:c2:15:9c:ff:4f:1f:3a:33:
e5:ea:64:46:6b:d3:b6:5e:b5:14:fb:60:65:a1:2e:
ba:17:c5:39:28:81:39:c9:f7:e2:eb:2b:fc:98:53:
90:9a:c0:45:bd:45:85:4e:e8:67:28:a1:b7:9f:65:
24:cd:c1:59:a9:a5:36:8e:bd:75:0b:39:7c:47:07:
16:ce:38:2a:b7:0b:0a:16:43:57:b6:65:74:ab:78:
ad:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C8:5A:BC:20:DF:9C:4C:82:A2:CB:B5:23:7C:1A:FB:A5:F2:A5:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1400::/38
Signature Algorithm: sha256WithRSAEncryption
52:d7:02:7e:06:4b:70:28:2d:a5:12:26:8f:a5:7a:f7:88:1d:
ca:66:d0:99:18:94:9a:4e:91:97:99:34:72:7a:2e:3f:19:54:
5c:fc:e7:63:f7:a1:31:82:3b:4e:af:eb:c5:4e:5a:34:0f:99:
57:2d:15:0f:ad:14:88:ec:60:dd:8c:dd:44:60:af:fb:41:6d:
61:8a:40:02:d0:64:5f:28:db:34:e9:21:d9:41:44:97:03:87:
f6:26:28:86:99:65:e6:5e:80:b1:34:39:ab:d4:0f:1b:b0:55:
bb:12:29:d5:85:cb:9b:7f:61:f7:72:0d:06:cf:24:a5:16:7e:
e3:fb:e9:28:5b:93:96:06:8f:3f:e5:06:1d:99:66:83:05:03:
c5:88:34:b9:89:c7:db:b7:f4:2b:e4:be:60:c9:63:62:60:7a:
ee:2a:ca:2b:2c:ef:09:74:5a:2c:88:37:66:20:3c:7c:d1:2d:
e4:74:15:06:b1:ba:94:ea:c3:64:23:30:85:73:28:19:dd:cf:
52:06:35:23:b1:42:75:a8:85:42:8e:9d:ba:7e:4d:63:5c:9d:
77:b8:e1:88:3e:28:96:5d:0e:a0:72:e4:92:52:5d:da:09:87:
34:11:4f:0c:bd:7b:fb:a0:1f:a1:d8:93:b3:e1:ef:df:4c:e8:
1c:cd:f6:99
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeVDRvXyzy63avmAmKRRircyS2ykwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjcwMDUzMjlaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjOTAyOTdhODk5ZTcxMWExNWM1OTQ2MTI1M2QzMjFlNzMzNmVmNjQ3ODE0
Yjg5ZDlkMDVjYjBhMDA4YjNkOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMoQHUDC69DF4UnV/L6tZeUc9t6BNu8WqC1zWyb1sFdy7ypsrK4byXVOrcGg
qo5Mw7/1EDIvx6oJMUu0buu+3t0DCEfTdyDrSD7O9DapyWSX9ga6zVlHQ8m3VI4a
YtXwUsUh/B+ctwvyYcLi6OqN5S+hHG3/p96BS4FFzL6xMyH/70N0pFgiR5WA13WH
mhu9r7tengsnQziuWH+IJQW4PLc4CmHkEd09H5Fhd8IVnP9PHzoz5epkRmvTtl61
FPtgZaEuuhfFOSiBOcn34usr/JhTkJrARb1FhU7oZyiht59lJM3BWamlNo69dQs5
fEcHFs44KrcLChZDV7ZldKt4rR0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSGyFq8
IN+cTIKiy7UjfBr7pfKlVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGZlMjc5Y2YtYjU1Zi00ZDk2LTk5NTgtZWMzZWNkNjRiMGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQU
MA0GCSqGSIb3DQEBCwUAA4IBAQBS1wJ+BktwKC2lEiaPpXr3iB3KZtCZGJSaTpGX
mTRyei4/GVRc/Odj96ExgjtOr+vFTlo0D5lXLRUPrRSI7GDdjN1EYK/7QW1hikAC
0GRfKNs06SHZQUSXA4f2JiiGmWXmXoCxNDmr1A8bsFW7EinVhcubf2H3cg0GzySl
Fn7j++koW5OWBo8/5QYdmWaDBQPFiDS5icfbt/Qr5L5gyWNiYHruKsorLO8JdFos
iDdmIDx80S3kdBUGsbqU6sNkIzCFcygZ3c9SBjUjsUJ1qIVCjp26fk1jXJ13uOGI
PiiWXQ6gcuSSUl3aCYc0EU8MvXv7oB+h2JOz4e/fTOgczfaZ
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:46 2025 by rpki-client