Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12fa0094-3721-4a61-a72f-8cdeff5e5f37.roa
File: 12fa0094-3721-4a61-a72f-8cdeff5e5f37.roa (raw, json)
Hash identifier: xyxWUWXSu4v8VA8E5EK+UOOkmWzILQkYzt0tgVdUWY8=
Subject key identifier: 24:3B:B0:F8:35:6E:3D:FB:82:D5:2D:36:1E:2B:DA:3F:98:DE:F9:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63188F681528BD9276537F4C6629D6824F523C46
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12fa0094-3721-4a61-a72f-8cdeff5e5f37.roa
Signing time: Fri 26 Sep 2025 18:20:03 +0000
ROA not before: Fri 26 Sep 2025 18:20:03 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:18:8f:68:15:28:bd:92:76:53:7f:4c:66:29:d6:82:4f:52:3c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:20:03 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=1c5efcccb3957cdf7e43db2aa59b805a34541c4328f87783af0f06b309effd1b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:54:27:52:c4:e8:0b:95:f0:48:0d:17:4a:95:
38:24:06:89:e1:6e:21:b1:e0:e6:06:79:0e:60:de:
96:5b:60:91:d8:6c:a9:2a:d9:45:8e:9c:a7:44:8d:
30:24:f4:a6:04:61:62:32:3d:49:22:d0:48:9b:a3:
16:20:5f:97:58:1f:50:f0:ae:94:80:72:78:f0:0b:
4e:19:d4:a2:86:e9:e8:68:1a:f0:68:70:23:3c:56:
8c:76:a3:d1:58:6e:1d:d8:d8:68:d4:52:d8:5a:19:
9f:a6:16:cc:bd:96:fb:75:3b:f7:4d:48:52:b5:95:
0f:af:9c:f6:b6:e6:fe:e4:5f:b5:0a:a6:62:67:f8:
0f:ea:3a:95:14:31:fc:44:cd:e8:13:12:8d:1c:b5:
31:a0:f6:07:b5:77:96:aa:0e:7f:69:85:0c:24:a8:
f0:0e:24:bd:80:e5:ab:2e:b2:3f:9e:27:6c:b9:b6:
e1:a1:ea:8d:63:1f:40:df:ac:9e:77:f3:be:2a:01:
1f:97:1f:f8:85:d2:be:f6:5c:3e:47:9d:be:10:0a:
13:9f:34:61:65:17:fb:83:49:61:47:11:b5:51:db:
98:0c:10:3b:6a:8f:da:db:09:a9:a2:e9:fb:bf:7d:
3a:0f:14:d0:3c:74:fe:d2:09:42:ea:a0:30:ff:d9:
92:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:3B:B0:F8:35:6E:3D:FB:82:D5:2D:36:1E:2B:DA:3F:98:DE:F9:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12fa0094-3721-4a61-a72f-8cdeff5e5f37.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80b0::/48
Signature Algorithm: sha256WithRSAEncryption
8a:de:2f:94:a2:2e:a7:13:0e:c1:51:c9:fc:77:a8:84:ce:1f:
d0:41:b0:45:8b:fa:56:e5:63:6f:11:23:7c:35:58:c8:87:5d:
41:cd:c0:6a:a2:15:46:60:64:e2:ea:f5:b8:ec:5d:52:5e:a7:
39:bc:2e:12:a1:fa:d2:af:54:90:57:52:c0:f1:6f:40:61:03:
03:cd:6c:bf:c6:b9:61:82:62:a9:72:d4:1a:61:7f:12:a8:e2:
b3:5e:e2:dc:60:92:f1:1d:fc:ee:6d:f3:67:b2:e5:d1:36:dc:
69:a9:79:9c:df:5e:bd:ee:de:b0:7c:de:b8:9e:59:fd:ee:b2:
cd:d8:c3:52:7f:c7:f4:f8:8a:d2:94:af:f6:f2:64:0c:e2:ee:
df:7b:f9:f3:16:b9:4c:c9:9b:f0:6a:34:80:ea:59:b7:93:73:
f4:b8:eb:2f:91:fb:0a:d7:2f:c4:fd:32:43:e3:bb:62:d0:f1:
cf:04:50:e0:1c:73:b2:5d:67:23:90:4d:e6:bf:30:90:c8:95:
80:84:bd:56:00:da:ae:b2:72:80:70:23:36:6d:f0:25:57:d9:
f4:99:20:15:fa:60:8b:af:33:99:26:81:fd:27:83:23:bb:ea:
c8:02:71:43:8b:31:94:63:39:35:20:25:67:5d:21:00:d1:36:
bb:d2:08:42
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYxiPaBUovZJ2U39MZinWgk9SPEYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODIwMDNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjNWVmY2NjYjM5NTdjZGY3ZTQzZGIyYWE1OWI4MDVhMzQ1NDFjNDMyOGY4
Nzc4M2FmMGYwNmIzMDllZmZkMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5UJ1LE6AuV8EgNF0qVOCQGieFuIbHg5gZ5DmDelltgkdhsqSrZRY6cp0SN
MCT0pgRhYjI9SSLQSJujFiBfl1gfUPCulIByePALThnUoobp6Gga8GhwIzxWjHaj
0VhuHdjYaNRS2FoZn6YWzL2W+3U7901IUrWVD6+c9rbm/uRftQqmYmf4D+o6lRQx
/ETN6BMSjRy1MaD2B7V3lqoOf2mFDCSo8A4kvYDlqy6yP54nbLm24aHqjWMfQN+s
nnfzvioBH5cf+IXSvvZcPkedvhAKE580YWUX+4NJYUcRtVHbmAwQO2qP2tsJqaLp
+799Og8U0Dx0/tIJQuqgMP/ZkocCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQkO7D4
NW49+4LVLTYeK9o/mN75BjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTJmYTAwOTQtMzcyMS00YTYxLWE3MmYtOGNkZWZmNWU1ZjM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
sDANBgkqhkiG9w0BAQsFAAOCAQEAit4vlKIupxMOwVHJ/HeohM4f0EGwRYv6VuVj
bxEjfDVYyIddQc3AaqIVRmBk4ur1uOxdUl6nObwuEqH60q9UkFdSwPFvQGEDA81s
v8a5YYJiqXLUGmF/Eqjis17i3GCS8R387m3zZ7Ll0Tbcaal5nN9eve7esHzeuJ5Z
/e6yzdjDUn/H9PiK0pSv9vJkDOLu33v58xa5TMmb8Go0gOpZt5Nz9LjrL5H7Ctcv
xP0yQ+O7YtDxzwRQ4Bxzsl1nI5BN5r8wkMiVgIS9VgDarrJygHAjNm3wJVfZ9Jkg
Ffpgi68zmSaB/SeDI7vqyAJxQ4sxlGM5NSAlZ10hANE2u9IIQg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:14 2025 by rpki-client