Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa
File: 130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa (raw, json)
Hash identifier: 4IynORtktFf8kX1LZZhniz0+RikqEwrFqq4exFaQsj0=
Subject key identifier: DE:3B:49:D2:31:E1:89:4A:FF:23:5B:32:21:57:13:08:51:49:E2:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03A2129368E4F6492AB2870E77569A5488E7CD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa
Signing time: Fri 10 Oct 2025 17:04:24 +0000
ROA not before: Fri 10 Oct 2025 17:04:24 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:a2:12:93:68:e4:f6:49:2a:b2:87:0e:77:56:9a:54:88:e7:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:04:24 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=2b0ac281e47163236938a056c51972d7d16c34690a85ff6443da8c7d8d445c3e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:aa:2e:54:0f:47:c6:b2:a3:c2:48:3e:b7:ce:
97:9f:1d:2f:7e:49:cc:89:f9:7a:dc:ab:75:b6:d9:
67:e3:a1:3e:f3:77:56:e6:04:d4:35:06:30:d9:f5:
6a:5b:c1:31:7f:d1:64:a1:81:c3:fc:eb:a6:2d:67:
1c:04:b1:2f:71:3e:06:d3:b8:64:b3:8a:38:4a:73:
dc:2e:64:1d:c7:37:ad:f1:e2:be:38:48:e1:b7:14:
bd:12:00:17:15:b9:d9:ea:ab:00:10:cc:41:2c:fa:
a3:4e:98:e2:68:b8:35:dc:9d:df:cb:76:46:82:7b:
ef:62:e5:c3:45:13:93:65:03:b0:e1:2a:e5:cb:80:
40:ee:8d:9b:fd:7e:79:a2:21:1a:ad:dc:33:84:1c:
fa:a9:2a:3a:f4:de:72:0f:86:f0:9c:d4:47:04:49:
11:4e:ec:8b:0e:cd:88:95:7d:a9:c9:14:df:7c:9b:
ed:80:d1:42:3e:16:ae:f9:12:96:6a:32:98:da:cd:
cf:d5:0f:5f:01:ad:c1:03:91:8a:8d:99:95:c7:c6:
b5:3a:18:14:4f:9c:4c:89:0b:fc:00:e9:d8:78:48:
c2:6f:35:08:6b:6d:b5:17:77:7b:90:09:57:16:1b:
15:9c:1e:b0:06:65:36:6a:8c:5d:82:b4:5b:03:9a:
96:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:3B:49:D2:31:E1:89:4A:FF:23:5B:32:21:57:13:08:51:49:E2:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:e000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:e4:78:08:e7:61:89:5d:e3:ff:75:81:83:ff:c0:d3:02:8f:
a5:68:e1:43:16:3b:07:e0:0d:c9:dd:14:39:04:d1:07:52:5e:
44:d4:29:2d:c3:3c:fd:3e:c9:f7:53:17:8b:dc:c0:00:70:8a:
5b:3c:2e:f9:7c:78:60:09:da:d4:d6:81:9c:d6:5f:ec:7c:5c:
08:2f:7d:03:97:7c:72:c9:0b:92:13:bb:d8:7c:fa:89:00:4d:
ea:0b:49:25:24:8a:63:43:da:13:3a:28:a1:e0:ae:a3:2b:c2:
27:88:90:a4:0f:5d:e7:26:2e:94:24:20:5f:e6:fc:c6:74:81:
7e:2e:c2:0f:69:ae:22:54:bc:09:d8:97:f0:1c:76:93:f6:90:
36:b8:dc:57:37:14:50:2f:f2:56:23:9a:7b:6e:ba:0b:f3:91:
1b:34:94:59:5b:5c:13:e2:05:ea:ac:e9:9d:10:fd:b7:f3:63:
7f:b7:a7:56:b5:cb:ce:c2:24:4b:b4:38:a4:67:1e:36:2a:16:
23:12:22:58:e2:c3:62:23:82:5a:ad:3e:c0:ca:20:6e:5b:72:
b2:bb:56:a3:2b:6d:0a:0b:2d:b3:5f:3f:1c:85:29:92:e0:35:
bf:67:c0:53:c4:9a:7c:ac:52:65:49:1c:a0:78:31:d1:8a:f9:
c4:af:0e:65
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgITA6ISk2jk9kkqsocOd1aaVIjnzTANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MTAxMDE3MDQyNFoXDTI1MTExNDIzNTk1OVowejFJMEcGA1UE
BRNAMmIwYWMyODFlNDcxNjMyMzY5MzhhMDU2YzUxOTcyZDdkMTZjMzQ2OTBhODVm
ZjY0NDNkYThjN2Q4ZDQ0NWMzZTEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4KouVA9HxrKjwkg+t86Xnx0vfknMifl63Kt1ttln46E+83dW5gTUNQYw2fVq
W8Exf9FkoYHD/OumLWccBLEvcT4G07hks4o4SnPcLmQdxzet8eK+OEjhtxS9EgAX
FbnZ6qsAEMxBLPqjTpjiaLg13J3fy3ZGgnvvYuXDRROTZQOw4Srly4BA7o2b/X55
oiEardwzhBz6qSo69N5yD4bwnNRHBEkRTuyLDs2IlX2pyRTffJvtgNFCPhau+RKW
ajKY2s3P1Q9fAa3BA5GKjZmVx8a1OhgUT5xMiQv8AOnYeEjCbzUIa221F3d7kAlX
FhsVnB6wBmU2aoxdgrRbA5qWPQIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFN47SdIx
4YlK/yNbMiFXEwhRSeLYMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC8x
MzBiYjUxOC1jYTM2LTQzZWQtYjhkZC0wMzQ1ZjVjMWIzYjEucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQWeAw
DQYJKoZIhvcNAQELBQADggEBAH/keAjnYYld4/91gYP/wNMCj6Vo4UMWOwfgDcnd
FDkE0QdSXkTUKS3DPP0+yfdTF4vcwABwils8Lvl8eGAJ2tTWgZzWX+x8XAgvfQOX
fHLJC5ITu9h8+okATeoLSSUkimND2hM6KKHgrqMrwieIkKQPXecmLpQkIF/m/MZ0
gX4uwg9priJUvAnYl/AcdpP2kDa43Fc3FFAv8lYjmntuugvzkRs0lFlbXBPiBeqs
6Z0Q/bfzY3+3p1a1y87CJEu0OKRnHjYqFiMSIljiw2IjglqtPsDKIG5bcrK7VqMr
bQoLLbNfPxyFKZLgNb9nwFPEmnysUmVJHKB4MdGK+cSvDmU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:29 2025 by rpki-client