Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
File: 14c60b75-8947-47da-9c6d-7045cbbbea55.roa (raw, json)
Hash identifier: f2yMMeGyhwlIicmz7rBetm0AEbiwbAhlkY8vVCy4uPs=
Subject key identifier: 14:A2:D2:3B:C9:9F:33:DF:B8:93:F3:A5:DD:26:18:8D:D9:B0:E4:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26BD34818BA9A3D51DA9DADE3E4A0DF0B7BD13AC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
Signing time: Fri 26 Sep 2025 19:21:28 +0000
ROA not before: Fri 26 Sep 2025 19:21:28 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:bd:34:81:8b:a9:a3:d5:1d:a9:da:de:3e:4a:0d:f0:b7:bd:13:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:21:28 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=26e6d53fe794c4a4de41f05a686a5fc1749e1245f7f9842ac8ab3ceaa9f42ceb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:84:6f:67:b0:9a:0e:f9:10:aa:a5:33:20:a6:
eb:53:67:fc:5e:b2:77:78:47:32:d5:43:f0:fc:69:
a7:d6:16:e9:87:77:71:ec:cd:9c:03:31:ec:0f:d0:
dc:51:4b:d4:59:20:53:86:bd:03:29:cb:53:d5:12:
96:a7:57:02:f5:f9:73:a8:ad:da:ed:7c:02:84:0a:
fd:08:f3:35:cb:61:23:2a:dd:e6:95:d9:b5:6b:b3:
b0:1c:d9:62:ef:3c:a0:7b:4c:4f:44:34:f3:85:a7:
d3:5a:29:1a:6d:1a:05:8b:17:ff:c2:4b:b3:7c:2c:
25:18:84:84:bf:d6:3b:ab:fb:ec:a1:1a:90:63:72:
9d:c4:84:9a:c2:3c:39:ba:9e:23:9f:40:de:c6:88:
a4:61:0e:2f:79:10:b2:a1:76:d3:c4:1f:dc:99:71:
c5:3f:d1:d7:ec:25:24:a0:05:ec:ed:89:64:b6:d8:
a4:26:3d:01:ce:cb:c6:f4:8b:d9:b3:80:94:8e:f7:
0a:7a:be:6c:de:9b:7f:55:14:32:18:a1:88:99:04:
38:7b:5b:0e:a0:a3:80:7d:03:39:69:fe:a4:47:43:
d6:1f:fc:b1:62:4b:d1:6f:88:3f:44:94:31:1d:fa:
38:7d:0a:f2:cf:fc:0b:ee:bd:b8:90:67:b2:4c:11:
b1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:A2:D2:3B:C9:9F:33:DF:B8:93:F3:A5:DD:26:18:8D:D9:B0:E4:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:1000::/40
Signature Algorithm: sha256WithRSAEncryption
79:0e:7e:1b:f3:dd:a9:b4:19:2a:59:24:0f:da:1f:8c:7d:c7:
e0:04:f3:bd:22:5e:02:40:90:df:2b:69:61:72:01:cd:e6:ff:
8d:f0:2f:c3:40:fc:71:40:28:73:dd:ac:d5:90:84:b9:bf:42:
82:37:16:59:e6:29:17:01:6c:74:56:ea:70:c4:2f:ee:d2:66:
d6:a2:79:78:2b:4a:b2:bf:7b:54:a7:15:db:bc:e3:73:f1:50:
03:f9:c5:45:03:7f:3e:bf:c3:65:7c:de:0f:51:f5:e7:c9:5f:
3d:72:ed:92:74:25:78:eb:d6:66:e0:d3:f0:cf:16:8b:fc:b2:
8d:9c:6c:1f:f4:6a:a8:f5:59:72:88:f7:2c:b9:8e:a5:f5:5b:
11:e0:db:2b:be:e5:a8:cd:07:60:62:bc:6c:fe:77:82:06:ae:
2b:13:43:e5:13:32:65:65:96:a5:33:bf:47:5e:87:5e:dd:d5:
78:ce:66:e3:fb:4a:4d:0a:54:b5:1e:82:a3:96:8a:ca:8b:13:
15:6f:30:ca:bf:11:62:c6:20:a9:79:7b:7a:a5:34:4d:65:9a:
a3:03:ad:c0:5a:e9:ea:5f:c0:99:4f:01:ed:e0:97:97:52:0d:
7d:04:f3:b8:09:47:d7:55:49:b6:ea:af:f9:eb:e4:42:e6:a8:
cd:85:c1:02
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJr00gYupo9UdqdrePkoN8Le9E6wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTIxMjhaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2ZTZkNTNmZTc5NGM0YTRkZTQxZjA1YTY4NmE1ZmMxNzQ5ZTEyNDVmN2Y5
ODQyYWM4YWIzY2VhYTlmNDJjZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqEb2ewmg75EKqlMyCm61Nn/F6yd3hHMtVD8Pxpp9YW6Yd3cezNnAMx7A/Q
3FFL1FkgU4a9AynLU9USlqdXAvX5c6it2u18AoQK/QjzNcthIyrd5pXZtWuzsBzZ
Yu88oHtMT0Q084Wn01opGm0aBYsX/8JLs3wsJRiEhL/WO6v77KEakGNyncSEmsI8
ObqeI59A3saIpGEOL3kQsqF208Qf3JlxxT/R1+wlJKAF7O2JZLbYpCY9Ac7LxvSL
2bOAlI73Cnq+bN6bf1UUMhihiJkEOHtbDqCjgH0DOWn+pEdD1h/8sWJL0W+IP0SU
MR36OH0K8s/8C+69uJBnskwRsUkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQUotI7
yZ8z37iT86XdJhiN2bDkKjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTRjNjBiNzUtODk0Ny00N2RhLTljNmQtNzA0NWNiYmJlYTU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQB5Dn4b892ptBkqWSQP2h+MfcfgBPO9Il4CQJDf
K2lhcgHN5v+N8C/DQPxxQChz3azVkIS5v0KCNxZZ5ikXAWx0VupwxC/u0mbWonl4
K0qyv3tUpxXbvONz8VAD+cVFA38+v8NlfN4PUfXnyV89cu2SdCV469Zm4NPwzxaL
/LKNnGwf9Gqo9VlyiPcsuY6l9VsR4NsrvuWozQdgYrxs/neCBq4rE0PlEzJlZZal
M79HXode3dV4zmbj+0pNClS1HoKjlorKixMVbzDKvxFixiCpeXt6pTRNZZqjA63A
WunqX8CZTwHt4JeXUg19BPO4CUfXVUm26q/56+RC5qjNhcEC
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:23 2025 by rpki-client