Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
File: 15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa (raw, json)
Hash identifier: Wllj5AJ2hv4JIUSqE/RiwhIpjWG4MvwKJHk5AH3v1+4=
Subject key identifier: 44:B9:90:CD:27:B0:BE:13:40:5C:6A:32:C9:B6:3C:1F:07:FF:41:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1DD33124382F4EDBD76BB4B400D39627B77F1210
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
Signing time: Fri 26 Sep 2025 18:50:08 +0000
ROA not before: Fri 26 Sep 2025 18:50:08 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:d3:31:24:38:2f:4e:db:d7:6b:b4:b4:00:d3:96:27:b7:7f:12:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:50:08 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=ba7ad60875a5933e5de13a9ff439295fb695d7b2167d67a2c3be671e4631c07c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:70:05:78:18:9a:40:aa:26:d9:ca:9e:d5:09:
77:95:e5:8e:76:21:de:b4:2f:10:11:c7:f3:2b:a4:
d9:40:cc:4e:0b:5e:95:61:09:2d:3f:92:f3:1a:24:
2c:bc:ca:d9:3c:72:78:8b:bb:b0:e7:7a:1f:3c:e1:
10:f1:a2:e7:ee:8f:6e:ef:46:d3:68:5f:d7:a9:04:
73:86:25:45:e2:29:45:c1:8a:98:0c:7b:d2:c2:33:
71:4f:a1:8d:e2:85:6a:f1:f4:98:c5:3c:2b:f3:87:
21:db:66:f1:d6:88:a3:bf:89:7f:c1:59:cd:d4:29:
5d:3a:43:50:58:f2:cc:95:19:72:5b:7f:c4:f0:45:
fc:37:0c:1c:b8:f2:26:b4:a7:04:8c:58:32:52:ce:
c5:ab:03:0f:67:be:cd:8d:e0:c4:45:3d:ac:ac:e8:
71:90:18:40:cf:96:bc:45:dd:08:dc:15:ee:29:9e:
a2:e9:bc:6a:d3:cc:74:26:01:e6:47:11:29:30:fd:
c8:7d:ce:1b:d3:d5:86:e0:08:15:ff:ba:13:8f:fb:
c3:fb:cd:00:b3:4d:ed:e8:bb:60:44:35:dd:a1:18:
e0:c2:a5:12:47:d6:0a:a5:2f:8f:e8:e2:23:8f:8a:
c9:fd:98:cf:11:fa:ab:7a:09:03:b1:94:92:6c:52:
80:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B9:90:CD:27:B0:BE:13:40:5C:6A:32:C9:B6:3C:1F:07:FF:41:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
c4:f2:d7:06:a5:9e:a6:27:c3:ae:99:9c:bf:47:b9:0e:88:d8:
15:a5:0a:27:81:e7:50:52:2e:10:6c:81:82:ae:71:30:22:ad:
3f:7f:b3:a1:c2:87:40:ce:a6:25:dd:d4:3f:65:ef:80:a2:46:
85:0d:39:32:ee:15:2f:b8:3e:42:2f:5a:33:bc:95:b0:4c:41:
80:29:36:a2:23:e7:54:48:ff:23:1f:44:fb:66:fc:84:09:31:
d0:96:f0:29:a2:13:e7:95:70:36:90:e7:96:3a:05:c2:ff:1a:
84:7d:53:a2:f6:a4:1a:71:4b:e2:ac:ef:34:9e:91:6d:d6:e1:
f3:2b:68:e0:39:75:e1:49:de:be:58:0c:5b:2b:6c:e9:d1:fe:
42:5e:40:fe:ba:5a:24:52:30:d4:00:c4:be:b9:69:50:0c:41:
0b:5c:33:19:92:2a:ee:d1:fb:4a:ed:c3:7f:74:59:31:38:0d:
61:c8:b3:6d:24:3d:24:c3:4a:a3:5f:bc:01:50:f5:7f:e6:da:
1c:f6:ca:97:ac:ef:b2:68:b6:21:df:4b:42:57:fb:96:64:c5:
58:9e:72:50:c1:24:c3:4a:7f:8e:6d:c4:66:fa:26:9c:4d:78:
76:42:8c:24:d1:7b:5c:4d:00:0f:2a:a1:13:41:4f:7f:2b:c4:
14:db:b9:56
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHdMxJDgvTtvXa7S0ANOWJ7d/EhAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODUwMDhaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhN2FkNjA4NzVhNTkzM2U1ZGUxM2E5ZmY0MzkyOTVmYjY5NWQ3YjIxNjdk
NjdhMmMzYmU2NzFlNDYzMWMwN2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpwBXgYmkCqJtnKntUJd5XljnYh3rQvEBHH8yuk2UDMTgtelWEJLT+S8xok
LLzK2TxyeIu7sOd6HzzhEPGi5+6Pbu9G02hf16kEc4YlReIpRcGKmAx70sIzcU+h
jeKFavH0mMU8K/OHIdtm8daIo7+Jf8FZzdQpXTpDUFjyzJUZclt/xPBF/DcMHLjy
JrSnBIxYMlLOxasDD2e+zY3gxEU9rKzocZAYQM+WvEXdCNwV7imeoum8atPMdCYB
5kcRKTD9yH3OG9PVhuAIFf+6E4/7w/vNALNN7ei7YEQ13aEY4MKlEkfWCqUvj+ji
I4+Kyf2YzxH6q3oJA7GUkmxSgBECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBREuZDN
J7C+E0BcajLJtjwfB/9BhjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTVkZTAwNGItY2QwZi00NGExLTk5YjEtNGUyZTcxZmYwN2QxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
wDANBgkqhkiG9w0BAQsFAAOCAQEAxPLXBqWepifDrpmcv0e5DojYFaUKJ4HnUFIu
EGyBgq5xMCKtP3+zocKHQM6mJd3UP2XvgKJGhQ05Mu4VL7g+Qi9aM7yVsExBgCk2
oiPnVEj/Ix9E+2b8hAkx0JbwKaIT55VwNpDnljoFwv8ahH1TovakGnFL4qzvNJ6R
bdbh8yto4Dl14UnevlgMWyts6dH+Ql5A/rpaJFIw1ADEvrlpUAxBC1wzGZIq7tH7
Su3Df3RZMTgNYcizbSQ9JMNKo1+8AVD1f+baHPbKl6zvsmi2Id9LQlf7lmTFWJ5y
UMEkw0p/jm3EZvomnE14dkKMJNF7XE0ADyqhE0FPfyvEFNu5Vg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:43 2025 by rpki-client