Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
File: 16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa (raw, json)
Hash identifier: b8QPG2E5ff0CTMDQNkDEAbEM0+Tb7nGrAsCT4HrY2vY=
Subject key identifier: BA:BD:32:01:F6:58:00:7E:A7:D6:27:F5:DC:F4:53:24:CB:1E:4A:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6AD21EDCC829C283A92C6A49E1F8F7F57A52F35B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
Signing time: Fri 26 Sep 2025 19:41:55 +0000
ROA not before: Fri 26 Sep 2025 19:41:55 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:d2:1e:dc:c8:29:c2:83:a9:2c:6a:49:e1:f8:f7:f5:7a:52:f3:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:41:55 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=ec905d6fe2a1ffd0053f1d47f356f3bb791d385d3474da2febcf541e6550f793, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:81:ae:1b:ca:16:4c:43:05:48:a8:5f:a8:cf:
98:62:1e:91:d3:5c:73:ec:eb:8f:be:20:43:a2:aa:
de:c9:03:7e:30:e6:9c:93:46:3b:2c:9a:dc:52:09:
2d:6f:a8:91:55:36:11:1e:92:e3:04:01:b5:89:17:
3c:95:7d:b8:d1:cd:3b:cf:87:90:b2:49:56:c5:11:
b7:0f:b2:30:a3:41:27:ee:81:3e:ed:28:11:f3:d3:
92:33:b7:43:ef:9a:3a:0a:4b:3f:9a:0d:81:79:3f:
16:c1:bd:d6:60:3a:19:a4:b5:94:73:e5:34:d4:13:
b3:b8:01:41:79:99:50:55:ae:2c:05:86:e4:44:40:
57:b0:2d:30:96:f7:ae:ca:a5:28:10:f4:52:89:d9:
ed:a7:a5:2a:c8:61:c0:ab:55:5f:ca:8b:bd:24:2b:
89:d9:ac:78:4f:73:ca:98:91:bc:a9:a0:c7:0c:3c:
85:0f:b2:71:65:62:01:f3:06:94:dc:6b:9c:d7:81:
1b:69:33:1d:1b:01:f3:7a:37:12:11:fd:8d:b2:0d:
11:df:3a:ee:8f:33:a2:c0:57:f8:b1:da:d9:3a:d6:
d4:01:90:0d:30:ad:17:ac:38:40:bc:ce:ef:30:c7:
b3:43:cc:17:d0:07:31:3a:85:ff:8f:cf:04:7b:7a:
44:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:BD:32:01:F6:58:00:7E:A7:D6:27:F5:DC:F4:53:24:CB:1E:4A:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:b000::/40
Signature Algorithm: sha256WithRSAEncryption
04:53:49:dc:c4:e7:86:1d:5f:cd:0f:3c:f4:22:eb:2c:f9:01:
05:82:9e:de:d0:46:b3:08:61:11:84:35:97:1e:26:25:b2:1b:
11:02:33:00:21:9f:1b:1a:42:af:ad:02:d0:62:1a:e1:08:2a:
0d:ef:28:18:19:4a:32:c2:7f:79:8f:90:82:e1:a4:cb:ca:72:
05:3b:2c:09:23:61:a0:a1:e5:80:69:89:b4:b0:10:d0:45:53:
83:a3:d9:3f:e8:90:18:e5:95:fd:79:c2:c9:72:9f:5d:b1:5b:
fb:4e:2b:65:3e:f6:63:b0:ab:a1:ea:61:04:0a:d4:ed:d6:c9:
e0:07:45:0c:a2:b9:11:f6:ed:43:f3:b3:96:ff:d8:db:38:b5:
1e:a3:8e:5a:d5:9b:d1:b2:d9:78:cf:54:ce:55:9a:7c:3d:83:
78:d1:61:72:32:8c:2d:d7:ad:06:0b:75:6e:eb:9c:5a:72:03:
c3:6d:4a:75:58:8b:6c:5f:1c:46:a3:10:2d:8f:2e:e2:72:bc:
06:1c:b5:be:59:16:97:22:83:3e:28:24:0b:60:be:d6:cb:3c:
be:d7:1f:70:82:0c:7f:13:38:35:d2:2e:e8:7d:f2:ad:4c:f1:
24:9c:14:c7:a7:8b:da:e3:f4:5d:ee:1e:92:fe:eb:ea:07:57:
74:da:f2:31
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUatIe3MgpwoOpLGpJ4fj39XpS81swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQxNTVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjOTA1ZDZmZTJhMWZmZDAwNTNmMWQ0N2YzNTZmM2JiNzkxZDM4NWQzNDc0
ZGEyZmViY2Y1NDFlNjU1MGY3OTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeBrhvKFkxDBUioX6jPmGIekdNcc+zrj74gQ6Kq3skDfjDmnJNGOyya3FIJ
LW+okVU2ER6S4wQBtYkXPJV9uNHNO8+HkLJJVsURtw+yMKNBJ+6BPu0oEfPTkjO3
Q++aOgpLP5oNgXk/FsG91mA6GaS1lHPlNNQTs7gBQXmZUFWuLAWG5ERAV7AtMJb3
rsqlKBD0UonZ7aelKshhwKtVX8qLvSQridmseE9zypiRvKmgxww8hQ+ycWViAfMG
lNxrnNeBG2kzHRsB83o3EhH9jbINEd867o8zosBX+LHa2TrW1AGQDTCtF6w4QLzO
7zDHs0PMF9AHMTqF/4/PBHt6RGsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS6vTIB
9lgAfqfWJ/Xc9FMkyx5KVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTZlODNkODktOWMyOS00ZDcwLTlkMWQtODVlNGRjN2UzZDZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hiw
MA0GCSqGSIb3DQEBCwUAA4IBAQAEU0ncxOeGHV/NDzz0Iuss+QEFgp7e0EazCGER
hDWXHiYlshsRAjMAIZ8bGkKvrQLQYhrhCCoN7ygYGUoywn95j5CC4aTLynIFOywJ
I2GgoeWAaYm0sBDQRVODo9k/6JAY5ZX9ecLJcp9dsVv7TitlPvZjsKuh6mEECtTt
1sngB0UMorkR9u1D87OW/9jbOLUeo45a1ZvRstl4z1TOVZp8PYN40WFyMowt160G
C3Vu65xacgPDbUp1WItsXxxGoxAtjy7icrwGHLW+WRaXIoM+KCQLYL7Wyzy+1x9w
ggx/Ezg10i7offKtTPEknBTHp4va4/Rd7h6S/uvqB1d02vIx
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:18:57 2025 by rpki-client