Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
File: 182e091e-259f-44bd-bb67-c5e36fa6958b.roa (raw, json)
Hash identifier: c86wpuli6pc3fuxwHSfUagb2Mw6abYH2HiKoPR+y6Ss=
Subject key identifier: C2:B7:31:C3:4E:87:D1:B3:19:58:40:DC:02:12:72:9E:2D:8F:76:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B53145769B209CD4364E01899D4D08606120811
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
Signing time: Fri 26 Sep 2025 20:00:15 +0000
ROA not before: Fri 26 Sep 2025 20:00:15 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:53:14:57:69:b2:09:cd:43:64:e0:18:99:d4:d0:86:06:12:08:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:00:15 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=d92cfcfa69dea4243455d6e879ad0345c5b165f39bdb9f6523c9deeb74b371bb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:55:f7:90:b1:b6:65:9a:a9:7e:e4:de:69:a8:
1a:f0:0b:d9:1b:75:f8:df:65:0a:ad:7a:e1:59:c4:
38:bb:3f:2d:9b:42:0f:f0:d0:51:ab:96:04:f6:d7:
00:f8:40:0d:a9:63:88:83:7d:f6:f4:35:ab:a9:85:
c7:fa:ba:ee:03:b2:d6:bf:b1:8a:7b:4b:ee:52:b3:
51:df:6e:83:c6:72:ac:e1:2b:b6:53:9c:8d:82:0d:
c7:84:13:d2:e7:dc:da:70:a0:40:75:64:9e:fd:1c:
a0:3d:51:26:ed:45:70:34:44:fd:2d:b6:1b:43:6a:
5d:c3:47:2a:e1:87:8d:0d:d4:39:80:15:28:ec:b5:
a0:e2:48:ae:9b:99:88:34:84:e5:be:c2:a2:c3:e9:
c1:e0:78:fa:ee:02:be:6f:af:26:57:67:93:62:0b:
bf:4c:1a:ce:00:ae:a6:78:f6:5f:cd:17:dc:98:25:
84:91:53:22:dd:08:fa:cc:37:5c:a6:d8:77:54:05:
6d:08:c3:d8:81:b0:7a:b0:db:4d:ff:e8:cb:88:8f:
29:9e:3e:15:01:67:52:e9:cd:ad:70:22:d8:ca:8e:
f9:89:7f:01:37:d9:62:01:34:14:a1:f9:7b:5a:a4:
0f:d2:37:f3:9c:60:dd:d1:73:97:af:6b:45:c5:6d:
02:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B7:31:C3:4E:87:D1:B3:19:58:40:DC:02:12:72:9E:2D:8F:76:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:400::/38
Signature Algorithm: sha256WithRSAEncryption
32:07:f9:08:21:02:dd:18:2a:96:90:a3:27:ac:64:39:b8:ea:
40:57:d2:e3:63:25:70:e8:b6:ed:48:e9:08:9a:18:bf:3a:31:
e5:52:fe:1b:82:53:db:2c:c4:89:8b:dd:bb:84:74:40:e7:b6:
dd:15:a1:d5:f1:ca:11:b1:b9:ba:3b:58:b8:82:e4:c9:12:a0:
c2:fc:f6:57:4d:76:fe:33:02:bf:d6:17:9f:da:a4:65:aa:c9:
75:ae:8f:ca:b5:d7:e8:4f:8d:58:ae:77:2d:e8:5a:b5:23:f4:
1c:e1:b5:8d:aa:f5:93:3f:e8:dd:5c:4f:0f:0d:00:ee:49:e4:
84:e9:1f:5e:9f:3d:2e:e6:63:a2:93:0e:e8:0f:1d:a8:7d:c4:
22:01:9f:3e:79:7a:6b:e8:32:35:a5:c0:1b:21:cc:25:36:13:
ce:72:3a:23:a7:d3:49:e6:35:6f:ee:8a:da:6a:59:40:8b:e9:
85:d3:f6:cf:98:b0:ce:4c:88:3b:d0:06:dd:81:2e:df:e3:03:
4b:cf:db:08:f5:cd:48:bd:df:23:19:fc:48:73:6d:b6:3c:23:
04:c2:8f:52:51:ef:c2:65:3a:75:ae:0b:ea:cb:f5:5c:1b:65:
eb:df:03:00:b2:57:c4:82:c0:b2:62:35:d3:79:d8:66:c2:f8:
9b:07:47:c4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK1MUV2myCc1DZOAYmdTQhgYSCBEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAwMTVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5MmNmY2ZhNjlkZWE0MjQzNDU1ZDZlODc5YWQwMzQ1YzViMTY1ZjM5YmRi
OWY2NTIzYzlkZWViNzRiMzcxYmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFV95CxtmWaqX7k3mmoGvAL2Rt1+N9lCq164VnEOLs/LZtCD/DQUauWBPbX
APhADaljiIN99vQ1q6mFx/q67gOy1r+xintL7lKzUd9ug8ZyrOErtlOcjYINx4QT
0ufc2nCgQHVknv0coD1RJu1FcDRE/S22G0NqXcNHKuGHjQ3UOYAVKOy1oOJIrpuZ
iDSE5b7CosPpweB4+u4Cvm+vJldnk2ILv0wazgCupnj2X80X3JglhJFTIt0I+sw3
XKbYd1QFbQjD2IGwerDbTf/oy4iPKZ4+FQFnUunNrXAi2MqO+Yl/ATfZYgE0FKH5
e1qkD9I385xg3dFzl69rRcVtArMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTCtzHD
TofRsxlYQNwCEnKeLY92xDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgyZTA5MWUtMjU5Zi00NGJkLWJiNjctYzVlMzZmYTY5NThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwE
MA0GCSqGSIb3DQEBCwUAA4IBAQAyB/kIIQLdGCqWkKMnrGQ5uOpAV9LjYyVw6Lbt
SOkImhi/OjHlUv4bglPbLMSJi927hHRA57bdFaHV8coRsbm6O1i4guTJEqDC/PZX
TXb+MwK/1hef2qRlqsl1ro/KtdfoT41Yrnct6Fq1I/Qc4bWNqvWTP+jdXE8PDQDu
SeSE6R9enz0u5mOikw7oDx2ofcQiAZ8+eXpr6DI1pcAbIcwlNhPOcjojp9NJ5jVv
7oraallAi+mF0/bPmLDOTIg70AbdgS7f4wNLz9sI9c1Ivd8jGfxIc222PCMEwo9S
Ue/CZTp1rgvqy/VcG2Xr3wMAslfEgsCyYjXTedhmwvibB0fE
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:18:47 2025 by rpki-client