Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
File: 183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa (raw, json)
Hash identifier: ZmvERPeB38w4iq8Xx/vAaPVqgfAIpoqSHqTwLNu9SPk=
Subject key identifier: D6:2C:72:CC:31:84:01:DA:AC:75:A5:E7:45:9D:08:D2:5E:AB:90:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D07587C619FD6BEEB88EE92DA849269F47079E0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
Signing time: Fri 26 Sep 2025 19:40:49 +0000
ROA not before: Fri 26 Sep 2025 19:40:49 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:07:58:7c:61:9f:d6:be:eb:88:ee:92:da:84:92:69:f4:70:79:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:40:49 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=8fcb07d60e99dff35cb5cd525e9ea870cb5e29ef96592e046af77c8ec7dc4a4f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:27:67:58:e2:96:74:d9:b5:9d:b2:c8:29:e7:
7c:20:1a:f5:5a:36:50:2c:1c:df:d8:d8:2d:07:f4:
11:55:0c:af:67:53:ca:4e:0f:07:7c:74:47:6d:65:
72:33:d0:6b:03:e4:ff:fd:c0:88:70:ec:23:4f:76:
ee:4b:87:fc:14:6a:87:ea:94:e5:82:59:a2:68:d5:
0b:6c:2a:d8:3c:3b:aa:df:da:02:2c:e4:86:61:12:
6b:e7:e6:9e:78:31:07:59:35:a5:53:32:b7:94:87:
50:9a:52:ad:37:13:38:cd:a0:0f:2d:09:98:ec:7a:
01:af:bb:4f:32:3a:b5:15:50:9a:ad:b7:b9:55:ec:
45:78:2d:9b:7b:2f:45:11:4f:fe:7b:ca:db:59:d3:
80:cd:59:0c:58:47:a6:92:bc:6f:be:c3:fe:b2:88:
3a:34:d8:67:62:d9:66:1d:b9:7b:bb:47:7a:3e:00:
93:6e:09:75:f1:67:ec:38:5f:75:8d:60:c2:04:6e:
18:f2:de:83:ee:13:3a:0f:cb:50:73:4d:20:74:6f:
91:0d:ce:60:aa:87:98:d3:61:f8:a7:fc:24:a8:4b:
43:dd:c0:3e:05:14:d7:97:2a:39:22:a1:ab:5e:79:
63:53:04:00:10:7e:5e:44:89:2a:20:20:88:3b:8b:
9e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:2C:72:CC:31:84:01:DA:AC:75:A5:E7:45:9D:08:D2:5E:AB:90:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:1000::/40
Signature Algorithm: sha256WithRSAEncryption
be:6a:0e:56:65:2e:45:49:e8:4b:dc:da:13:7e:d8:f4:f8:3f:
53:36:fe:6e:6b:91:69:49:5a:b4:35:b3:3b:f5:a9:e4:bc:23:
80:c5:c4:5c:92:29:8a:b6:0f:09:25:e3:5c:b0:8d:d4:9e:55:
c9:4a:7e:4b:30:04:d9:49:2a:1d:dc:10:77:5a:e3:9a:44:b0:
18:d9:ba:7b:8e:fc:b4:46:89:60:4b:fe:7b:50:57:f9:ec:13:
e2:76:f0:44:fd:c9:86:3f:b6:c8:a5:e2:da:c1:bb:6c:cf:a5:
d5:0e:0d:4c:84:0f:61:e1:8e:c8:da:c8:88:5f:0c:52:bb:ff:
9c:f7:1c:48:7a:7c:6e:a0:f1:23:01:7b:aa:6d:40:21:27:ac:
a7:91:6e:6e:9a:44:71:86:0e:44:db:df:a8:f5:f4:71:0e:66:
68:52:bb:b2:96:53:7d:9d:dc:ec:a0:f7:09:c4:b7:7a:59:93:
f5:4d:4f:a6:50:5f:70:c2:4d:4f:c4:46:5f:5b:13:25:6d:35:
c2:05:aa:81:a3:24:5f:84:fe:be:b6:a2:6b:e4:f2:7a:08:3e:
27:4f:1d:4f:a2:a9:0d:83:2b:10:1c:aa:2c:cc:9d:e5:6c:45:
fa:86:92:34:1d:a6:83:be:09:fe:86:05:26:18:a6:b2:65:d3:
39:05:fd:ae
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPQdYfGGf1r7riO6S2oSSafRweeAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQwNDlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmY2IwN2Q2MGU5OWRmZjM1Y2I1Y2Q1MjVlOWVhODcwY2I1ZTI5ZWY5NjU5
MmUwNDZhZjc3YzhlYzdkYzRhNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALonZ1jilnTZtZ2yyCnnfCAa9Vo2UCwc39jYLQf0EVUMr2dTyk4PB3x0R21l
cjPQawPk//3AiHDsI0927kuH/BRqh+qU5YJZomjVC2wq2Dw7qt/aAizkhmESa+fm
nngxB1k1pVMyt5SHUJpSrTcTOM2gDy0JmOx6Aa+7TzI6tRVQmq23uVXsRXgtm3sv
RRFP/nvK21nTgM1ZDFhHppK8b77D/rKIOjTYZ2LZZh25e7tHej4Ak24JdfFn7Dhf
dY1gwgRuGPLeg+4TOg/LUHNNIHRvkQ3OYKqHmNNh+Kf8JKhLQ93APgUU15cqOSKh
q155Y1MEABB+XkSJKiAgiDuLnmMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTWLHLM
MYQB2qx1pedFnQjSXquQfDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgzZWI1ODMtM2ZiMy00YzNhLWJhZGItOWZlMGE0ZTUwZmQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC+ag5WZS5FSehL3NoTftj0+D9TNv5ua5FpSVq0
NbM79ankvCOAxcRckimKtg8JJeNcsI3UnlXJSn5LMATZSSod3BB3WuOaRLAY2bp7
jvy0RolgS/57UFf57BPidvBE/cmGP7bIpeLawbtsz6XVDg1MhA9h4Y7I2siIXwxS
u/+c9xxIenxuoPEjAXuqbUAhJ6ynkW5umkRxhg5E29+o9fRxDmZoUruyllN9ndzs
oPcJxLd6WZP1TU+mUF9wwk1PxEZfWxMlbTXCBaqBoyRfhP6+tqJr5PJ6CD4nTx1P
oqkNgysQHKoszJ3lbEX6hpI0HaaDvgn+hgUmGKayZdM5Bf2u
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:23 2025 by rpki-client