Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa
File: 19a2984e-942a-4280-ac0b-904c9860af2f.roa (raw, json)
Hash identifier: X3ASH0VummmkiHH3k296qUJfmlD+0GxlsSTBqSg/cKg=
Subject key identifier: 8D:20:D1:58:AC:85:A6:74:9C:60:16:66:B9:38:18:93:73:55:32:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B7BB06200830C28B2F420114981A6766BF59DF5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa
Signing time: Fri 26 Sep 2025 18:50:15 +0000
ROA not before: Fri 26 Sep 2025 18:50:15 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:7b:b0:62:00:83:0c:28:b2:f4:20:11:49:81:a6:76:6b:f5:9d:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:50:15 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=d624b6a050d75668838639d2fd016fef45ce6587ba3723b9a5254597a56abed0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e3:dc:f2:ab:2d:2e:fa:38:53:ea:79:d7:c3:
97:07:c2:9b:01:9f:45:01:98:aa:64:3a:af:a2:c5:
06:0c:77:0b:0d:05:87:88:86:47:29:75:b7:5e:5b:
3c:86:6d:d6:de:f9:dc:45:39:a1:69:53:25:cc:12:
bb:ef:dc:f2:40:a7:aa:86:b2:e3:eb:0c:99:d3:51:
35:46:8d:98:6e:97:91:ab:12:42:43:b1:d9:16:a7:
4b:dc:7f:59:12:90:a0:56:9d:fe:72:a9:94:33:a4:
78:c4:7b:a2:97:0e:3b:28:3d:e8:b5:65:5e:28:38:
05:e3:ac:b4:27:21:de:b1:8e:77:52:a3:4a:1b:e4:
77:ec:8b:43:49:69:ed:ee:2c:e8:f2:b2:49:38:b4:
65:62:3c:76:ac:12:30:90:a2:53:08:0b:f0:73:c3:
c5:16:f9:93:88:e8:65:99:67:ba:43:83:74:6b:b2:
94:6b:75:30:33:89:2e:4a:23:7e:82:6c:01:ae:dc:
1c:b7:7e:62:8a:fb:de:74:bc:dc:6c:41:4c:13:89:
2e:9c:0b:87:79:c3:3a:f3:19:b9:9f:80:16:93:f7:
7c:aa:7e:1d:fd:e2:58:25:8f:ef:53:9f:61:a9:f2:
19:fc:6e:47:ed:23:99:05:1a:ed:25:c5:6f:7b:20:
cd:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:20:D1:58:AC:85:A6:74:9C:60:16:66:B9:38:18:93:73:55:32:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8020::/48
Signature Algorithm: sha256WithRSAEncryption
a1:02:46:6b:da:ea:7c:d7:d5:39:e5:7c:17:09:57:59:ca:72:
c1:cf:76:97:c2:38:d4:c3:58:32:4d:d3:a7:b3:c8:08:cb:09:
fd:8f:f2:89:e0:9f:4c:13:eb:60:f3:53:7e:a6:3d:f1:ab:22:
15:85:76:09:a5:48:b5:48:ad:7b:77:08:ab:ea:be:b4:fd:44:
47:1c:98:ed:2b:15:3d:8d:19:75:68:10:fe:f0:1d:cb:5d:d6:
f4:90:ef:6e:78:96:99:48:9a:00:63:79:77:bd:42:cb:41:d7:
d7:a3:aa:61:a8:73:7a:c0:69:a4:e0:d3:19:58:39:c0:f0:d3:
2e:19:27:c0:c1:31:71:4c:12:7a:4e:46:d3:0b:e1:a8:f8:fe:
1b:fc:d3:eb:5a:9b:7a:0f:cc:9d:73:0b:e3:fa:35:6d:b2:86:
9a:5b:0e:17:8d:c3:9a:8b:a2:b6:89:c3:0b:04:58:9b:d0:ba:
d7:09:42:71:fd:43:da:66:fa:76:eb:5e:5d:b7:35:30:0d:f9:
99:16:f5:7e:9e:24:ef:31:34:a9:d8:80:de:a3:78:fa:d9:3c:
c4:1f:3d:e1:2d:f7:11:4a:19:42:5f:c4:f2:40:14:1c:42:ba:
e6:a4:40:47:4f:f3:d4:02:79:bd:73:1d:dd:86:85:49:56:c7:
bb:93:f6:18
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUG3uwYgCDDCiy9CARSYGmdmv1nfUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODUwMTVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2MjRiNmEwNTBkNzU2Njg4Mzg2MzlkMmZkMDE2ZmVmNDVjZTY1ODdiYTM3
MjNiOWE1MjU0NTk3YTU2YWJlZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDj3PKrLS76OFPqedfDlwfCmwGfRQGYqmQ6r6LFBgx3Cw0Fh4iGRyl1t15b
PIZt1t753EU5oWlTJcwSu+/c8kCnqoay4+sMmdNRNUaNmG6XkasSQkOx2RanS9x/
WRKQoFad/nKplDOkeMR7opcOOyg96LVlXig4BeOstCch3rGOd1KjShvkd+yLQ0lp
7e4s6PKySTi0ZWI8dqwSMJCiUwgL8HPDxRb5k4joZZlnukODdGuylGt1MDOJLkoj
foJsAa7cHLd+Yor73nS83GxBTBOJLpwLh3nDOvMZuZ+AFpP3fKp+Hf3iWCWP71Of
YanyGfxuR+0jmQUa7SXFb3sgzSECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSNINFY
rIWmdJxgFma5OBiTc1UyczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTlhMjk4NGUtOTQyYS00MjgwLWFjMGItOTA0Yzk4NjBhZjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
IDANBgkqhkiG9w0BAQsFAAOCAQEAoQJGa9rqfNfVOeV8FwlXWcpywc92l8I41MNY
Mk3Tp7PICMsJ/Y/yieCfTBPrYPNTfqY98asiFYV2CaVItUite3cIq+q+tP1ERxyY
7SsVPY0ZdWgQ/vAdy13W9JDvbniWmUiaAGN5d71Cy0HX16OqYahzesBppODTGVg5
wPDTLhknwMExcUwSek5G0wvhqPj+G/zT61qbeg/MnXML4/o1bbKGmlsOF43Dmoui
tonDCwRYm9C61wlCcf1D2mb6duteXbc1MA35mRb1fp4k7zE0qdiA3qN4+tk8xB89
4S33EUoZQl/E8kAUHEK65qRAR0/z1AJ5vXMd3YaFSVbHu5P2GA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:15 2025 by rpki-client