Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
File: 1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa (raw, json)
Hash identifier: AZWI3bJ/iVv6/tavOmmzkHx86btb9EoZm06u9Ey7Cd8=
Subject key identifier: 41:8B:F5:11:DA:DA:33:C7:10:5D:DA:21:16:56:7D:CE:46:54:5B:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F35EA95F1CE1CB16CBAC5AFC132A6E9BDEC7E3F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
Signing time: Fri 26 Sep 2025 19:11:41 +0000
ROA not before: Fri 26 Sep 2025 19:11:41 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:35:ea:95:f1:ce:1c:b1:6c:ba:c5:af:c1:32:a6:e9:bd:ec:7e:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:11:41 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=8d1778490c080743d72d8623330fe804137fe4173f6c5ad3a46fdb512fa07a2b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0d:37:84:c5:34:01:84:f8:44:82:c4:bc:0b:
c2:4e:84:62:6d:ca:c1:1f:ce:28:40:f2:1b:14:d9:
a8:0c:80:69:5f:90:0c:c9:98:fa:3e:f1:1c:af:37:
d0:c3:a3:9c:b5:c6:25:ab:c7:09:b7:e5:a1:7b:60:
b8:e6:9e:eb:5a:94:66:b2:2d:00:e9:cf:d1:b0:f2:
a6:a9:7b:fe:f4:d9:d6:a0:12:86:76:3e:57:52:3d:
fb:3a:42:f3:5f:73:cc:1b:80:1d:83:38:7e:57:e3:
19:7a:c1:9c:50:a1:d2:a6:ae:f3:fb:cc:97:2e:2f:
d2:9a:3d:01:8f:3a:66:8d:4e:db:9c:8d:b2:9c:c7:
e3:d0:8f:6c:27:f3:1f:a2:c1:13:7a:13:a4:b4:ff:
75:ec:bd:6e:a9:8f:24:7c:cd:58:97:4f:01:2f:63:
40:3c:d3:28:a5:17:01:15:38:7e:4e:d0:e2:07:74:
03:3a:fd:99:1f:23:83:8a:af:6f:8d:25:23:cc:45:
66:c1:8f:db:03:69:a2:6d:bb:26:1e:cf:3c:2a:05:
95:bf:28:f2:a4:e1:cf:5d:62:f8:67:9b:24:5f:62:
9c:f8:35:10:f7:47:61:43:df:6b:28:eb:e1:6e:59:
ce:7e:84:ce:89:0e:1e:ae:1d:77:43:3b:15:33:4a:
ec:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:8B:F5:11:DA:DA:33:C7:10:5D:DA:21:16:56:7D:CE:46:54:5B:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e000::/40
Signature Algorithm: sha256WithRSAEncryption
5d:a1:3e:d8:dd:40:57:3b:7e:6d:37:c9:17:ba:f7:83:03:2a:
80:a1:a0:31:51:9b:2f:9d:9f:24:70:60:12:ef:10:21:f9:a6:
d7:8a:57:66:89:dc:8d:61:7f:d7:e6:18:95:07:8e:cd:89:4f:
57:c5:10:7e:06:0e:20:2b:e1:11:0e:e2:c7:49:84:b1:3d:a0:
11:90:c5:fe:f5:15:88:93:a2:d8:f9:65:e6:f6:37:2e:4f:f2:
a9:f5:4a:6e:64:b7:58:1c:e4:b5:5e:7e:0d:d8:b9:38:d6:3d:
45:1d:3b:01:8b:2e:f8:15:61:69:92:af:06:b9:a3:84:6b:6e:
72:fa:50:bb:ce:8c:9d:af:d3:d6:d8:24:2e:6f:21:9c:6a:f0:
3b:30:bc:a6:e8:42:4d:e6:29:67:b3:8c:a5:61:90:92:4d:2b:
16:8d:e9:d1:cc:05:07:45:7b:bd:d7:71:74:a0:8c:b1:b5:75:
e4:de:b5:2b:ef:2b:4d:52:1c:8f:6f:45:0b:25:fd:8d:b8:4a:
c0:a5:9e:0f:a0:3a:b5:9e:51:6d:2c:81:36:cd:99:a4:c0:91:
9d:33:7f:8b:be:3c:d3:e1:c7:8a:e1:ec:af:35:40:ea:9f:14:
2c:58:32:54:b9:88:76:da:f3:78:56:21:54:48:72:70:04:65:
ef:8e:06:94
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTzXqlfHOHLFsusWvwTKm6b3sfj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTExNDFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkMTc3ODQ5MGMwODA3NDNkNzJkODYyMzMzMGZlODA0MTM3ZmU0MTczZjZj
NWFkM2E0NmZkYjUxMmZhMDdhMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIoNN4TFNAGE+ESCxLwLwk6EYm3KwR/OKEDyGxTZqAyAaV+QDMmY+j7xHK83
0MOjnLXGJavHCbfloXtguOae61qUZrItAOnP0bDypql7/vTZ1qAShnY+V1I9+zpC
819zzBuAHYM4flfjGXrBnFCh0qau8/vMly4v0po9AY86Zo1O25yNspzH49CPbCfz
H6LBE3oTpLT/dey9bqmPJHzNWJdPAS9jQDzTKKUXARU4fk7Q4gd0Azr9mR8jg4qv
b40lI8xFZsGP2wNpom27Jh7PPCoFlb8o8qThz11i+GebJF9inPg1EPdHYUPfayjr
4W5Zzn6EzokOHq4dd0M7FTNK7HcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRBi/UR
2tozxxBd2iEWVn3ORlRblzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4NzU3YTMtNWIwZS00NDczLTlhM2ItODc2Y2MxMzRlMmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADg
MA0GCSqGSIb3DQEBCwUAA4IBAQBdoT7Y3UBXO35tN8kXuveDAyqAoaAxUZsvnZ8k
cGAS7xAh+abXildmidyNYX/X5hiVB47NiU9XxRB+Bg4gK+ERDuLHSYSxPaARkMX+
9RWIk6LY+WXm9jcuT/Kp9UpuZLdYHOS1Xn4N2Lk41j1FHTsBiy74FWFpkq8GuaOE
a25y+lC7zoydr9PW2CQubyGcavA7MLym6EJN5ilns4ylYZCSTSsWjenRzAUHRXu9
13F0oIyxtXXk3rUr7ytNUhyPb0ULJf2NuErApZ4PoDq1nlFtLIE2zZmkwJGdM3+L
vjzT4ceK4eyvNUDqnxQsWDJUuYh22vN4ViFUSHJwBGXvjgaU
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:04 2025 by rpki-client