Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
File: 1aa38486-cd53-4f48-891d-a0191edf04a1.roa (raw, json)
Hash identifier: dWuAKqUlhg0pWWqtHhd9gMbEXoIbAvb1mHG4zoQpKk8=
Subject key identifier: 0A:1C:40:E7:53:47:1F:63:47:73:1A:DE:B3:FA:50:4A:1C:E7:11:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2219084E538BE7168E01C767437608FB3EB6B06F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
Signing time: Fri 26 Sep 2025 18:41:34 +0000
ROA not before: Fri 26 Sep 2025 18:41:34 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:19:08:4e:53:8b:e7:16:8e:01:c7:67:43:76:08:fb:3e:b6:b0:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:41:34 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=7e7f6d02ac31c45579f2f242aa6ae6b3529272d0d3729edff7cdb9079546046f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:77:7b:0a:08:ba:d1:a1:46:e4:a6:04:9d:98:
56:45:2e:68:f3:2c:2a:76:8d:0d:f7:df:c7:ad:4b:
4f:d1:6c:96:85:1c:aa:50:98:eb:d6:05:25:63:82:
cb:ba:f9:0b:7f:c3:54:01:6d:d7:4b:d0:fc:99:94:
24:ff:70:bf:18:dd:24:24:57:33:5a:76:2c:a5:97:
b9:bc:52:6a:ce:e0:f4:e4:57:df:63:0c:5d:b4:ab:
77:61:b8:ff:9b:cc:8b:30:6c:dd:58:88:90:f2:02:
38:d2:75:2d:d5:e0:98:fa:c0:a4:79:41:e1:54:32:
cf:00:08:03:1d:7d:29:88:4a:06:16:35:1a:3d:ac:
84:1e:59:ee:03:05:47:1b:fa:f9:c3:6d:1b:f4:a7:
45:ae:97:99:7a:f4:81:22:66:d2:0e:b6:e2:9e:2a:
ed:da:2d:7b:19:ea:b4:8b:de:c9:24:b6:35:a2:13:
05:15:ba:92:60:e8:30:ef:be:91:86:25:8f:49:23:
d8:c2:56:10:e4:93:f6:65:7c:ea:10:bd:c1:87:95:
75:e8:10:06:d5:f1:c1:56:44:e1:59:bc:ba:3e:d1:
b4:c2:1f:4b:df:c6:0b:b5:93:ce:12:fc:f3:b7:6a:
84:b9:69:b5:ca:eb:2a:31:b4:8c:22:97:a0:b2:2a:
b2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:1C:40:E7:53:47:1F:63:47:73:1A:DE:B3:FA:50:4A:1C:E7:11:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
92:b9:36:e4:0a:fa:c6:23:a5:69:b8:0a:09:b2:54:27:ad:fa:
f4:89:55:cd:4a:0c:6c:40:a8:a3:23:1b:de:3f:70:51:17:52:
9d:fc:8e:cf:24:d3:6e:30:4b:2d:e2:c0:44:55:16:17:2f:bb:
e6:c3:1b:fe:df:5a:7a:aa:51:40:f4:08:92:97:6d:46:b4:94:
ac:28:37:0f:85:11:b0:47:9f:45:7c:bc:a9:9d:6a:47:83:54:
ae:18:c2:55:b0:a8:95:e4:76:f0:87:5b:e6:c5:5e:eb:e0:96:
79:ad:71:40:92:cb:57:71:96:24:e1:f3:82:12:c6:6c:9f:5d:
7c:7e:ca:57:f9:8f:1f:31:df:33:75:89:1c:8a:48:d5:cf:77:
d1:0f:e2:62:8c:95:a6:47:eb:86:53:c8:0b:96:b1:43:0a:a3:
19:55:d5:0a:ba:99:98:8f:41:2b:41:d1:6c:82:d7:42:20:f3:
b8:7f:b1:e4:5f:2f:49:3b:27:d3:d7:81:62:32:d9:6b:9a:0c:
7d:c2:66:e6:4a:d3:2f:af:ce:f1:1d:5b:49:86:7a:df:e9:09:
e2:c9:6b:89:0c:2f:eb:a3:00:19:97:16:f0:a7:1f:1e:3a:3c:
63:fe:f1:78:bd:66:d4:32:19:f7:d6:1c:8a:bf:f1:ac:86:e7:
b8:20:39:d1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIhkITlOL5xaOAcdnQ3YI+z62sG8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODQxMzRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlN2Y2ZDAyYWMzMWM0NTU3OWYyZjI0MmFhNmFlNmIzNTI5MjcyZDBkMzcy
OWVkZmY3Y2RiOTA3OTU0NjA0NmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ93ewoIutGhRuSmBJ2YVkUuaPMsKnaNDfffx61LT9FsloUcqlCY69YFJWOC
y7r5C3/DVAFt10vQ/JmUJP9wvxjdJCRXM1p2LKWXubxSas7g9ORX32MMXbSrd2G4
/5vMizBs3ViIkPICONJ1LdXgmPrApHlB4VQyzwAIAx19KYhKBhY1Gj2shB5Z7gMF
Rxv6+cNtG/SnRa6XmXr0gSJm0g624p4q7dotexnqtIveySS2NaITBRW6kmDoMO++
kYYlj0kj2MJWEOST9mV86hC9wYeVdegQBtXxwVZE4Vm8uj7RtMIfS9/GC7WTzhL8
87dqhLlptcrrKjG0jCKXoLIqsq8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQKHEDn
U0cfY0dzGt6z+lBKHOcRHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWFhMzg0ODYtY2Q1My00ZjQ4LTg5MWQtYTAxOTFlZGYwNGExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAkrk25Ar6xiOlabgKCbJUJ6369IlVzUoMbECo
oyMb3j9wURdSnfyOzyTTbjBLLeLARFUWFy+75sMb/t9aeqpRQPQIkpdtRrSUrCg3
D4URsEefRXy8qZ1qR4NUrhjCVbColeR28Idb5sVe6+CWea1xQJLLV3GWJOHzghLG
bJ9dfH7KV/mPHzHfM3WJHIpI1c930Q/iYoyVpkfrhlPIC5axQwqjGVXVCrqZmI9B
K0HRbILXQiDzuH+x5F8vSTsn09eBYjLZa5oMfcJm5krTL6/O8R1bSYZ63+kJ4slr
iQwv66MAGZcW8KcfHjo8Y/7xeL1m1DIZ99Ycir/xrIbnuCA50Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:17 2025 by rpki-client