Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
File: 1af8ee5d-0148-4672-a9da-a1980cfe4768.roa (raw, json)
Hash identifier: l1J6WmlbXUEKqFn6nmspWU3cM8uWd4zD449xrOb5rxM=
Subject key identifier: 03:4F:7C:A0:34:9F:16:5F:25:B8:38:26:50:92:22:4F:FE:51:92:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1ABE887962E37AB480184ED47AAE56D0F53EAB82
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
Signing time: Fri 26 Sep 2025 19:01:45 +0000
ROA not before: Fri 26 Sep 2025 19:01:45 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:be:88:79:62:e3:7a:b4:80:18:4e:d4:7a:ae:56:d0:f5:3e:ab:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:01:45 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=79c6c821e8355154cdcd4dad6df48165b051bd6dfc28f88dcc4b1a874b51b11b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f2:ce:7e:01:35:a6:df:ae:fa:bf:a1:9f:79:
71:83:a1:0c:fb:43:2a:29:2c:7b:e1:38:2b:14:95:
1a:93:fa:31:7c:dc:37:bf:6a:e4:84:60:69:d0:af:
d8:5e:a2:01:62:21:4b:6e:38:d7:58:7f:07:f8:eb:
18:ed:99:80:4e:12:b9:92:cb:09:f7:44:e9:44:60:
71:cc:3e:7a:5e:b0:f9:9d:00:5e:c7:a5:1b:03:e0:
ed:3e:7c:61:23:6f:07:9c:2b:17:78:fa:b4:52:3c:
14:d5:3e:7c:8b:41:4e:05:4a:a2:7b:c4:76:66:17:
8d:b8:8b:e6:3f:6c:d8:2f:8d:b1:b7:f7:f4:5e:8a:
5e:75:47:5c:a1:b2:20:d0:84:0b:83:a6:49:91:3a:
fa:85:07:8c:37:4b:75:3c:fb:de:2e:f8:90:79:b8:
17:c6:4f:1c:a7:7e:18:d7:9f:ec:1a:e2:b6:4d:3d:
21:db:02:0c:8c:90:d6:46:cb:50:3c:92:7c:9f:9e:
a9:1d:e3:59:02:72:3e:53:6e:81:68:4e:20:3d:13:
43:35:39:c7:b5:ef:91:0a:f7:37:7b:67:74:61:0e:
6b:6d:87:30:9c:8a:1e:bf:1b:3b:cc:00:6e:c8:2e:
94:64:d1:56:15:17:f1:3b:ed:a8:6b:73:22:a7:78:
90:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:4F:7C:A0:34:9F:16:5F:25:B8:38:26:50:92:22:4F:FE:51:92:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8080::/48
Signature Algorithm: sha256WithRSAEncryption
0e:b8:a7:13:dc:64:5a:69:2a:99:f6:9c:29:1f:1d:1f:fe:a6:
ba:e8:5c:81:51:93:0a:cb:44:95:83:e7:38:4f:f1:cc:47:2b:
8b:50:69:fd:98:f0:dc:08:0a:7d:c1:76:d8:6c:07:d0:17:8f:
1b:eb:6d:96:85:bf:a0:dc:53:27:32:d3:ce:a4:c7:4d:06:dc:
86:0d:09:e6:df:61:b0:7d:a9:d0:60:60:7e:9f:f3:b9:e0:f8:
78:3d:65:a3:af:c0:03:65:f7:d3:c3:ee:e6:52:2b:33:9c:89:
54:f6:ab:e6:36:60:15:e2:7b:75:8d:9f:a8:73:22:3e:ea:b6:
58:d2:05:fd:f9:5c:7b:60:57:e3:d0:0c:6a:de:ce:60:4d:7c:
d8:c9:aa:fe:84:77:86:50:e8:23:58:ce:05:ad:dc:b3:76:31:
2d:9d:dc:3d:70:f6:93:52:f7:35:19:b7:bd:52:5c:56:ba:59:
08:72:17:45:b4:fe:17:9a:36:81:bc:d0:2a:ea:ee:03:7e:ff:
88:18:aa:2c:48:31:91:11:ff:54:c5:09:85:02:42:f7:74:e4:
11:51:22:e0:59:9c:c7:9a:57:2b:0e:ac:0e:fa:45:8b:76:40:
60:f0:39:85:2e:43:7b:3e:e3:41:b9:0f:2e:bc:c5:05:a8:dc:
2b:68:3c:cc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGr6IeWLjerSAGE7Ueq5W0PU+q4IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTAxNDVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5YzZjODIxZTgzNTUxNTRjZGNkNGRhZDZkZjQ4MTY1YjA1MWJkNmRmYzI4
Zjg4ZGNjNGIxYTg3NGI1MWIxMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/yzn4BNabfrvq/oZ95cYOhDPtDKikse+E4KxSVGpP6MXzcN79q5IRgadCv
2F6iAWIhS24411h/B/jrGO2ZgE4SuZLLCfdE6URgccw+el6w+Z0AXselGwPg7T58
YSNvB5wrF3j6tFI8FNU+fItBTgVKonvEdmYXjbiL5j9s2C+Nsbf39F6KXnVHXKGy
INCEC4OmSZE6+oUHjDdLdTz73i74kHm4F8ZPHKd+GNef7Britk09IdsCDIyQ1kbL
UDySfJ+eqR3jWQJyPlNugWhOID0TQzU5x7XvkQr3N3tndGEOa22HMJyKHr8bO8wA
bsgulGTRVhUX8TvtqGtzIqd4kGECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQDT3yg
NJ8WXyW4OCZQkiJP/lGSwjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWFmOGVlNWQtMDE0OC00NjcyLWE5ZGEtYTE5ODBjZmU0NzY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
gDANBgkqhkiG9w0BAQsFAAOCAQEADrinE9xkWmkqmfacKR8dH/6muuhcgVGTCstE
lYPnOE/xzEcri1Bp/Zjw3AgKfcF22GwH0BePG+ttloW/oNxTJzLTzqTHTQbchg0J
5t9hsH2p0GBgfp/zueD4eD1lo6/AA2X308Pu5lIrM5yJVPar5jZgFeJ7dY2fqHMi
Puq2WNIF/flce2BX49AMat7OYE182Mmq/oR3hlDoI1jOBa3cs3YxLZ3cPXD2k1L3
NRm3vVJcVrpZCHIXRbT+F5o2gbzQKuruA37/iBiqLEgxkRH/VMUJhQJC93TkEVEi
4Fmcx5pXKw6sDvpFi3ZAYPA5hS5Dez7jQbkPLrzFBajcK2g8zA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:29 2025 by rpki-client