Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa
File: 1db7d6f9-20a2-495c-9303-96004ae64814.roa (raw, json)
Hash identifier: 0B0ICoNsrbNNeBJLAZ1BE/Ac3swWZnyi+4Wddn2bkJw=
Subject key identifier: 81:B0:BA:4B:12:B6:5A:D3:8F:AB:CF:E8:2D:1F:1C:13:B1:7C:43:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F175F0B529848B911F704035D2630D67B60F29B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa
Signing time: Sun 19 Oct 2025 07:00:10 +0000
ROA not before: Sun 19 Oct 2025 07:00:10 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:17:5f:0b:52:98:48:b9:11:f7:04:03:5d:26:30:d6:7b:60:f2:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 19 07:00:10 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=06d9e11031ef66adc0c3a5617f68899cdd9f9cf7513c1c49ccfcb522c54d79dd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:03:57:58:ac:8d:53:43:53:34:59:a6:93:ee:
91:83:86:8b:74:4c:18:6f:0b:75:26:42:fa:18:18:
c0:60:d6:da:0c:82:17:3f:da:8e:b9:ae:be:80:9d:
8d:69:55:61:d6:86:98:a6:34:63:dc:a0:c1:f6:76:
87:47:e7:99:c5:2c:9a:80:aa:ec:fd:2d:d3:4f:fc:
73:f7:b5:c3:f2:b1:8b:3e:19:87:0f:4b:fe:b9:93:
e3:06:9f:a0:e9:2f:48:1f:6a:04:cb:24:0c:34:29:
6a:8a:fc:c8:ae:ad:e9:6c:8b:1f:47:ad:ee:05:59:
24:3a:b4:17:47:09:bd:b0:41:8f:90:e1:08:90:10:
56:21:d4:be:d6:b3:d4:b1:2f:06:34:f2:c1:c0:8d:
28:00:9e:0c:5b:ce:32:15:01:15:b5:26:b7:59:8a:
ba:94:f4:2d:09:cf:f5:51:fd:ef:8f:86:6b:18:8b:
3b:aa:88:89:c5:74:e4:ea:37:e7:1f:0d:f7:8f:56:
8e:be:70:31:42:d6:67:8e:bf:08:65:ca:1f:5e:ce:
b5:10:d6:6f:bc:51:be:7c:68:d6:f4:bd:09:73:32:
a5:23:b3:c0:4f:10:95:a6:db:59:79:d9:f3:b0:e1:
94:17:47:d6:95:49:94:84:49:01:31:5d:7b:3d:0c:
0a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B0:BA:4B:12:B6:5A:D3:8F:AB:CF:E8:2D:1F:1C:13:B1:7C:43:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
6f:73:e2:df:a2:00:59:08:a7:ec:a7:2e:2d:2f:69:00:fb:06:
f8:ee:04:8c:c1:8b:42:ba:63:cf:25:a3:3b:7f:7e:1a:7f:8a:
e9:84:12:45:3d:54:2b:79:9b:92:30:30:84:4d:28:7e:95:05:
fa:e6:9d:97:0d:59:bf:40:94:b1:54:80:01:97:aa:09:5b:f5:
1b:7c:63:91:12:2b:bf:fd:4a:03:8e:a6:de:d3:77:3e:23:18:
72:92:cd:2f:67:d6:27:7f:0c:70:88:01:c7:57:9f:d0:c2:05:
0d:57:6a:1f:19:9f:56:c7:d3:81:d4:5e:a0:43:f8:9b:23:df:
37:3b:e9:b7:ef:dc:8e:a9:ee:80:7f:69:2b:32:4c:d0:e6:5d:
f9:b9:05:24:d4:3c:86:88:fb:6d:83:c0:07:0f:82:ab:06:d8:
d5:c9:cb:db:60:24:10:3e:d3:c8:7b:4c:d8:d4:84:e1:79:1a:
36:56:aa:e8:66:62:9c:4d:39:ea:a7:68:cd:74:85:6e:c0:23:
49:06:a1:ba:7d:1c:d5:d8:d2:1a:6b:5b:30:7b:d5:77:d3:62:
e7:2f:3e:2c:0f:93:6e:61:e0:98:d0:bc:76:04:e5:69:2c:cb:
d6:a3:2c:3e:c5:ce:6a:7f:73:67:00:2a:27:a5:7f:cf:60:a4:
14:65:22:4f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbxdfC1KYSLkR9wQDXSYw1ntg8pswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTkwNzAwMTBaFw0yNTExMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2ZDllMTEwMzFlZjY2YWRjMGMzYTU2MTdmNjg4OTljZGQ5ZjljZjc1MTNj
MWM0OWNjZmNiNTIyYzU0ZDc5ZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0DV1isjVNDUzRZppPukYOGi3RMGG8LdSZC+hgYwGDW2gyCFz/ajrmuvoCd
jWlVYdaGmKY0Y9ygwfZ2h0fnmcUsmoCq7P0t00/8c/e1w/Kxiz4Zhw9L/rmT4waf
oOkvSB9qBMskDDQpaor8yK6t6WyLH0et7gVZJDq0F0cJvbBBj5DhCJAQViHUvtaz
1LEvBjTywcCNKACeDFvOMhUBFbUmt1mKupT0LQnP9VH974+GaxiLO6qIicV05Oo3
5x8N949Wjr5wMULWZ46/CGXKH17OtRDWb7xRvnxo1vS9CXMypSOzwE8QlabbWXnZ
87DhlBdH1pVJlIRJATFdez0MCjECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSBsLpL
ErZa04+rz+gtHxwTsXxDrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWRiN2Q2ZjktMjBhMi00OTVjLTkzMDMtOTYwMDRhZTY0ODE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I
wDANBgkqhkiG9w0BAQsFAAOCAQEAb3Pi36IAWQin7KcuLS9pAPsG+O4EjMGLQrpj
zyWjO39+Gn+K6YQSRT1UK3mbkjAwhE0ofpUF+uadlw1Zv0CUsVSAAZeqCVv1G3xj
kRIrv/1KA46m3tN3PiMYcpLNL2fWJ38McIgBx1ef0MIFDVdqHxmfVsfTgdReoEP4
myPfNzvpt+/cjqnugH9pKzJM0OZd+bkFJNQ8hoj7bYPABw+CqwbY1cnL22AkED7T
yHtM2NSE4XkaNlaq6GZinE056qdozXSFbsAjSQahun0c1djSGmtbMHvVd9Ni5y8+
LA+TbmHgmNC8dgTlaSzL1qMsPsXOan9zZwAqJ6V/z2CkFGUiTw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:43 2025 by rpki-client