Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
File: 1ec007f6-6684-43b6-8751-2e5b258a98b3.roa (raw, json)
Hash identifier: iQ6GnJdOrJMUt5Jlnmh085gjiTLyCFFaiuJ0mv1AbvE=
Subject key identifier: AE:42:4E:EF:C6:52:0C:A4:76:1F:2E:50:BB:43:34:A7:7D:83:F4:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D50F78D526E704BD4964829F8D2D5AC041046DC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
Signing time: Fri 26 Sep 2025 19:21:31 +0000
ROA not before: Fri 26 Sep 2025 19:21:31 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:50:f7:8d:52:6e:70:4b:d4:96:48:29:f8:d2:d5:ac:04:10:46:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:21:31 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=6a82caa3f8a1c82a3f7a9c4203aa1a7e654de48de933c705a5e61f60dd6bdf21, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f0:77:fa:04:1e:38:6d:a9:6a:01:2d:bf:48:
a1:d9:dd:a8:be:65:0e:da:4b:19:3a:43:5c:bd:af:
fa:2b:13:dc:e6:2d:92:16:a2:3a:a7:a3:29:d8:ba:
1b:3b:7e:da:03:ae:4c:74:1c:ac:29:0b:70:c0:ec:
b2:b9:b1:e5:5b:91:74:d8:0d:21:39:0d:ca:b3:3a:
e2:50:2b:59:f8:0f:30:05:00:00:7f:5a:b5:4e:9a:
d3:57:42:9e:08:ca:e8:e9:87:cd:c1:91:1a:b5:59:
22:d2:11:46:6c:7c:11:8f:49:b0:94:87:82:8a:e1:
3a:4d:cd:b8:81:60:92:97:d8:f6:77:fb:68:55:40:
fe:94:8b:ee:2c:56:90:eb:cc:ff:24:50:0d:91:3c:
a3:85:bb:be:ea:22:31:c6:c4:2d:b6:85:90:26:52:
59:48:bc:04:fe:68:99:18:81:a9:d4:89:eb:87:5a:
7d:bb:24:07:d0:8f:83:7d:49:4c:4f:89:6e:fb:a5:
f5:75:9a:4d:9b:5f:a8:98:87:b1:7b:fb:fb:46:5d:
af:ea:54:54:d6:bc:a8:c6:5c:a4:ef:43:e3:f1:dc:
0b:ce:15:c9:14:1d:3f:59:0b:4e:5f:62:df:35:f5:
b6:4e:a3:d7:06:ee:82:f6:2e:d8:ce:1e:d2:33:85:
5f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:42:4E:EF:C6:52:0C:A4:76:1F:2E:50:BB:43:34:A7:7D:83:F4:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:2000::/40
Signature Algorithm: sha256WithRSAEncryption
89:0e:cd:22:c8:e6:72:67:21:bc:b0:ea:8e:80:26:b8:6d:d0:
f3:0f:e8:38:bf:77:67:0d:99:af:31:01:03:e3:01:68:a1:5a:
d9:db:79:3b:8a:49:d8:34:52:d5:66:28:60:2e:e6:83:b3:34:
20:7a:97:38:9b:c0:42:d6:c7:ad:57:3a:f1:c2:5a:b0:96:a9:
11:2e:e1:d8:bb:a0:55:d0:b4:77:14:5d:dd:94:4e:0d:8a:1f:
aa:6c:df:c0:71:d0:a8:98:b9:29:1a:b8:b5:70:b7:15:9c:5e:
78:c1:8a:a5:b8:ef:42:b1:bb:ed:28:40:58:4b:cb:8b:78:22:
c4:22:ad:e0:07:34:23:0e:a4:79:de:a6:99:54:bb:df:60:0c:
d5:63:14:1e:75:24:65:11:39:de:31:b9:cd:ee:f8:32:dd:45:
d3:d7:f6:b4:1a:d2:22:68:cf:e4:c1:ba:09:3f:df:c4:25:b5:
04:eb:fd:aa:87:d8:e3:30:4a:91:3e:0d:a3:e7:3c:72:d7:9f:
bf:80:a9:bf:ec:a4:49:b1:78:cb:ec:7a:ca:e9:71:4d:02:9e:
6c:b1:5b:27:6b:24:a9:08:1b:ed:3a:27:fe:5d:64:0d:27:de:
34:b8:76:de:f3:53:56:5e:9d:70:62:0d:7a:96:59:f6:a8:a4:
5d:6c:21:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULVD3jVJucEvUlkgp+NLVrAQQRtwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTIxMzFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhODJjYWEzZjhhMWM4MmEzZjdhOWM0MjAzYWExYTdlNjU0ZGU0OGRlOTMz
YzcwNWE1ZTYxZjYwZGQ2YmRmMjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvwd/oEHjhtqWoBLb9IodndqL5lDtpLGTpDXL2v+isT3OYtkhaiOqejKdi6
Gzt+2gOuTHQcrCkLcMDssrmx5VuRdNgNITkNyrM64lArWfgPMAUAAH9atU6a01dC
ngjK6OmHzcGRGrVZItIRRmx8EY9JsJSHgorhOk3NuIFgkpfY9nf7aFVA/pSL7ixW
kOvM/yRQDZE8o4W7vuoiMcbELbaFkCZSWUi8BP5omRiBqdSJ64dafbskB9CPg31J
TE+Jbvul9XWaTZtfqJiHsXv7+0Zdr+pUVNa8qMZcpO9D4/HcC84VyRQdP1kLTl9i
3zX1tk6j1wbugvYu2M4e0jOFXx8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSuQk7v
xlIMpHYfLlC7QzSnfYP0xjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWVjMDA3ZjYtNjY4NC00M2I2LTg3NTEtMmU1YjI1OGE5OGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQg
MA0GCSqGSIb3DQEBCwUAA4IBAQCJDs0iyOZyZyG8sOqOgCa4bdDzD+g4v3dnDZmv
MQED4wFooVrZ23k7iknYNFLVZihgLuaDszQgepc4m8BC1setVzrxwlqwlqkRLuHY
u6BV0LR3FF3dlE4Nih+qbN/AcdComLkpGri1cLcVnF54wYqluO9CsbvtKEBYS8uL
eCLEIq3gBzQjDqR53qaZVLvfYAzVYxQedSRlETneMbnN7vgy3UXT1/a0GtIiaM/k
wboJP9/EJbUE6/2qh9jjMEqRPg2j5zxy15+/gKm/7KRJsXjL7HrK6XFNAp5ssVsn
aySpCBvtOif+XWQNJ940uHbe81NWXp1wYg16lln2qKRdbCGi
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:46:58 2025 by rpki-client