Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2270e26b-c2b1-4cc3-800b-33825c0d723b.roa
File: 2270e26b-c2b1-4cc3-800b-33825c0d723b.roa (raw, json)
Hash identifier: SR/iRAQGqm2OPzIfvkwqXS8yrSiQrb90Hk9lGUHdtJk=
Subject key identifier: AB:0E:66:16:57:8E:57:B1:E4:89:CB:E1:B8:A8:48:1F:73:1C:ED:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E2D7D5AB841FB6CBBC3EED3A6166BDB2A08FA45
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2270e26b-c2b1-4cc3-800b-33825c0d723b.roa
Signing time: Fri 26 Sep 2025 19:41:16 +0000
ROA not before: Fri 26 Sep 2025 19:41:16 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:2d:7d:5a:b8:41:fb:6c:bb:c3:ee:d3:a6:16:6b:db:2a:08:fa:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:41:16 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=c7ad2fc9a8426a51e25a2ff45e977f7319e0ab68e23751662c9b9a09b230ee04, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6e:e3:8e:79:58:cb:66:2f:ba:77:5f:e3:79:
be:05:c2:dc:ad:cf:39:91:fc:bd:58:e3:dc:21:8b:
80:66:ea:9e:ea:d5:db:52:bc:27:0b:b0:c8:c8:5b:
01:3f:36:fa:13:a6:d0:94:ae:9e:64:55:7c:67:8c:
7a:d4:ee:34:12:d6:df:de:95:a4:cf:f4:7a:d1:a5:
ac:0b:10:83:5d:ec:91:33:f2:74:19:c5:0d:99:ad:
c6:54:15:b6:d4:7b:1d:4b:03:a8:41:bd:0f:af:a4:
87:1e:34:0f:09:a1:06:e9:34:56:7a:a4:3d:cb:23:
8c:a2:5f:86:f4:d3:24:86:75:01:cf:6a:a6:c5:5e:
f9:40:aa:00:0b:29:96:9a:6f:06:ff:d0:40:da:fb:
b7:04:f4:7b:6b:bc:51:d2:39:09:23:cc:b6:41:d4:
67:a2:c8:d4:e3:ef:b7:8f:fd:87:96:98:75:48:22:
1e:f2:b8:ef:39:b2:db:52:9a:42:d9:13:40:8f:9f:
68:90:a2:f5:2a:10:b7:04:36:14:99:56:b6:9e:c9:
50:5e:1f:98:e7:9d:ae:c9:2e:24:4c:8d:71:ce:32:
d5:88:05:a6:ed:60:e2:ee:e5:86:12:c9:53:40:5a:
1e:28:9d:0e:3d:e8:f1:a0:1d:ff:d9:2a:ec:ab:25:
55:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:0E:66:16:57:8E:57:B1:E4:89:CB:E1:B8:A8:48:1F:73:1C:ED:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2270e26b-c2b1-4cc3-800b-33825c0d723b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
3b:ca:1d:fe:40:cf:58:5b:bb:f8:28:72:7f:12:d8:d8:51:5d:
f8:83:74:01:44:7e:60:03:7a:c5:0f:41:95:55:04:02:9e:d9:
73:21:0c:47:6e:11:fb:32:cb:5a:32:de:25:7d:17:9d:af:55:
f0:dd:31:b3:2c:6a:97:07:5e:f5:c9:b7:1a:e6:e3:6f:76:b0:
b5:a2:d0:03:a8:94:33:31:7c:ca:f2:d8:bb:55:57:b7:18:63:
90:9c:30:40:56:a2:8c:ca:ed:ce:63:49:a2:8e:c1:6f:8e:31:
92:a9:35:40:58:23:56:d8:97:e5:f9:a1:b4:92:67:a2:22:41:
5a:da:18:d0:e4:47:ff:d4:ad:e0:ff:1f:aa:b5:ac:a5:d6:81:
fb:c2:2e:83:97:a5:ae:48:f3:8f:8b:a6:ac:59:1d:48:05:a0:
7c:ad:29:2c:99:71:b6:f5:14:d7:3b:05:bd:52:df:19:8f:c7:
97:dc:b7:79:52:94:f1:36:d8:c9:5b:7b:08:2f:ab:9a:11:8a:
60:be:27:1b:64:53:28:5e:5f:5d:83:2d:11:7d:88:c4:fa:09:
70:c7:f0:cc:74:54:f2:09:46:0a:5b:bb:2a:87:02:f8:eb:87:
d9:5f:28:f1:be:51:ce:65:6e:9a:0b:38:34:f9:18:80:31:3a:
5d:65:ea:0c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULi19WrhB+2y7w+7TphZr2yoI+kUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQxMTZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3YWQyZmM5YTg0MjZhNTFlMjVhMmZmNDVlOTc3ZjczMTllMGFiNjhlMjM3
NTE2NjJjOWI5YTA5YjIzMGVlMDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFu4455WMtmL7p3X+N5vgXC3K3POZH8vVjj3CGLgGbqnurV21K8JwuwyMhb
AT82+hOm0JSunmRVfGeMetTuNBLW396VpM/0etGlrAsQg13skTPydBnFDZmtxlQV
ttR7HUsDqEG9D6+khx40DwmhBuk0VnqkPcsjjKJfhvTTJIZ1Ac9qpsVe+UCqAAsp
lppvBv/QQNr7twT0e2u8UdI5CSPMtkHUZ6LI1OPvt4/9h5aYdUgiHvK47zmy21Ka
QtkTQI+faJCi9SoQtwQ2FJlWtp7JUF4fmOedrskuJEyNcc4y1YgFpu1g4u7lhhLJ
U0BaHiidDj3o8aAd/9kq7KslVY8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSrDmYW
V45XseSJy+G4qEgfcxztHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjI3MGUyNmItYzJiMS00Y2MzLTgwMGItMzM4MjVjMGQ3MjNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+w
MA0GCSqGSIb3DQEBCwUAA4IBAQA7yh3+QM9YW7v4KHJ/EtjYUV34g3QBRH5gA3rF
D0GVVQQCntlzIQxHbhH7MstaMt4lfRedr1Xw3TGzLGqXB171ybca5uNvdrC1otAD
qJQzMXzK8ti7VVe3GGOQnDBAVqKMyu3OY0mijsFvjjGSqTVAWCNW2Jfl+aG0kmei
IkFa2hjQ5Ef/1K3g/x+qtayl1oH7wi6Dl6WuSPOPi6asWR1IBaB8rSksmXG29RTX
OwW9Ut8Zj8eX3Ld5UpTxNtjJW3sIL6uaEYpgvicbZFMoXl9dgy0RfYjE+glwx/DM
dFTyCUYKW7sqhwL464fZXyjxvlHOZW6aCzg0+RiAMTpdZeoM
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:23 2025 by rpki-client