Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa
File: 22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa (raw, json)
Hash identifier: 9P13kFyHY/FVNF1RyEozNXltzgdOSfMdbUZhkLuk0/A=
Subject key identifier: E4:EF:BC:FE:84:03:9C:EF:23:59:2F:E8:E8:71:44:22:AD:12:03:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26F718DDF6D66976034FE7DA02C4894117A4F561
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa
Signing time: Fri 26 Sep 2025 19:51:05 +0000
ROA not before: Fri 26 Sep 2025 19:51:05 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:f7:18:dd:f6:d6:69:76:03:4f:e7:da:02:c4:89:41:17:a4:f5:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:51:05 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=1b7fd8e809eccf3e9578c529bc655216d5a86dd02e47a6e5fd93dd33bf9da6bd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1c:0d:5e:33:ef:29:0d:7b:53:94:57:f4:e4:
fd:34:35:89:5e:c6:5c:73:fa:02:88:ff:26:c0:4a:
b0:3a:22:0e:7a:36:63:d2:8b:99:dd:88:e5:8e:23:
1a:cf:98:92:52:12:ab:ff:e0:72:ca:71:15:3d:19:
4b:5f:89:85:98:0d:f9:c0:c1:ee:2e:6b:9c:90:fa:
66:4d:40:1b:af:97:2d:59:0c:b7:db:40:74:78:21:
1a:a5:ef:08:48:9c:5a:0a:56:3b:bd:6f:c5:60:47:
18:43:5e:14:3d:f6:de:1e:a1:63:3f:6e:27:8b:63:
b8:fd:05:9e:f7:c3:a9:94:f5:02:86:eb:e5:0c:e0:
32:70:29:a7:4e:aa:db:0e:c2:40:f2:4c:66:75:4a:
8b:d8:a5:4c:b5:03:da:fc:87:89:4b:e1:b4:60:00:
77:6e:34:fc:66:bb:50:9d:ef:bb:4a:d7:e8:97:83:
fb:3b:96:47:44:00:66:48:1c:97:4f:c4:40:d5:ab:
ef:23:f2:1b:d3:ce:93:1d:bc:33:87:57:43:19:82:
d4:a9:cf:aa:42:23:67:d8:18:14:37:5f:98:e1:78:
7b:2f:7f:41:65:a9:f8:d9:76:a6:30:69:bf:8e:92:
4c:45:9e:28:3f:f2:40:8b:02:52:6e:3c:cf:bb:f9:
b2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:EF:BC:FE:84:03:9C:EF:23:59:2F:E8:E8:71:44:22:AD:12:03:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:4000::/40
Signature Algorithm: sha256WithRSAEncryption
67:10:c3:7d:fd:00:3d:c3:56:aa:cc:82:c8:0c:d5:4c:4f:c1:
5d:39:41:03:9a:5b:a4:a7:0f:3f:95:94:bd:70:66:ba:14:81:
ad:4a:ef:3a:51:57:62:28:bc:bd:83:16:4c:79:24:80:5b:f5:
9f:b4:a0:f0:be:3b:ff:fe:6e:bf:f3:a8:ea:80:0f:dd:24:2c:
f4:f6:98:69:f7:ea:c9:fa:11:a9:d4:14:e8:07:af:56:19:aa:
41:86:52:00:c7:60:77:cf:0f:df:32:d8:28:8f:66:11:a5:e7:
a2:d7:b1:ab:59:5b:c0:08:e6:53:d7:05:7d:89:51:83:1f:6c:
a8:f8:67:f4:ad:d9:d3:35:38:e9:c7:d2:75:11:b1:b5:57:4b:
e1:f2:59:1e:6f:71:0e:ad:67:0e:e5:60:82:9c:6c:ab:63:41:
6e:01:4c:59:8d:24:2f:c9:a6:96:dc:c8:17:a7:4e:14:c6:f4:
01:6e:a6:45:0d:80:bc:41:ac:66:9a:59:4b:f4:a2:88:8b:2a:
6a:63:6d:2d:b4:f2:4e:e6:07:a9:ca:90:71:4c:bf:d0:d4:09:
e6:d8:31:c1:de:42:02:39:07:5d:45:35:be:87:e1:47:ef:28:
55:eb:0b:06:5f:90:a8:ea:e2:27:ff:b4:96:82:2d:94:72:8f:
5e:7a:d1:fc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJvcY3fbWaXYDT+faAsSJQRek9WEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTUxMDVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiN2ZkOGU4MDllY2NmM2U5NTc4YzUyOWJjNjU1MjE2ZDVhODZkZDAyZTQ3
YTZlNWZkOTNkZDMzYmY5ZGE2YmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwcDV4z7ykNe1OUV/Tk/TQ1iV7GXHP6Aoj/JsBKsDoiDno2Y9KLmd2I5Y4j
Gs+YklISq//gcspxFT0ZS1+JhZgN+cDB7i5rnJD6Zk1AG6+XLVkMt9tAdHghGqXv
CEicWgpWO71vxWBHGENeFD323h6hYz9uJ4tjuP0FnvfDqZT1Aobr5QzgMnApp06q
2w7CQPJMZnVKi9ilTLUD2vyHiUvhtGAAd240/Ga7UJ3vu0rX6JeD+zuWR0QAZkgc
l0/EQNWr7yPyG9POkx28M4dXQxmC1KnPqkIjZ9gYFDdfmOF4ey9/QWWp+Nl2pjBp
v46STEWeKD/yQIsCUm48z7v5sq8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTk77z+
hAOc7yNZL+jocUQirRIDHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjJjYjIwYmMtODA2My00MTY5LTllNGItYTNhZDI5YWVlZGM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBA
MA0GCSqGSIb3DQEBCwUAA4IBAQBnEMN9/QA9w1aqzILIDNVMT8FdOUEDmlukpw8/
lZS9cGa6FIGtSu86UVdiKLy9gxZMeSSAW/WftKDwvjv//m6/86jqgA/dJCz09php
9+rJ+hGp1BToB69WGapBhlIAx2B3zw/fMtgoj2YRpeei17GrWVvACOZT1wV9iVGD
H2yo+Gf0rdnTNTjpx9J1EbG1V0vh8lkeb3EOrWcO5WCCnGyrY0FuAUxZjSQvyaaW
3MgXp04UxvQBbqZFDYC8QaxmmllL9KKIiypqY20ttPJO5gepypBxTL/Q1Anm2DHB
3kICOQddRTW+h+FH7yhV6wsGX5Co6uIn/7SWgi2Uco9eetH8
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:02 2025 by rpki-client