Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2562684d-020c-40d9-b3bb-3fcb4c638494.roa
File: 2562684d-020c-40d9-b3bb-3fcb4c638494.roa (raw, json)
Hash identifier: Zny1n6gWyjQqdV7ydxmKM19a/DaEIHZeplDnyOv2x3c=
Subject key identifier: 03:F7:40:CA:B2:73:87:2E:D4:47:8A:80:AA:41:16:54:A5:FA:52:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22A2B3C8CB82C9EE641DB9CBA4BA935B9BE14B55
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2562684d-020c-40d9-b3bb-3fcb4c638494.roa
Signing time: Fri 10 Oct 2025 17:05:04 +0000
ROA not before: Fri 10 Oct 2025 17:05:04 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:a2:b3:c8:cb:82:c9:ee:64:1d:b9:cb:a4:ba:93:5b:9b:e1:4b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:05:04 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=a3c38ee1d268c1aea34ae4f6cbcf63d7501432528c56675f968d7ad95e3f2d96, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:71:41:64:d3:4b:8a:d6:5e:03:ca:a9:5d:a6:
15:57:81:98:b2:34:31:b3:62:96:eb:70:c3:d3:8e:
e6:88:8a:1a:a1:e6:1a:55:25:8b:8f:d8:d0:a0:47:
84:d0:16:8d:b8:61:a3:dc:fe:55:01:9d:9e:a6:b4:
3a:9d:e5:19:64:ae:72:d7:7e:8f:29:9f:0c:a2:6b:
44:92:5b:84:84:07:86:9c:f2:fb:0f:b3:5d:e0:8d:
7c:61:15:99:0d:08:d5:b6:d5:da:77:e8:db:e6:53:
c0:10:b7:bd:e6:ab:99:3e:4d:87:2a:89:4a:db:ab:
2f:0b:d0:6c:24:60:fb:1a:9c:6c:53:b3:a9:9e:21:
28:ae:02:84:3d:06:63:ef:93:14:4f:01:a9:61:41:
58:5d:15:51:db:c4:43:c8:53:66:0a:ca:a0:d6:29:
8b:fd:47:16:84:cd:43:4e:d9:a4:5b:5e:37:7b:b0:
a5:b0:71:41:95:9f:c5:f1:43:56:02:08:4f:ec:11:
06:cb:e2:83:3f:cf:d5:f5:7d:07:6c:29:5c:81:d5:
98:b9:fd:27:03:50:ff:c2:df:9e:31:87:f1:b2:da:
0c:02:48:d2:90:da:ed:e1:0d:8b:40:f7:ef:2d:74:
3f:7d:47:89:1a:82:7c:e6:1f:ed:9a:ec:18:a8:42:
6b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F7:40:CA:B2:73:87:2E:D4:47:8A:80:AA:41:16:54:A5:FA:52:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2562684d-020c-40d9-b3bb-3fcb4c638494.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:9000::/40
Signature Algorithm: sha256WithRSAEncryption
15:41:8d:34:b3:31:86:3c:6e:42:ad:c1:43:0d:c4:0e:a5:92:
6c:e6:1e:45:2a:69:8c:14:37:86:31:7d:4b:32:dd:2d:2e:4b:
f3:43:d3:ad:3e:84:75:27:85:7d:7f:40:83:ad:dd:30:52:09:
14:1f:c8:e1:1e:35:b2:f6:c8:83:70:16:c8:7f:00:4b:21:8f:
8f:e7:fe:88:be:ff:79:81:57:b2:1f:6b:d5:96:a8:7c:1a:30:
0d:43:e8:64:b1:3d:98:46:9a:7b:dd:b0:93:9f:eb:2b:09:0a:
c6:c3:d8:24:04:6c:bc:ae:88:d8:71:84:b5:8a:e6:c2:bd:c0:
a1:9c:4c:cb:fd:0f:42:46:b4:ee:ef:de:35:07:16:31:96:80:
47:9e:c5:fa:94:1c:8d:da:c1:cd:94:d9:16:8e:fa:4f:1f:42:
36:c7:04:86:18:f4:91:57:16:4f:92:00:ff:a3:90:03:37:f6:
fb:61:d4:c7:c3:47:eb:fe:35:30:22:77:b7:bc:8d:b6:67:08:
84:88:b0:6e:df:dd:33:3a:f3:fe:75:62:ea:7e:aa:e2:c6:00:
23:89:d9:13:82:35:5f:b4:65:dd:c3:55:ff:83:d6:a0:05:c2:
15:39:b9:fe:a5:e3:2d:e4:f8:df:b6:c2:98:83:68:c6:08:98:
2b:20:5c:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIqKzyMuCye5kHbnLpLqTW5vhS1UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzA1MDRaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzYzM4ZWUxZDI2OGMxYWVhMzRhZTRmNmNiY2Y2M2Q3NTAxNDMyNTI4YzU2
Njc1Zjk2OGQ3YWQ5NWUzZjJkOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZxQWTTS4rWXgPKqV2mFVeBmLI0MbNilutww9OO5oiKGqHmGlUli4/Y0KBH
hNAWjbhho9z+VQGdnqa0Op3lGWSuctd+jymfDKJrRJJbhIQHhpzy+w+zXeCNfGEV
mQ0I1bbV2nfo2+ZTwBC3vearmT5NhyqJSturLwvQbCRg+xqcbFOzqZ4hKK4ChD0G
Y++TFE8BqWFBWF0VUdvEQ8hTZgrKoNYpi/1HFoTNQ07ZpFteN3uwpbBxQZWfxfFD
VgIIT+wRBsvigz/P1fV9B2wpXIHVmLn9JwNQ/8LfnjGH8bLaDAJI0pDa7eENi0D3
7y10P31HiRqCfOYf7ZrsGKhCaxcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQD90DK
snOHLtRHioCqQRZUpfpSjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjU2MjY4NGQtMDIwYy00MGQ5LWIzYmItM2ZjYjRjNjM4NDk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAVQY00szGGPG5CrcFDDcQOpZJs5h5FKmmMFDeG
MX1LMt0tLkvzQ9OtPoR1J4V9f0CDrd0wUgkUH8jhHjWy9siDcBbIfwBLIY+P5/6I
vv95gVeyH2vVlqh8GjANQ+hksT2YRpp73bCTn+srCQrGw9gkBGy8rojYcYS1iubC
vcChnEzL/Q9CRrTu7941BxYxloBHnsX6lByN2sHNlNkWjvpPH0I2xwSGGPSRVxZP
kgD/o5ADN/b7YdTHw0fr/jUwIne3vI22ZwiEiLBu390zOvP+dWLqfqrixgAjidkT
gjVftGXdw1X/g9agBcIVObn+peMt5PjftsKYg2jGCJgrIFy2
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:09:27 2025 by rpki-client