Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2773708c-e1eb-464f-a6a6-1ec206a634af.roa
File: 2773708c-e1eb-464f-a6a6-1ec206a634af.roa (raw, json)
Hash identifier: 2dL7+U/TNWa8XwAJ5thgZP3Zk0F/fzXK/uv5ZBMO6GU=
Subject key identifier: F0:A2:6B:3E:1F:47:D5:F0:18:87:75:32:23:60:40:1F:CB:A0:37:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1668BB270A093AC7DC5B8F2528516C97B480C31C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2773708c-e1eb-464f-a6a6-1ec206a634af.roa
Signing time: Mon 06 Oct 2025 17:50:11 +0000
ROA not before: Mon 06 Oct 2025 17:50:11 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:68:bb:27:0a:09:3a:c7:dc:5b:8f:25:28:51:6c:97:b4:80:c3:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:50:11 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=ad7ec6edaae8c935317810a2c048f9be419d6a205fb805b885e13b7198d2b79b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:64:6f:cc:c3:ea:53:88:4d:78:7b:1c:92:c2:
9a:8c:e7:e8:7e:f3:93:e5:51:01:9d:fe:db:24:d3:
e9:07:7d:df:9f:ec:6e:81:a5:85:76:78:bf:43:56:
72:5a:c2:de:44:29:40:bc:59:75:df:43:24:be:d8:
41:38:29:37:20:e2:5a:35:fc:fd:93:ac:b5:cc:9d:
25:bb:aa:bf:ee:c1:c7:9e:7f:5b:3b:01:4e:cb:6f:
be:86:32:00:04:1e:b7:5c:8a:a3:a2:93:4d:71:6e:
78:8b:0c:44:01:b0:c2:de:07:97:d3:6c:15:f1:30:
30:53:0e:ae:aa:f3:be:5e:e1:d9:43:de:9f:08:d9:
d5:f9:1a:04:46:f3:10:96:54:c3:84:a2:99:5a:63:
0e:f2:90:3f:50:ee:c3:98:e5:e6:0f:52:06:bf:db:
7a:28:8d:14:cf:ef:5f:14:02:59:d4:b8:d4:f6:71:
41:51:ef:e9:9e:23:eb:d9:3b:12:34:1f:09:92:09:
7f:e9:4f:aa:7f:46:a9:a3:a5:71:5e:ad:97:6f:1d:
78:a1:cb:80:ce:62:07:4a:b9:87:c1:b7:23:07:24:
d0:a4:95:dc:b4:f6:1b:d0:1b:de:c8:b9:8c:f7:c1:
e8:5a:5e:c9:79:87:b5:2b:9d:83:dd:77:9f:4d:a4:
69:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:A2:6B:3E:1F:47:D5:F0:18:87:75:32:23:60:40:1F:CB:A0:37:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2773708c-e1eb-464f-a6a6-1ec206a634af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
42:80:e5:67:e4:b6:00:0b:81:dc:0a:84:7f:a4:cf:c6:57:f0:
59:cf:20:15:eb:9c:84:1b:48:35:d8:75:bf:20:75:69:3c:4a:
50:13:ca:2e:8d:ce:44:8c:eb:be:d0:4d:5d:44:f4:fd:e5:1d:
d0:ca:0d:50:cc:ac:92:f7:21:67:87:38:8f:74:2a:d6:30:45:
6e:bd:76:e1:ad:2a:4d:57:68:90:ee:6b:d3:29:3d:ef:f2:03:
25:d1:c1:79:3f:4c:9a:24:61:32:22:55:73:5b:60:02:40:9d:
d6:77:1e:bb:a9:65:e8:5b:0c:07:b1:12:1d:02:db:51:bf:63:
fd:18:3e:27:bf:d0:b3:9d:96:e8:c6:7c:89:75:9a:02:20:a7:
f2:43:08:7c:0f:b7:cb:27:37:73:2e:51:f0:e7:c3:c2:74:42:
2a:97:40:aa:1a:cb:90:15:90:4b:e5:dc:46:46:25:4d:82:f8:
2f:a8:04:99:04:8b:9b:9d:5d:a0:b5:fe:2d:54:48:cd:c2:99:
f1:38:2e:7b:b5:f1:75:66:01:7b:8f:76:79:c9:b2:32:8e:d1:
c9:ec:c5:87:e0:4e:3b:f9:4b:82:b2:95:fe:bf:5f:98:bc:47:
3f:34:60:18:76:ac:10:50:6c:3e:02:50:da:7b:8a:37:4f:92:
33:e5:d4:ae
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFmi7JwoJOsfcW48lKFFsl7SAwxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUwMTFaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkN2VjNmVkYWFlOGM5MzUzMTc4MTBhMmMwNDhmOWJlNDE5ZDZhMjA1ZmI4
MDViODg1ZTEzYjcxOThkMmI3OWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFkb8zD6lOITXh7HJLCmozn6H7zk+VRAZ3+2yTT6Qd935/sboGlhXZ4v0NW
clrC3kQpQLxZdd9DJL7YQTgpNyDiWjX8/ZOstcydJbuqv+7Bx55/WzsBTstvvoYy
AAQet1yKo6KTTXFueIsMRAGwwt4Hl9NsFfEwMFMOrqrzvl7h2UPenwjZ1fkaBEbz
EJZUw4SimVpjDvKQP1Duw5jl5g9SBr/beiiNFM/vXxQCWdS41PZxQVHv6Z4j69k7
EjQfCZIJf+lPqn9GqaOlcV6tl28deKHLgM5iB0q5h8G3Iwck0KSV3LT2G9Ab3si5
jPfB6FpeyXmHtSudg913n02kaZMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTwoms+
H0fV8BiHdTIjYEAfy6A3FDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc3MzcwOGMtZTFlYi00NjRmLWE2YTYtMWVjMjA2YTYzNGFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H1A
wDANBgkqhkiG9w0BAQsFAAOCAQEAQoDlZ+S2AAuB3AqEf6TPxlfwWc8gFeuchBtI
Ndh1vyB1aTxKUBPKLo3ORIzrvtBNXUT0/eUd0MoNUMyskvchZ4c4j3Qq1jBFbr12
4a0qTVdokO5r0yk97/IDJdHBeT9MmiRhMiJVc1tgAkCd1nceu6ll6FsMB7ESHQLb
Ub9j/Rg+J7/Qs52W6MZ8iXWaAiCn8kMIfA+3yyc3cy5R8OfDwnRCKpdAqhrLkBWQ
S+XcRkYlTYL4L6gEmQSLm51doLX+LVRIzcKZ8Tgue7XxdWYBe492ecmyMo7RyezF
h+BOO/lLgrKV/r9fmLxHPzRgGHasEFBsPgJQ2nuKN0+SM+XUrg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:29 2025 by rpki-client