Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
File: 2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa (raw, json)
Hash identifier: uRGNWE8QUFMu9///2lTBBicNjdM3gDlCOXOzsdKpj2g=
Subject key identifier: 2C:DE:C7:0D:0A:F0:BE:69:97:43:82:E0:28:D6:3F:5B:3C:A7:E8:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 197A8CB88FB39C9F0C11D0C3F47624FB7AD74CE7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
Signing time: Fri 26 Sep 2025 18:50:54 +0000
ROA not before: Fri 26 Sep 2025 18:50:54 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:7a:8c:b8:8f:b3:9c:9f:0c:11:d0:c3:f4:76:24:fb:7a:d7:4c:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:50:54 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=1e9c392addcb29ac24a9f9383e7f527c5d24d6c0cd7c64321137309a3ca27c80, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:02:39:ce:b4:34:1d:06:32:ed:6e:67:b7:95:
1a:18:6b:20:ff:f0:9b:20:ed:b7:21:21:fd:0a:22:
ef:dd:fd:39:26:f7:c7:8e:3e:d1:bf:54:e3:26:20:
20:ef:54:32:36:92:3d:ac:99:78:73:04:c6:8d:c5:
a4:06:d0:b2:49:46:81:b6:94:02:2d:e3:e5:a5:bc:
d2:2f:19:3d:41:1c:6a:d5:e7:2b:6c:7e:2f:c0:b6:
f9:23:5b:f7:21:ab:1b:29:fc:bd:00:0b:54:4b:47:
18:8e:82:e2:a6:40:04:6b:c3:96:15:cd:fc:a7:43:
bf:24:05:24:7d:fd:8a:8f:c0:d4:df:1c:00:32:af:
97:69:39:46:41:e7:98:3b:64:42:bc:0e:9e:56:e3:
05:60:76:30:c2:6c:82:a1:1a:ef:d2:53:4b:e0:2d:
00:fb:70:d9:32:df:70:4c:a5:26:54:e7:18:fe:b0:
ff:71:52:15:43:1b:46:3c:7f:51:02:74:01:ba:f9:
17:0b:a2:2b:14:d1:2f:01:28:d7:ce:56:9a:c1:ff:
7d:9a:81:99:36:0a:0f:a0:4f:3a:0d:80:6b:e0:c1:
32:04:10:fd:9d:bf:77:8b:50:26:54:a9:82:0b:e2:
f6:dc:af:31:c3:12:e3:5a:da:ec:d0:0b:b3:ee:e8:
5b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:DE:C7:0D:0A:F0:BE:69:97:43:82:E0:28:D6:3F:5B:3C:A7:E8:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:1080::/48
Signature Algorithm: sha256WithRSAEncryption
b5:83:31:37:82:98:51:06:ff:c8:d0:ee:21:0a:4b:82:ea:a0:
24:51:38:27:7f:f3:c6:1d:0c:ca:5d:a2:09:f2:cf:59:0e:69:
8e:15:34:85:55:0a:be:28:e6:6e:b1:a5:ca:24:cb:8d:81:2a:
b4:f5:05:90:5f:7c:43:e1:47:d8:e2:1f:e1:5e:3e:49:be:47:
09:20:dc:16:d2:a1:a2:cd:96:3c:ff:5b:08:19:6c:d1:74:df:
5d:d6:5d:fe:89:74:91:c9:52:d5:3d:62:ab:c5:d7:12:cd:c8:
64:4f:cb:f6:12:90:e3:f5:6f:96:54:b1:2f:80:3d:20:ab:35:
4b:72:cc:10:46:0c:03:ea:5c:94:ac:f9:d0:20:07:ba:cd:7a:
d0:2d:b2:a3:3c:31:98:a1:2a:ee:46:c8:68:36:8f:b2:d0:bf:
4c:d0:da:59:ca:3d:ce:4e:8c:71:64:09:2b:39:d7:60:e5:8b:
79:65:77:7a:59:5e:fd:4b:7a:b0:59:93:cf:0d:f8:46:6d:46:
c9:34:39:21:35:07:96:41:3c:91:28:f3:72:ef:ae:e9:a7:84:
fc:54:df:35:9d:3d:87:9e:d2:10:1c:98:ca:cd:a4:7d:ed:09:
7d:6d:ec:7e:79:cc:ee:28:91:77:22:98:45:1f:b8:19:b7:01:
91:f9:b5:2b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGXqMuI+znJ8MEdDD9HYk+3rXTOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODUwNTRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlOWMzOTJhZGRjYjI5YWMyNGE5ZjkzODNlN2Y1MjdjNWQyNGQ2YzBjZDdj
NjQzMjExMzczMDlhM2NhMjdjODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUCOc60NB0GMu1uZ7eVGhhrIP/wmyDttyEh/Qoi7939OSb3x44+0b9U4yYg
IO9UMjaSPayZeHMExo3FpAbQsklGgbaUAi3j5aW80i8ZPUEcatXnK2x+L8C2+SNb
9yGrGyn8vQALVEtHGI6C4qZABGvDlhXN/KdDvyQFJH39io/A1N8cADKvl2k5RkHn
mDtkQrwOnlbjBWB2MMJsgqEa79JTS+AtAPtw2TLfcEylJlTnGP6w/3FSFUMbRjx/
UQJ0Abr5FwuiKxTRLwEo185WmsH/fZqBmTYKD6BPOg2Aa+DBMgQQ/Z2/d4tQJlSp
ggvi9tyvMcMS41ra7NALs+7oW5kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQs3scN
CvC+aZdDguAo1j9bPKfomTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmE5M2JkYzItODIzYy00MTZhLWFjNDAtNmY2YzgyM2JjZWY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAtYMxN4KYUQb/yNDuIQpLguqgJFE4J3/zxh0M
yl2iCfLPWQ5pjhU0hVUKvijmbrGlyiTLjYEqtPUFkF98Q+FH2OIf4V4+Sb5HCSDc
FtKhos2WPP9bCBls0XTfXdZd/ol0kclS1T1iq8XXEs3IZE/L9hKQ4/VvllSxL4A9
IKs1S3LMEEYMA+pclKz50CAHus160C2yozwxmKEq7kbIaDaPstC/TNDaWco9zk6M
cWQJKznXYOWLeWV3elle/Ut6sFmTzw34Rm1GyTQ5ITUHlkE8kSjzcu+u6aeE/FTf
NZ09h57SEByYys2kfe0JfW3sfnnM7iiRdyKYRR+4GbcBkfm1Kw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:01 2025 by rpki-client