Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
File: 2ab74891-6199-47fc-bcde-b8022379067c.roa (raw, json)
Hash identifier: rUYw5ZzfyMcxgy2USuWLBuNgX+ZPWvv/ni8z7CkWNBE=
Subject key identifier: 1F:3B:F8:DE:C9:B1:B4:60:6B:F9:77:54:45:5A:3D:F1:8B:A3:0C:54
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 550A4D785DF324BB84C7048B5D0ECD8F83145D8A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
Signing time: Fri 26 Sep 2025 19:41:53 +0000
ROA not before: Fri 26 Sep 2025 19:41:53 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:0a:4d:78:5d:f3:24:bb:84:c7:04:8b:5d:0e:cd:8f:83:14:5d:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:41:53 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=b54d31ee7b9eddc4e7b69b0ceb33b7f9aacee1c1465a40aaa8c3675453686b9a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:02:00:6d:e0:d3:74:d2:16:fb:8b:b8:0f:3b:
eb:6f:36:40:23:e1:04:08:1f:4a:85:e5:40:1e:9f:
77:48:51:b4:10:69:73:a8:ea:10:ff:0f:61:e6:28:
a9:ed:93:c8:dc:05:14:0d:ad:1b:18:e8:c1:b5:74:
3c:3b:2d:3a:e8:3a:ce:2d:af:7d:78:9b:9a:70:9e:
3c:4a:02:3a:57:7c:cd:84:bc:2e:82:6b:a5:57:bc:
aa:d1:25:18:cf:ca:b2:f0:60:51:eb:16:75:37:d1:
33:35:6b:ca:e6:1e:47:46:62:ed:7b:fe:3d:b8:ec:
56:1f:4a:ee:68:b4:0a:8a:7f:3b:18:82:89:e5:a5:
a0:de:cc:24:ea:10:9c:66:32:64:e0:69:2a:05:44:
12:47:50:b0:be:0a:95:5c:cf:fe:7f:f8:3a:ea:fe:
e2:9c:59:99:d8:4e:65:11:45:a0:19:6c:29:ab:87:
8b:27:e2:d0:f8:4d:e6:82:48:af:5f:02:17:0c:85:
ce:c0:76:8a:a2:ba:30:f3:20:89:03:01:5b:d2:74:
cd:59:77:67:d0:82:b9:cb:52:b0:34:bb:c5:9a:3f:
24:f7:e0:6c:7c:15:27:db:a6:38:07:44:d0:f6:06:
14:82:30:18:c5:4d:90:4b:22:5e:cc:5a:88:24:bc:
14:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:3B:F8:DE:C9:B1:B4:60:6B:F9:77:54:45:5A:3D:F1:8B:A3:0C:54
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:4000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:e1:97:98:77:56:d0:c5:59:ac:c4:04:f5:0e:4a:ce:8d:2c:
ef:aa:9c:74:06:ad:e8:00:43:68:0c:d0:b1:c8:d2:53:4a:c6:
91:cc:90:1d:9a:be:d5:1d:21:78:eb:e7:1a:b0:e2:d3:48:d0:
88:a8:79:3f:20:07:30:ae:5f:21:7a:3f:fc:29:ad:80:84:4f:
33:05:f2:32:b0:5b:b2:b2:25:83:99:ee:97:37:01:bf:c5:02:
07:94:9d:02:82:72:08:c6:aa:9e:e8:1d:c0:3a:b0:e4:43:da:
e0:db:8e:8f:b9:e1:ce:25:ad:68:60:4b:a7:e1:05:0c:4f:de:
97:e5:46:32:52:39:22:ff:63:27:b6:32:98:72:44:ea:7d:35:
7b:be:ff:29:c9:16:3d:73:d7:8c:78:7c:42:8e:81:7e:05:7c:
80:60:36:76:92:a7:14:71:79:04:fe:db:21:92:f4:fe:1f:95:
f7:dd:45:6d:d5:55:9a:22:cb:c0:d5:1d:c5:77:cf:58:fe:a4:
d5:77:89:86:9b:bd:27:b1:2d:0b:6c:8d:e2:d3:b4:e5:b7:15:
4b:30:d5:43:1a:d4:23:d8:e5:b8:4c:2c:f4:98:9b:7d:5b:76:
d8:c1:81:fe:8d:b7:28:7d:cb:4c:a8:b7:c6:7a:32:e4:c4:60:
a6:89:e5:7b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVQpNeF3zJLuExwSLXQ7Nj4MUXYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQxNTNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1NGQzMWVlN2I5ZWRkYzRlN2I2OWIwY2ViMzNiN2Y5YWFjZWUxYzE0NjVh
NDBhYWE4YzM2NzU0NTM2ODZiOWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPcCAG3g03TSFvuLuA876282QCPhBAgfSoXlQB6fd0hRtBBpc6jqEP8PYeYo
qe2TyNwFFA2tGxjowbV0PDstOug6zi2vfXibmnCePEoCOld8zYS8LoJrpVe8qtEl
GM/KsvBgUesWdTfRMzVryuYeR0Zi7Xv+PbjsVh9K7mi0Cop/OxiCieWloN7MJOoQ
nGYyZOBpKgVEEkdQsL4KlVzP/n/4Our+4pxZmdhOZRFFoBlsKauHiyfi0PhN5oJI
r18CFwyFzsB2iqK6MPMgiQMBW9J0zVl3Z9CCuctSsDS7xZo/JPfgbHwVJ9umOAdE
0PYGFIIwGMVNkEsiXsxaiCS8FFsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQfO/je
ybG0YGv5d1RFWj3xi6MMVDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmFiNzQ4OTEtNjE5OS00N2ZjLWJjZGUtYjgwMjIzNzkwNjdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhA
MA0GCSqGSIb3DQEBCwUAA4IBAQCg4ZeYd1bQxVmsxAT1DkrOjSzvqpx0Bq3oAENo
DNCxyNJTSsaRzJAdmr7VHSF46+casOLTSNCIqHk/IAcwrl8hej/8Ka2AhE8zBfIy
sFuysiWDme6XNwG/xQIHlJ0CgnIIxqqe6B3AOrDkQ9rg246PueHOJa1oYEun4QUM
T96X5UYyUjki/2MntjKYckTqfTV7vv8pyRY9c9eMeHxCjoF+BXyAYDZ2kqcUcXkE
/tshkvT+H5X33UVt1VWaIsvA1R3Fd89Y/qTVd4mGm70nsS0LbI3i07TltxVLMNVD
GtQj2OW4TCz0mJt9W3bYwYH+jbcofctMqLfGejLkxGCmieV7
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:44 2025 by rpki-client