Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
File: 2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa (raw, json)
Hash identifier: NorQf5rcOTIP1yZGcXc8MaIP5H58VqRbiiPb48xKSpI=
Subject key identifier: FF:85:50:B5:35:01:71:12:EC:88:27:76:2B:1C:0B:2F:AA:D2:DF:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B6BF1426FAE8FCA37CB0B46279B9531E42384A6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
Signing time: Sat 27 Sep 2025 00:53:28 +0000
ROA not before: Sat 27 Sep 2025 00:53:28 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:6b:f1:42:6f:ae:8f:ca:37:cb:0b:46:27:9b:95:31:e4:23:84:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 27 00:53:28 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=c855a07ea87264dd4e47a3321914078bd5cf33c96f4cf7fa555a2f0b7855f1c1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:40:6f:84:a3:60:40:28:6c:7f:02:ac:75:78:
f3:b6:64:e6:3b:94:04:95:4c:e4:ff:04:a9:fe:bc:
19:4f:67:0b:ca:11:6e:6a:ed:7e:dd:58:79:ed:ad:
04:fb:11:1d:fd:01:43:c0:62:ef:52:d2:43:c2:3a:
4e:5f:4f:c3:46:91:78:da:05:37:7c:99:ab:eb:89:
2a:7b:b6:d8:d1:bb:45:a8:ef:79:d0:d3:e8:88:88:
0d:b6:38:35:44:56:c9:37:46:ef:f4:4d:18:64:73:
53:57:81:18:86:08:e9:9c:2b:b6:8d:f8:cf:5e:ff:
b4:41:54:b6:fe:0e:1c:57:21:f1:5f:0e:be:3e:35:
6f:f8:a3:3c:48:cc:3c:7f:92:8f:e7:27:69:7a:97:
74:3c:ed:54:6a:b5:14:05:c5:af:a6:7b:d3:4e:1d:
18:84:b7:0b:b7:41:56:87:e4:8c:ce:a4:c4:65:ae:
7b:f7:c4:7a:76:a9:0d:00:4f:1a:ce:28:c3:f0:57:
6b:47:9f:10:68:ac:46:3e:48:0b:9f:3b:04:0c:57:
7e:a7:8b:12:e8:48:76:1d:56:21:d3:90:5c:a4:be:
21:69:b0:e9:b7:ec:a0:ac:7a:0d:bd:39:98:e0:cd:
5b:dc:56:af:16:f2:5b:92:9f:5d:ce:83:ed:aa:60:
c0:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:85:50:B5:35:01:71:12:EC:88:27:76:2B:1C:0B:2F:AA:D2:DF:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014::/35
Signature Algorithm: sha256WithRSAEncryption
8d:fa:37:10:81:2e:2b:d5:ad:e1:16:df:3d:ba:8d:ff:4c:e2:
7c:65:29:59:3e:a4:7d:81:af:51:f6:e8:2c:a0:de:80:a7:76:
ea:f0:2f:27:e9:fd:ba:ba:0a:5e:cf:b4:f8:d1:ea:43:d9:3f:
a0:7b:e4:9b:4e:8b:ae:4e:af:93:fa:79:98:47:d1:38:90:8b:
00:a9:ac:d0:95:11:2a:99:0f:bc:7e:d0:4d:8b:78:4a:16:3c:
58:5a:45:29:ea:ec:6e:06:45:34:4c:79:0b:18:84:f1:4f:38:
c0:45:ae:55:eb:02:e2:82:05:cd:fd:4d:86:15:e9:2f:f4:6f:
92:34:d9:ce:2a:56:c5:d6:0b:ba:d2:29:cf:dd:e4:5b:a0:7b:
66:c7:67:d9:d8:95:ad:44:de:9e:25:71:93:a7:e5:00:03:b4:
89:0c:7f:39:b2:43:15:fb:b5:ab:4b:28:0a:cd:be:92:94:69:
42:06:3d:5e:03:a2:b0:8d:b2:40:3b:a7:c2:d8:10:d4:af:9b:
14:b1:bf:62:65:a5:21:2a:7a:eb:25:99:9d:eb:d6:24:eb:f0:
58:e0:b3:b9:97:46:32:1a:b3:40:f8:61:a3:69:ec:9e:d0:e8:
e1:3c:7f:eb:0d:cc:ad:cb:f2:06:d6:7f:83:b5:0c:4d:83:b1:
50:a6:ad:80
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC2vxQm+uj8o3ywtGJ5uVMeQjhKYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjcwMDUzMjhaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4NTVhMDdlYTg3MjY0ZGQ0ZTQ3YTMzMjE5MTQwNzhiZDVjZjMzYzk2ZjRj
ZjdmYTU1NWEyZjBiNzg1NWYxYzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJpAb4SjYEAobH8CrHV487Zk5juUBJVM5P8Eqf68GU9nC8oRbmrtft1Yee2t
BPsRHf0BQ8Bi71LSQ8I6Tl9Pw0aReNoFN3yZq+uJKnu22NG7RajvedDT6IiIDbY4
NURWyTdG7/RNGGRzU1eBGIYI6Zwrto34z17/tEFUtv4OHFch8V8Ovj41b/ijPEjM
PH+Sj+cnaXqXdDztVGq1FAXFr6Z7004dGIS3C7dBVofkjM6kxGWue/fEenapDQBP
Gs4ow/BXa0efEGisRj5IC587BAxXfqeLEuhIdh1WIdOQXKS+IWmw6bfsoKx6Db05
mODNW9xWrxbyW5KfXc6D7apgwLsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT/hVC1
NQFxEuyIJ3YrHAsvqtLfHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmM1YmE2NzMtNmQ5YS00ZWYyLWI4YTAtMTFkMGRkYmYzMDJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BQA
MA0GCSqGSIb3DQEBCwUAA4IBAQCN+jcQgS4r1a3hFt89uo3/TOJ8ZSlZPqR9ga9R
9ugsoN6Ap3bq8C8n6f26ugpez7T40epD2T+ge+SbTouuTq+T+nmYR9E4kIsAqazQ
lREqmQ+8ftBNi3hKFjxYWkUp6uxuBkU0THkLGITxTzjARa5V6wLiggXN/U2GFekv
9G+SNNnOKlbF1gu60inP3eRboHtmx2fZ2JWtRN6eJXGTp+UAA7SJDH85skMV+7Wr
SygKzb6SlGlCBj1eA6KwjbJAO6fC2BDUr5sUsb9iZaUhKnrrJZmd69Yk6/BY4LO5
l0YyGrNA+GGjaeye0OjhPH/rDcyty/IG1n+DtQxNg7FQpq2A
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:32 2025 by rpki-client