Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e5950d7-064f-4bc9-9ec0-ccb72ee4fb5f.roa
File: 2e5950d7-064f-4bc9-9ec0-ccb72ee4fb5f.roa (raw, json)
Hash identifier: 8wrAZwbx9CvwpeFc7mFANB55H7WR9nTYoNUUZTNLdx8=
Subject key identifier: 18:E0:2B:03:0C:9D:BE:61:4F:45:63:E3:A6:5B:7A:24:85:34:87:05
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F117B941EA86821E3597A74B80EE3574B9A1374
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e5950d7-064f-4bc9-9ec0-ccb72ee4fb5f.roa
Signing time: Tue 07 Oct 2025 15:32:50 +0000
ROA not before: Tue 07 Oct 2025 15:32:50 +0000
ROA not after: Tue 11 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:f000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:11:7b:94:1e:a8:68:21:e3:59:7a:74:b8:0e:e3:57:4b:9a:13:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 7 15:32:50 2025 GMT
Not After : Nov 11 23:59:59 2025 GMT
Subject: serialNumber=57312d8343d1dbfdc611baf32716591aa6ee5a75e3ea058c07242d92a7741c38, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:48:50:35:35:53:bb:5f:57:8f:5d:0f:f0:e3:
f8:01:a2:11:c0:34:c8:ed:3b:10:18:60:31:77:cd:
f3:5b:c8:39:7b:c2:0f:05:0a:29:42:56:24:32:86:
9f:25:36:a3:10:58:7f:cc:ac:32:94:c7:fa:92:4f:
d8:03:fb:89:a2:f1:67:f3:7d:85:1f:5f:c3:a2:fd:
5c:41:6c:55:2c:13:6e:5b:d9:9d:f3:48:af:ca:ff:
d2:b8:fa:91:49:00:89:89:bc:c2:c7:09:6f:a6:e4:
97:4e:52:12:5b:a4:41:52:d9:dc:a8:c8:7f:65:75:
1d:8d:ec:2f:2b:a3:64:b9:80:d1:48:a7:1a:e8:56:
90:62:28:8b:02:96:20:85:13:f1:96:20:f9:b2:18:
a8:b1:c9:f7:ee:a9:b4:7a:87:11:d8:38:33:1f:df:
5a:2b:0e:12:ac:2c:75:e2:b3:63:b3:3a:3d:9d:12:
5e:71:ed:3a:a9:48:8a:d1:bd:81:b4:d1:5f:d9:c9:
8b:f5:18:90:01:74:0e:cb:ca:46:2e:9b:71:7b:f2:
e1:ae:06:d5:3b:82:5f:64:e6:e6:8c:a3:df:df:96:
ad:24:f6:58:96:5a:d0:f6:f8:0d:2c:25:5d:d3:be:
a6:b1:c5:39:9b:f2:be:23:cc:87:f2:a5:64:51:b9:
96:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:E0:2B:03:0C:9D:BE:61:4F:45:63:E3:A6:5B:7A:24:85:34:87:05
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e5950d7-064f-4bc9-9ec0-ccb72ee4fb5f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:f000::/40
Signature Algorithm: sha256WithRSAEncryption
b1:1b:83:12:74:74:cc:c4:34:4a:15:5c:3e:c2:6e:83:59:1d:
70:0b:4b:2b:a9:be:36:4b:be:4b:90:a7:20:af:9a:e4:22:b7:
92:46:cd:ec:ef:83:e4:a4:ff:9c:3a:23:ea:d6:b2:24:9a:db:
b8:a9:6a:98:9f:3e:43:31:68:3d:d8:4d:be:95:8f:a1:67:69:
f9:9f:4d:fc:ca:80:73:e5:d3:6d:18:a6:3d:5d:bb:48:a3:15:
f8:0b:48:31:19:46:7c:8d:a5:20:97:74:92:87:a6:d9:f1:68:
c6:05:4c:26:80:0a:32:c5:27:f8:30:dd:37:c8:b6:fa:1f:68:
99:fc:a4:6d:92:8d:f4:b6:ce:8c:de:11:9b:22:93:62:00:a5:
d3:92:ad:cb:7a:f4:ce:3c:5a:7c:5c:bc:ce:01:77:15:cf:9e:
38:cf:cd:1b:e3:57:28:92:d3:1a:2a:b9:4a:99:e5:a5:27:d6:
f1:1f:22:7d:f5:33:8f:3c:ff:b9:ac:6a:48:f7:0a:8e:1c:80:
62:0b:d4:a6:d7:ec:dd:ec:a3:f8:32:33:4a:c9:98:92:cc:7c:
6a:f5:c3:71:8d:d0:fe:5f:e3:14:e9:32:c5:fb:ea:89:17:2a:
fd:bc:46:8f:86:91:ba:4d:c2:b0:09:59:5e:81:14:9d:a2:ec:
1a:5c:d6:0d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXxF7lB6oaCHjWXp0uA7jV0uaE3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDcxNTMyNTBaFw0yNTExMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3MzEyZDgzNDNkMWRiZmRjNjExYmFmMzI3MTY1OTFhYTZlZTVhNzVlM2Vh
MDU4YzA3MjQyZDkyYTc3NDFjMzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIdIUDU1U7tfV49dD/Dj+AGiEcA0yO07EBhgMXfN81vIOXvCDwUKKUJWJDKG
nyU2oxBYf8ysMpTH+pJP2AP7iaLxZ/N9hR9fw6L9XEFsVSwTblvZnfNIr8r/0rj6
kUkAiYm8wscJb6bkl05SElukQVLZ3KjIf2V1HY3sLyujZLmA0UinGuhWkGIoiwKW
IIUT8ZYg+bIYqLHJ9+6ptHqHEdg4Mx/fWisOEqwsdeKzY7M6PZ0SXnHtOqlIitG9
gbTRX9nJi/UYkAF0DsvKRi6bcXvy4a4G1TuCX2Tm5oyj39+WrST2WJZa0Pb4DSwl
XdO+prHFOZvyviPMh/KlZFG5lm8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQY4CsD
DJ2+YU9FY+OmW3okhTSHBTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmU1OTUwZDctMDY0Zi00YmM5LTllYzAtY2NiNzJlZTRmYjVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H/w
MA0GCSqGSIb3DQEBCwUAA4IBAQCxG4MSdHTMxDRKFVw+wm6DWR1wC0srqb42S75L
kKcgr5rkIreSRs3s74PkpP+cOiPq1rIkmtu4qWqYnz5DMWg92E2+lY+hZ2n5n038
yoBz5dNtGKY9XbtIoxX4C0gxGUZ8jaUgl3SSh6bZ8WjGBUwmgAoyxSf4MN03yLb6
H2iZ/KRtko30ts6M3hGbIpNiAKXTkq3LevTOPFp8XLzOAXcVz544z80b41coktMa
KrlKmeWlJ9bxHyJ99TOPPP+5rGpI9wqOHIBiC9Sm1+zd7KP4MjNKyZiSzHxq9cNx
jdD+X+MU6TLF++qJFyr9vEaPhpG6TcKwCVlegRSdouwaXNYN
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:30 2025 by rpki-client