Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
File: 2f449809-abd8-4202-adc3-ce8dd1767b62.roa (raw, json)
Hash identifier: 1QB4MLwAqKMTtPU00YgoVMxvXvXKcomKidRa9X8FZ/8=
Subject key identifier: 72:0C:30:DD:F8:D1:34:69:53:7C:45:07:63:CD:03:94:98:0A:CC:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E2601440874B5F66ADA374CAF4E8F8B62458016
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
Signing time: Fri 26 Sep 2025 19:20:11 +0000
ROA not before: Fri 26 Sep 2025 19:20:11 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:26:01:44:08:74:b5:f6:6a:da:37:4c:af:4e:8f:8b:62:45:80:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:20:11 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a3f9ff941c23006e4c15ca535241a9b1684a9dd74c272bbd3fc7edadaab347c5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:54:9d:02:97:70:a9:74:fa:df:05:f2:70:bf:
ac:cf:84:e6:89:c8:dc:f8:65:69:03:f7:cd:21:e8:
6a:9d:07:3e:52:1d:a9:5f:8c:d4:71:c8:a4:28:47:
f3:75:09:fb:2b:a5:2b:b7:ca:f4:47:f3:71:5b:10:
5f:df:8d:00:48:72:da:fa:51:53:c8:bc:ac:f0:ee:
ce:97:16:c2:11:2f:62:57:76:14:bc:dc:3e:55:f2:
70:bb:84:4d:91:d2:3c:e7:a0:b4:7a:8d:e3:f8:42:
e9:88:84:09:26:da:81:3b:2c:79:9c:42:c4:55:4d:
43:9a:ab:ec:ec:5e:a5:84:03:6f:91:c3:5d:e9:ca:
e2:ad:30:2c:2d:27:85:f6:8b:e0:9d:9c:af:82:76:
9c:46:fe:9d:1e:da:34:6c:cb:15:9c:e4:51:96:87:
79:35:ea:08:0b:87:44:9b:fd:ae:61:16:76:25:de:
e0:d9:04:ee:c9:91:09:d0:df:d7:88:0b:e0:30:b5:
2a:29:19:1f:55:a1:9a:45:78:43:62:07:35:f8:c0:
b2:ef:75:7f:79:a6:12:50:78:5c:da:78:d4:9a:a7:
e7:fc:0d:4f:5d:e6:f0:ad:08:3c:0f:c3:07:7b:e5:
84:eb:e9:7d:78:6a:cc:0b:a7:96:e9:83:d8:73:b6:
bd:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:0C:30:DD:F8:D1:34:69:53:7C:45:07:63:CD:03:94:98:0A:CC:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:5000::/40
Signature Algorithm: sha256WithRSAEncryption
12:ad:1b:0d:04:23:66:08:19:82:2d:72:45:a0:2c:3e:5f:6b:
b8:fb:78:8a:50:3c:75:4b:18:02:9a:8d:40:cc:11:b7:f9:e5:
99:da:12:59:cb:4e:e7:d4:a2:80:50:fe:67:03:92:bc:4a:e5:
91:52:b0:a4:bf:b1:fb:ea:3d:7d:9e:a8:2f:2a:25:26:ac:7d:
70:18:56:94:0b:67:62:fd:88:c8:44:45:4c:a2:03:8d:6a:49:
d1:cd:d8:af:7d:74:20:79:d0:9b:97:4c:b8:0d:4e:01:03:e6:
b9:d3:78:91:1e:05:77:45:5a:11:bc:3c:4a:bd:8b:6a:9f:db:
d1:67:c8:84:05:45:d9:f1:26:cf:74:d5:7a:dd:06:14:8c:04:
98:7d:46:3b:10:db:01:ed:d1:52:99:f1:f5:7c:e7:5a:1d:2e:
4a:14:33:e4:3f:34:c8:4b:a3:5f:71:bd:06:93:b5:b3:f2:a1:
de:4c:f5:d8:1e:76:41:60:77:72:69:9f:7e:2e:7c:cc:58:f6:
e6:c4:33:bf:f3:78:a0:66:ee:ff:94:d6:6b:e0:ef:5d:0f:40:
2a:5a:bd:f5:a8:c1:78:92:4c:dd:27:dd:61:69:fb:39:8b:11:
26:8d:d1:60:28:d8:91:04:d9:dc:7d:54:2c:c1:f1:b3:9d:e6:
de:ae:b7:82
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXiYBRAh0tfZq2jdMr06Pi2JFgBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTIwMTFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzZjlmZjk0MWMyMzAwNmU0YzE1Y2E1MzUyNDFhOWIxNjg0YTlkZDc0YzI3
MmJiZDNmYzdlZGFkYWFiMzQ3YzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIdUnQKXcKl0+t8F8nC/rM+E5onI3PhlaQP3zSHoap0HPlIdqV+M1HHIpChH
83UJ+yulK7fK9EfzcVsQX9+NAEhy2vpRU8i8rPDuzpcWwhEvYld2FLzcPlXycLuE
TZHSPOegtHqN4/hC6YiECSbagTsseZxCxFVNQ5qr7OxepYQDb5HDXenK4q0wLC0n
hfaL4J2cr4J2nEb+nR7aNGzLFZzkUZaHeTXqCAuHRJv9rmEWdiXe4NkE7smRCdDf
14gL4DC1KikZH1WhmkV4Q2IHNfjAsu91f3mmElB4XNp41Jqn5/wNT13m8K0IPA/D
B3vlhOvpfXhqzAunlumD2HO2vQ0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRyDDDd
+NE0aVN8RQdjzQOUmArMBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmY0NDk4MDktYWJkOC00MjAyLWFkYzMtY2U4ZGQxNzY3YjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQASrRsNBCNmCBmCLXJFoCw+X2u4+3iKUDx1SxgC
mo1AzBG3+eWZ2hJZy07n1KKAUP5nA5K8SuWRUrCkv7H76j19nqgvKiUmrH1wGFaU
C2di/YjIREVMogONaknRzdivfXQgedCbl0y4DU4BA+a503iRHgV3RVoRvDxKvYtq
n9vRZ8iEBUXZ8SbPdNV63QYUjASYfUY7ENsB7dFSmfH1fOdaHS5KFDPkPzTIS6Nf
cb0Gk7Wz8qHeTPXYHnZBYHdyaZ9+LnzMWPbmxDO/83igZu7/lNZr4O9dD0AqWr31
qMF4kkzdJ91hafs5ixEmjdFgKNiRBNncfVQswfGzneberreC
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:28 2025 by rpki-client