Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/301d1d15-dd00-41e7-9f44-49159e46a51a.roa
File: 301d1d15-dd00-41e7-9f44-49159e46a51a.roa (raw, json)
Hash identifier: z2Wdy9TafTmBasd+1RvIHMJ8fm67DCTtdQMFkGFZjtM=
Subject key identifier: BA:D8:63:61:FF:26:60:CA:EA:4D:5B:24:42:9D:42:BF:F1:D9:10:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 08350CD1F52EF405347BC47863AE81AF0CFA4A84
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/301d1d15-dd00-41e7-9f44-49159e46a51a.roa
Signing time: Fri 26 Sep 2025 18:42:22 +0000
ROA not before: Fri 26 Sep 2025 18:42:22 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:35:0c:d1:f5:2e:f4:05:34:7b:c4:78:63:ae:81:af:0c:fa:4a:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:42:22 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=e5d9010138837b558d1cbe20a808dfcfdecb61b1d3fd345c38e924b6c1c6c6ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7a:0a:f8:a8:f0:26:4b:e6:6f:18:20:43:6a:
d7:9f:bf:8a:99:05:b8:0d:92:b6:03:30:f3:60:9d:
f0:7b:a3:f8:7b:4c:ed:1c:a1:17:5d:38:4a:6d:7f:
7a:7d:54:be:f3:5f:78:2d:2a:bb:0c:bd:ba:8b:cc:
fe:a0:4d:0a:90:1f:47:0c:01:4b:4d:2b:8b:fe:f4:
80:f3:53:4f:a6:f3:e6:86:ca:87:90:e4:73:20:3e:
5b:0c:b8:c5:7a:9e:fe:42:01:0f:f6:3a:ef:08:c5:
79:a3:4b:dd:03:3f:02:88:d7:cc:8b:dd:aa:82:8b:
8b:75:ff:b6:c5:c9:6d:b3:9f:80:a3:7f:40:e4:e8:
e4:29:2e:67:42:d4:8e:04:a8:aa:77:e3:48:67:5c:
77:e3:e1:dd:ad:e6:7e:c0:4f:e7:8b:f1:19:0e:80:
21:fb:60:66:d9:c4:e1:c6:9f:af:a2:ac:36:d7:aa:
b1:36:6f:a7:8e:9c:b6:a8:56:e6:cc:df:54:f9:21:
a9:b6:d7:06:de:4b:54:f4:95:a5:f8:1c:b5:06:04:
4c:5e:d5:27:9e:f5:06:cb:8b:a4:18:1a:cd:b9:ad:
6b:c6:23:df:be:e3:48:54:62:3e:15:9e:80:be:e0:
5e:62:e3:1a:3c:9c:ec:ac:09:fe:48:bd:58:ca:6a:
a0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:D8:63:61:FF:26:60:CA:EA:4D:5B:24:42:9D:42:BF:F1:D9:10:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/301d1d15-dd00-41e7-9f44-49159e46a51a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8040::/48
Signature Algorithm: sha256WithRSAEncryption
3f:fc:95:fc:23:98:eb:4d:13:9d:0b:c1:e8:03:dd:d9:1d:b7:
43:e4:f9:d5:66:0a:a3:54:66:11:de:f5:1c:c3:91:fe:87:27:
ee:99:69:f4:d3:39:10:06:0c:6c:d7:ee:09:b3:a2:5e:f8:90:
0c:98:a9:5a:3b:47:ce:55:24:a1:56:dc:1a:ea:d5:1c:db:98:
c5:78:1f:f9:7b:dd:75:7b:fb:be:f9:66:26:2e:b2:4c:da:e7:
bb:a4:e8:7a:dd:d7:a1:f5:cc:9f:98:82:0b:4b:de:2e:7c:f1:
75:b3:ef:a1:38:05:46:e4:a6:9d:c4:ce:96:e2:56:2b:c0:83:
8e:d3:3f:09:38:b8:ac:46:9c:a7:15:19:2e:7a:87:a5:58:23:
d1:d4:89:21:ad:b4:9d:8b:b5:e2:81:20:9a:bc:dc:50:9e:9b:
da:33:cd:13:cf:07:47:4a:01:60:3d:27:2a:e1:a2:4d:6a:4d:
3e:41:de:7d:a9:b4:b4:5e:28:aa:1f:4c:d8:3d:5a:fc:1a:a9:
81:7d:8d:92:61:91:d8:24:c6:04:7f:b3:a2:83:8a:ae:3e:0b:
81:06:b0:21:d4:02:ce:40:dd:b0:41:35:43:5a:58:60:bf:1a:
3f:d3:81:dd:8c:53:bc:a8:36:75:6a:4e:a1:c3:63:e8:78:a7:
b6:ab:70:17
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCDUM0fUu9AU0e8R4Y66Brwz6SoQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODQyMjJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1ZDkwMTAxMzg4MzdiNTU4ZDFjYmUyMGE4MDhkZmNmZGVjYjYxYjFkM2Zk
MzQ1YzM4ZTkyNGI2YzFjNmM2YWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJ6Cvio8CZL5m8YIENq15+/ipkFuA2StgMw82Cd8Huj+HtM7RyhF104Sm1/
en1UvvNfeC0quwy9uovM/qBNCpAfRwwBS00ri/70gPNTT6bz5obKh5DkcyA+Wwy4
xXqe/kIBD/Y67wjFeaNL3QM/AojXzIvdqoKLi3X/tsXJbbOfgKN/QOTo5CkuZ0LU
jgSoqnfjSGdcd+Ph3a3mfsBP54vxGQ6AIftgZtnE4cafr6KsNteqsTZvp46ctqhW
5szfVPkhqbbXBt5LVPSVpfgctQYETF7VJ571BsuLpBgazbmta8Yj377jSFRiPhWe
gL7gXmLjGjyc7KwJ/ki9WMpqoDMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS62GNh
/yZgyupNWyRCnUK/8dkQ9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzAxZDFkMTUtZGQwMC00MWU3LTlmNDQtNDkxNTllNDZhNTFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
QDANBgkqhkiG9w0BAQsFAAOCAQEAP/yV/COY600TnQvB6APd2R23Q+T51WYKo1Rm
Ed71HMOR/ocn7plp9NM5EAYMbNfuCbOiXviQDJipWjtHzlUkoVbcGurVHNuYxXgf
+XvddXv7vvlmJi6yTNrnu6Toet3XofXMn5iCC0veLnzxdbPvoTgFRuSmncTOluJW
K8CDjtM/CTi4rEacpxUZLnqHpVgj0dSJIa20nYu14oEgmrzcUJ6b2jPNE88HR0oB
YD0nKuGiTWpNPkHefam0tF4oqh9M2D1a/BqpgX2NkmGR2CTGBH+zooOKrj4LgQaw
IdQCzkDdsEE1Q1pYYL8aP9OB3YxTvKg2dWpOocNj6HintqtwFw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:29:36 2025 by rpki-client