Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3135e220-76a4-4b6b-ada1-6cae1a2e15bb.roa
File: 3135e220-76a4-4b6b-ada1-6cae1a2e15bb.roa (raw, json)
Hash identifier: k20e52Ymq6Yp+8vLMlqTgMZU+zo2TcyJ1aMEND34BEo=
Subject key identifier: FE:A0:9F:AD:E4:8A:4F:4D:76:02:41:C8:6C:E8:A3:9D:ED:BB:B9:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 08484D8A6C055B9934960330A2941550080ED17C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3135e220-76a4-4b6b-ada1-6cae1a2e15bb.roa
Signing time: Mon 06 Oct 2025 17:50:55 +0000
ROA not before: Mon 06 Oct 2025 17:50:55 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:48:4d:8a:6c:05:5b:99:34:96:03:30:a2:94:15:50:08:0e:d1:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 17:50:55 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=e07a9b3747977ab558a1693cfd5ed036b30a51d696412e7458e8b948c726f933, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a1:14:67:cc:03:9d:9d:f2:26:42:10:9a:28:
f5:b7:15:cb:09:a4:16:82:4a:49:d0:84:89:75:75:
b3:fc:76:32:1d:40:6a:b4:1c:c4:0e:76:9f:80:fb:
77:00:72:17:34:a2:8c:71:a5:b2:5d:2d:12:99:5b:
e1:df:46:58:48:8b:d7:38:b7:e8:b8:1b:9e:6c:dd:
e4:01:88:04:46:34:48:43:bb:d4:8c:82:a4:0d:1e:
98:29:ba:21:00:88:0f:8b:16:1d:10:3b:69:ab:be:
67:d0:0f:ba:a7:61:39:f8:34:10:49:2b:dd:b8:41:
2a:9b:56:9a:2d:79:96:6c:11:51:34:70:72:71:37:
dd:ad:22:42:68:48:c9:a7:46:05:87:26:3a:c0:eb:
03:2a:e6:e6:45:7b:fd:95:e1:af:bf:55:6d:a8:61:
16:be:a3:2a:6a:40:be:37:63:9a:f6:82:c4:63:23:
83:fe:2b:d2:51:b2:b5:63:b9:d8:a8:09:aa:a3:65:
f6:38:07:51:cd:23:1d:d3:d7:f7:8d:64:3a:5e:43:
f7:7d:f1:94:ea:00:c2:b9:c2:b3:74:2e:2a:2b:80:
f5:9c:68:c5:dc:b1:05:ef:1c:4e:89:5a:dc:8f:ff:
88:f5:86:ae:20:dc:12:ea:3f:d5:27:ae:30:bc:a9:
93:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:A0:9F:AD:E4:8A:4F:4D:76:02:41:C8:6C:E8:A3:9D:ED:BB:B9:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3135e220-76a4-4b6b-ada1-6cae1a2e15bb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
24:13:b9:98:51:09:8c:b1:ba:51:9a:e4:5f:85:50:fa:c5:46:
41:f2:cf:5d:51:3c:4a:1f:bb:53:8e:1e:a3:73:9d:d6:63:8f:
22:aa:65:d5:56:c7:21:95:84:9e:49:f8:32:e1:2a:4a:9c:0f:
c4:4a:ff:6e:1c:24:94:5c:91:43:fd:db:7c:d9:f0:21:e8:8b:
07:70:76:2f:53:7e:64:f0:59:2b:fd:c1:a0:72:f6:80:82:c0:
2b:3f:87:fb:46:bc:79:bf:0a:d0:86:73:53:ab:69:c2:b8:1a:
b0:82:df:27:97:47:b9:3d:ea:c6:fb:93:37:35:63:f0:cd:6d:
b6:48:d0:8f:c4:4c:9a:36:06:34:45:96:cc:95:ab:9b:ce:63:
1c:e2:98:66:1d:00:bd:d0:3d:80:0c:4e:f8:b6:85:5c:43:ef:
af:70:33:f3:1b:4c:b6:05:5c:ff:0e:f7:7c:73:45:ac:10:62:
dc:29:9b:cb:f6:50:16:9f:58:09:88:f2:a9:a5:bc:2f:e0:30:
e6:f0:87:7e:5d:8e:d9:a7:46:48:34:77:09:b0:bb:59:4e:42:
cb:be:a7:dd:5c:fd:07:2b:65:03:5d:b8:e9:c7:fd:83:fc:a1:
23:aa:8b:1f:18:2c:89:db:0f:3a:39:90:ab:97:e8:f5:f7:27:
81:69:26:e9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCEhNimwFW5k0lgMwopQVUAgO0XwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxNzUwNTVaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwN2E5YjM3NDc5NzdhYjU1OGExNjkzY2ZkNWVkMDM2YjMwYTUxZDY5NjQx
MmU3NDU4ZThiOTQ4YzcyNmY5MzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAImhFGfMA52d8iZCEJoo9bcVywmkFoJKSdCEiXV1s/x2Mh1AarQcxA52n4D7
dwByFzSijHGlsl0tEplb4d9GWEiL1zi36Lgbnmzd5AGIBEY0SEO71IyCpA0emCm6
IQCID4sWHRA7aau+Z9APuqdhOfg0EEkr3bhBKptWmi15lmwRUTRwcnE33a0iQmhI
yadGBYcmOsDrAyrm5kV7/ZXhr79VbahhFr6jKmpAvjdjmvaCxGMjg/4r0lGytWO5
2KgJqqNl9jgHUc0jHdPX941kOl5D933xlOoAwrnCs3QuKiuA9ZxoxdyxBe8cTola
3I//iPWGriDcEuo/1SeuMLypk10CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT+oJ+t
5IpPTXYCQchs6KOd7bu5qzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzEzNWUyMjAtNzZhNC00YjZiLWFkYTEtNmNhZTFhMmUxNWJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H3g
wDANBgkqhkiG9w0BAQsFAAOCAQEAJBO5mFEJjLG6UZrkX4VQ+sVGQfLPXVE8Sh+7
U44eo3Od1mOPIqpl1VbHIZWEnkn4MuEqSpwPxEr/bhwklFyRQ/3bfNnwIeiLB3B2
L1N+ZPBZK/3BoHL2gILAKz+H+0a8eb8K0IZzU6tpwrgasILfJ5dHuT3qxvuTNzVj
8M1ttkjQj8RMmjYGNEWWzJWrm85jHOKYZh0AvdA9gAxO+LaFXEPvr3Az8xtMtgVc
/w73fHNFrBBi3Cmby/ZQFp9YCYjyqaW8L+Aw5vCHfl2O2adGSDR3CbC7WU5Cy76n
3Vz9BytlA1246cf9g/yhI6qLHxgsidsPOjmQq5fo9fcngWkm6Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:31 2025 by rpki-client