Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
File: 3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa (raw, json)
Hash identifier: JaJotjjJIb2Okeauc4Lo5LfnGdn6eSjfY/Ecdqd8FGA=
Subject key identifier: F8:1E:24:2F:DF:74:CF:90:C0:45:4B:B0:9B:54:A3:EA:33:C3:92:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63370AFF943A804C4F4FC3259226B7A5B2C0E222
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
Signing time: Mon 29 Sep 2025 15:24:38 +0000
ROA not before: Mon 29 Sep 2025 15:24:38 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:37:0a:ff:94:3a:80:4c:4f:4f:c3:25:92:26:b7:a5:b2:c0:e2:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 29 15:24:38 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=d411d27aa6f3d918233374f8dd94157710d3d98a8f8ab420848b3bbb4d7696a4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:4f:45:9e:77:8a:5f:a1:01:d6:98:4e:05:06:
b2:de:fd:45:22:f9:20:38:00:6b:c0:1e:ca:b4:c3:
f9:f1:bf:31:dc:d2:d4:51:aa:2f:34:5a:25:71:40:
28:e2:3f:d2:b8:eb:4f:f1:68:a6:18:03:40:0a:c7:
d8:2a:29:b0:cd:2b:90:b9:01:3f:e7:31:df:9f:c3:
c6:40:5a:92:9b:c7:ea:55:b6:da:05:f6:51:d3:be:
ca:62:99:05:4e:68:c2:a2:42:6e:c2:be:75:01:ce:
38:73:31:06:e0:67:a8:09:c1:52:de:2f:8d:58:1d:
1c:4d:b1:20:71:10:2d:9a:bd:b6:25:59:2e:dc:dc:
a4:e2:6b:b2:6b:d5:9e:60:7e:3d:ef:48:1e:93:fb:
c6:4c:26:ac:ab:51:95:1a:f9:b6:93:a1:5b:45:be:
e3:05:52:33:09:ba:52:20:eb:3a:d9:8f:4a:a1:2f:
bd:3b:23:e4:b0:29:5b:6c:20:50:ce:12:70:bc:81:
d0:39:42:9d:83:5e:a8:9a:02:89:b1:13:e9:34:14:
3c:49:6e:c7:8e:ce:e1:8d:e4:cc:72:f3:d4:21:09:
0f:29:73:3b:0c:da:88:e1:5e:36:45:6f:62:c6:d7:
46:62:ba:f2:2b:da:0e:4f:84:16:35:34:27:09:bb:
16:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:1E:24:2F:DF:74:CF:90:C0:45:4B:B0:9B:54:A3:EA:33:C3:92:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020::/28
Signature Algorithm: sha256WithRSAEncryption
60:81:a8:30:12:98:c3:f0:d1:b0:e3:fe:a0:db:9b:00:19:aa:
9b:96:91:d1:c9:1a:57:d2:c0:cd:dd:2c:a9:3f:a4:98:e6:08:
a9:15:68:ab:95:57:6a:e5:35:8b:3d:3b:21:8e:3d:0a:12:c6:
c8:b8:c3:bf:1b:a5:99:2b:b6:7d:55:13:73:8e:54:64:94:d0:
42:77:14:81:97:89:83:f1:84:17:94:73:5d:76:20:2f:4e:70:
2c:82:9b:98:a5:63:78:6c:2c:ce:c2:17:54:3d:b9:77:bf:a2:
7c:1d:ed:67:b6:52:3a:2d:7a:c9:19:4c:1b:e0:75:cd:9d:42:
f1:41:60:1b:f1:c1:d9:bf:b3:1f:5c:b0:4b:f9:40:b1:3f:08:
63:84:9e:b3:ba:50:42:b7:99:80:62:c0:df:50:20:fe:c5:08:
3f:16:b4:11:f1:d5:58:e5:2f:7c:90:6e:98:70:ea:4f:e6:63:
07:86:85:0a:9d:10:19:60:b4:28:a0:3e:44:3e:ff:ee:e2:b5:
78:a7:fd:02:f5:de:9c:ec:52:06:40:50:96:7d:0f:0c:5e:64:
b3:80:a0:c9:20:7f:31:1b:fb:3d:8f:3b:4c:1c:10:70:53:10:
23:d5:10:97:60:4e:f9:61:d1:8b:5d:7d:b3:64:39:de:65:07:
11:1d:c3:1b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUYzcK/5Q6gExPT8Mlkia3pbLA4iIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjkxNTI0MzhaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0MTFkMjdhYTZmM2Q5MTgyMzMzNzRmOGRkOTQxNTc3MTBkM2Q5OGE4Zjhh
YjQyMDg0OGIzYmJiNGQ3Njk2YTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOBPRZ53il+hAdaYTgUGst79RSL5IDgAa8AeyrTD+fG/MdzS1FGqLzRaJXFA
KOI/0rjrT/FophgDQArH2CopsM0rkLkBP+cx35/DxkBakpvH6lW22gX2UdO+ymKZ
BU5owqJCbsK+dQHOOHMxBuBnqAnBUt4vjVgdHE2xIHEQLZq9tiVZLtzcpOJrsmvV
nmB+Pe9IHpP7xkwmrKtRlRr5tpOhW0W+4wVSMwm6UiDrOtmPSqEvvTsj5LApW2wg
UM4ScLyB0DlCnYNeqJoCibET6TQUPElux47O4Y3kzHLz1CEJDylzOwzaiOFeNkVv
YsbXRmK68ivaDk+EFjU0Jwm7FusCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBT4HiQv
33TPkMBFS7CbVKPqM8OSDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzEzNmEzMjItZjlkNC00Yzc3LWI0OGItM2E0YTViMmQzZDU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBCoF0CAw
DQYJKoZIhvcNAQELBQADggEBAGCBqDASmMPw0bDj/qDbmwAZqpuWkdHJGlfSwM3d
LKk/pJjmCKkVaKuVV2rlNYs9OyGOPQoSxsi4w78bpZkrtn1VE3OOVGSU0EJ3FIGX
iYPxhBeUc112IC9OcCyCm5ilY3hsLM7CF1Q9uXe/onwd7We2UjoteskZTBvgdc2d
QvFBYBvxwdm/sx9csEv5QLE/CGOEnrO6UEK3mYBiwN9QIP7FCD8WtBHx1VjlL3yQ
bphw6k/mYweGhQqdEBlgtCigPkQ+/+7itXin/QL13pzsUgZAUJZ9DwxeZLOAoMkg
fzEb+z2PO0wcEHBTECPVEJdgTvlh0YtdfbNkOd5lBxEdwxs=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:58 2025 by rpki-client