Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
File: 3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa (raw, json)
Hash identifier: XG6YZ0uYSSjPRCLP4bCXzuR3nPy6obwVd6gRkRmsKoc=
Subject key identifier: 76:94:5D:62:98:9C:94:C7:C1:60:CF:4F:F9:A5:9A:44:F1:64:64:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B41B332F71A8B6D4EB603CABD598474D47E9568
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
Signing time: Fri 26 Sep 2025 18:42:12 +0000
ROA not before: Fri 26 Sep 2025 18:42:12 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:41:b3:32:f7:1a:8b:6d:4e:b6:03:ca:bd:59:84:74:d4:7e:95:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:42:12 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=528c721e6faa0fdc7f5c7c5a831ef578ea8eaf2b67c89145463fa66ace1887bc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:24:e6:0b:58:9a:5f:17:ca:af:bd:79:8b:d2:
6f:a4:f1:fa:a4:90:1a:07:a6:46:98:3b:17:e8:9a:
0d:d3:a1:8f:7e:b0:a8:9c:e6:8f:03:2e:1a:3a:8f:
ad:41:da:f0:d6:0a:8d:d9:73:93:99:28:e9:86:42:
74:71:3e:55:64:f4:17:fb:39:2d:50:fc:ae:c5:63:
da:36:ee:bf:e8:6c:13:d0:83:61:2a:d2:91:81:0c:
82:ec:97:62:21:9c:a0:dc:bd:91:64:8c:d0:39:cf:
1a:12:8d:d7:b1:55:f9:74:8a:c5:71:f5:12:8d:da:
bd:d2:ce:3c:59:73:5c:b5:a9:6c:21:74:70:e4:ce:
4b:13:0e:84:c6:d4:a2:46:47:f4:4d:2d:65:91:69:
49:4b:43:f5:f0:3e:02:12:5c:80:b2:8b:b5:bd:f9:
35:6b:ed:d5:1f:91:23:6d:aa:80:44:a9:41:11:c5:
ce:c1:9e:f4:5e:a1:ed:88:05:c3:98:92:c0:d1:ee:
ea:12:82:3a:8e:33:27:18:7d:cf:8f:ed:33:70:de:
df:6e:0c:69:6e:47:f8:b4:8e:e5:ab:f6:f8:53:4c:
5f:35:7d:64:6d:04:80:e6:4b:6c:36:d7:85:6c:e5:
fd:0d:d3:91:08:50:89:6d:d5:0d:34:5f:60:41:c9:
8e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:94:5D:62:98:9C:94:C7:C1:60:CF:4F:F9:A5:9A:44:F1:64:64:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:b000::/40
Signature Algorithm: sha256WithRSAEncryption
21:5d:ff:7e:64:a2:6a:2c:8d:bc:c8:a6:0c:a9:80:df:8c:f1:
c7:43:9a:21:0b:22:32:85:4c:37:4c:a5:a5:1e:8d:0a:35:71:
82:5b:5e:b2:7c:18:12:58:89:48:b2:4d:5b:dc:64:80:60:4c:
2e:53:8a:a3:2a:6b:b6:96:49:59:ae:64:f9:d1:2e:f2:fc:ce:
d9:00:0d:66:21:43:80:ae:e9:cb:c4:42:61:10:0b:65:f8:89:
07:55:a3:66:c6:4c:a5:6b:31:5c:50:43:94:64:4a:e6:6d:7a:
49:47:71:84:71:3d:69:15:56:5e:82:a4:64:e9:c1:19:0e:4a:
42:9a:47:37:65:50:26:5b:24:82:e0:80:bd:42:a9:23:11:9e:
12:a7:5f:73:ce:ed:3b:d9:d9:01:5e:f2:05:fc:83:69:05:b8:
e6:b9:4f:8a:28:c0:02:e8:27:c8:66:3b:3b:56:ef:31:12:9b:
cf:72:21:a7:16:2f:77:9a:06:97:44:dd:a0:3c:82:1a:c7:b4:
9e:aa:21:3f:c8:ff:65:df:21:b3:09:f8:5f:9e:1d:b2:4e:3c:
bf:4c:d9:c6:38:7a:c8:b5:32:a8:f1:5e:6f:98:64:81:c1:13:
73:6f:71:38:7a:7c:52:63:d7:8f:26:d5:9a:e0:a0:6d:1f:ed:
92:21:88:89
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe0GzMvcai21OtgPKvVmEdNR+lWgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODQyMTJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyOGM3MjFlNmZhYTBmZGM3ZjVjN2M1YTgzMWVmNTc4ZWE4ZWFmMmI2N2M4
OTE0NTQ2M2ZhNjZhY2UxODg3YmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANck5gtYml8Xyq+9eYvSb6Tx+qSQGgemRpg7F+iaDdOhj36wqJzmjwMuGjqP
rUHa8NYKjdlzk5ko6YZCdHE+VWT0F/s5LVD8rsVj2jbuv+hsE9CDYSrSkYEMguyX
YiGcoNy9kWSM0DnPGhKN17FV+XSKxXH1Eo3avdLOPFlzXLWpbCF0cOTOSxMOhMbU
okZH9E0tZZFpSUtD9fA+AhJcgLKLtb35NWvt1R+RI22qgESpQRHFzsGe9F6h7YgF
w5iSwNHu6hKCOo4zJxh9z4/tM3De324MaW5H+LSO5av2+FNMXzV9ZG0EgOZLbDbX
hWzl/Q3TkQhQiW3VDTRfYEHJjhMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR2lF1i
mJyUx8Fgz0/5pZpE8WRkjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2E2YWJhMWYtNDQwZS00ODc0LTkxOTMtYTNhMWY2ZWEzZWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKw
MA0GCSqGSIb3DQEBCwUAA4IBAQAhXf9+ZKJqLI28yKYMqYDfjPHHQ5ohCyIyhUw3
TKWlHo0KNXGCW16yfBgSWIlIsk1b3GSAYEwuU4qjKmu2lklZrmT50S7y/M7ZAA1m
IUOArunLxEJhEAtl+IkHVaNmxkylazFcUEOUZErmbXpJR3GEcT1pFVZegqRk6cEZ
DkpCmkc3ZVAmWySC4IC9QqkjEZ4Sp19zzu072dkBXvIF/INpBbjmuU+KKMAC6CfI
Zjs7Vu8xEpvPciGnFi93mgaXRN2gPIIax7SeqiE/yP9l3yGzCfhfnh2yTjy/TNnG
OHrItTKo8V5vmGSBwRNzb3E4enxSY9ePJtWa4KBtH+2SIYiJ
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:35 2025 by rpki-client