Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
File: 3bde61a2-7506-48c2-8365-3447411d858e.roa (raw, json)
Hash identifier: r0EGtDw6+s5lqaZEhG6NzVNF3iZIp6V1cPbGJKuYDqc=
Subject key identifier: 32:17:D8:CD:84:CD:7F:31:4E:BE:F2:2B:3B:CE:F6:D9:7B:46:B4:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A95DA04377F3DF67ACDFB60C8982483608321AA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
Signing time: Fri 26 Sep 2025 19:41:31 +0000
ROA not before: Fri 26 Sep 2025 19:41:31 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:95:da:04:37:7f:3d:f6:7a:cd:fb:60:c8:98:24:83:60:83:21:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:41:31 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=ef29cae87949ada97d8bc4e249f752785ee09c27e21141cae73a218802afc4fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6c:a8:8f:4d:89:70:0d:df:fa:53:bb:dd:72:
f7:e5:a9:7a:11:3d:fd:c7:41:61:84:97:79:d0:74:
16:61:91:08:b0:00:47:04:01:61:e3:e8:86:5e:cf:
f5:22:d2:b7:3f:2e:66:13:99:06:a1:53:a8:27:3b:
a3:d9:13:51:98:46:cb:51:2f:06:dc:aa:16:5a:0e:
75:63:58:e6:f9:00:60:93:35:29:b7:76:f9:0a:74:
be:39:cd:fc:bd:59:6b:45:57:74:b6:3e:a9:04:62:
23:9a:88:10:a1:3c:62:b3:31:86:6e:7f:14:3b:ee:
ed:52:d1:04:1c:66:bf:2c:0c:94:b7:fc:11:3e:c3:
9f:88:61:4b:e0:ff:47:e9:15:b9:ab:87:ce:cc:c1:
76:6d:2d:2e:1c:dd:da:2a:75:f0:15:3c:bc:32:9a:
53:cb:01:11:2f:f6:14:a5:45:48:e6:55:07:a2:2e:
f6:a6:d4:e9:21:d1:60:f8:73:e0:a4:dc:88:4c:02:
79:79:07:11:00:14:4a:b7:dd:69:98:f6:3c:73:b6:
4e:f7:ff:86:01:02:d1:dc:f7:de:f9:6f:e6:bc:40:
c9:0a:01:b0:f1:57:e0:17:4f:f2:11:ae:6b:0f:4d:
3e:29:34:2d:1f:bf:bd:79:c0:3c:fd:e3:2f:a2:ce:
f0:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:17:D8:CD:84:CD:7F:31:4E:BE:F2:2B:3B:CE:F6:D9:7B:46:B4:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:5000::/40
Signature Algorithm: sha256WithRSAEncryption
5d:ee:19:49:0b:9d:3e:a8:94:13:dd:e8:24:0f:1e:e5:9d:49:
5b:42:08:43:36:55:36:9a:e7:62:59:a2:ba:ef:47:9b:7b:20:
e0:a6:fe:ff:57:fb:bf:4a:17:78:0b:ae:be:8e:e0:cc:78:1f:
4c:e6:c4:e6:b3:a6:af:4d:29:68:15:15:da:99:38:14:38:c2:
7e:6f:c5:d0:c7:ad:01:b4:11:45:72:5a:45:a9:ce:98:97:85:
c7:11:85:7d:b7:e8:92:19:86:cd:6f:70:47:95:0e:67:2b:de:
8d:c8:2f:ba:81:c8:01:13:d6:35:73:b3:ec:fc:f6:9c:e6:dc:
1a:e7:ae:72:80:c8:ba:0e:dd:31:fe:b4:cc:bd:7d:d1:17:3c:
99:03:af:42:66:16:8f:c8:31:b2:ca:c2:2d:42:86:60:b0:f6:
eb:24:17:d1:95:65:a8:01:22:db:0b:ad:f0:e2:15:33:09:8e:
ac:d6:a4:a8:d3:fe:0c:87:2f:2a:5e:09:46:08:f8:f0:45:bb:
3a:6b:82:ac:30:4b:c2:f4:90:f2:7d:34:bb:fe:ae:e9:c7:8c:
7f:fd:8b:e4:0c:ab:be:dc:e0:af:2c:77:88:08:74:b9:90:98:
23:cd:94:82:5e:dd:2e:4f:c6:fa:6b:64:75:70:42:06:4e:89:
fe:3f:a3:88
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGpXaBDd/PfZ6zftgyJgkg2CDIaowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTQxMzFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmMjljYWU4Nzk0OWFkYTk3ZDhiYzRlMjQ5Zjc1Mjc4NWVlMDljMjdlMjEx
NDFjYWU3M2EyMTg4MDJhZmM0ZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJVsqI9NiXAN3/pTu91y9+WpehE9/cdBYYSXedB0FmGRCLAARwQBYePohl7P
9SLStz8uZhOZBqFTqCc7o9kTUZhGy1EvBtyqFloOdWNY5vkAYJM1Kbd2+Qp0vjnN
/L1Za0VXdLY+qQRiI5qIEKE8YrMxhm5/FDvu7VLRBBxmvywMlLf8ET7Dn4hhS+D/
R+kVuauHzszBdm0tLhzd2ip18BU8vDKaU8sBES/2FKVFSOZVB6Iu9qbU6SHRYPhz
4KTciEwCeXkHEQAUSrfdaZj2PHO2Tvf/hgEC0dz33vlv5rxAyQoBsPFX4BdP8hGu
aw9NPik0LR+/vXnAPP3jL6LO8PUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQyF9jN
hM1/MU6+8is7zvbZe0a0ijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2JkZTYxYTItNzUwNi00OGMyLTgzNjUtMzQ0NzQxMWQ4NThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBd7hlJC50+qJQT3egkDx7lnUlbQghDNlU2mudi
WaK670ebeyDgpv7/V/u/Shd4C66+juDMeB9M5sTms6avTSloFRXamTgUOMJ+b8XQ
x60BtBFFclpFqc6Yl4XHEYV9t+iSGYbNb3BHlQ5nK96NyC+6gcgBE9Y1c7Ps/Pac
5twa565ygMi6Dt0x/rTMvX3RFzyZA69CZhaPyDGyysItQoZgsPbrJBfRlWWoASLb
C63w4hUzCY6s1qSo0/4Mhy8qXglGCPjwRbs6a4KsMEvC9JDyfTS7/q7px4x//Yvk
DKu+3OCvLHeICHS5kJgjzZSCXt0uT8b6a2R1cEIGTon+P6OI
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:35 2025 by rpki-client