Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
File: 3ef5e7b8-24ad-41af-8334-2eff292a769d.roa (raw, json)
Hash identifier: afcQLimCoJb33+VxoE7Kojb8OoZx8Ac6Se2xBYRVuIk=
Subject key identifier: 16:F5:35:A6:5D:9A:52:40:33:BE:C8:17:46:81:27:D7:88:94:29:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11456FACFE180C71C35EA4F06624714BF1B05FAB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
Signing time: Fri 26 Sep 2025 19:01:11 +0000
ROA not before: Fri 26 Sep 2025 19:01:11 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:45:6f:ac:fe:18:0c:71:c3:5e:a4:f0:66:24:71:4b:f1:b0:5f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:01:11 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=e67233bf4fbc9c51ff9b6f17fa866a7dbbd66f0d7f0a1b241adaf422a479d0ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a5:de:80:0d:57:6e:9b:44:07:39:7e:53:ac:
69:d9:ea:8c:f5:0b:de:7a:50:66:67:06:cb:a0:9b:
11:2d:15:d8:23:df:9a:a3:0e:8c:5a:8b:7d:bd:4e:
30:e2:31:0a:75:a1:78:bd:55:ed:ae:44:1f:9b:1b:
8b:31:37:90:0c:8c:c0:31:f7:b4:50:b3:5d:f1:0a:
b7:f5:ed:91:11:07:44:4b:b9:2f:b7:52:32:88:2f:
bc:d7:70:9a:82:e3:4c:bf:05:0b:1b:05:f5:b3:1f:
58:9a:5c:11:c2:6b:89:6b:fd:00:bc:08:8c:b2:96:
89:d9:3d:5c:ce:0c:a6:32:9a:8f:61:45:60:de:e6:
f7:7f:fc:4e:c7:07:2d:47:a8:07:2e:5e:91:fc:9c:
a3:41:ab:94:c9:f2:4a:1d:9c:95:69:8f:ea:a4:fd:
b4:c2:6a:1b:d2:65:be:bd:49:0c:fb:35:5c:4e:a9:
e2:54:3c:01:93:57:7b:1d:18:f2:cb:f8:46:1a:54:
9e:99:74:c4:b2:9d:ad:37:06:2e:35:65:99:d6:a0:
bf:dd:8e:c2:ca:25:71:da:a9:bd:63:08:ca:73:52:
8c:00:4d:5d:c9:c4:e1:43:1e:18:a9:ee:c6:ff:de:
35:3d:92:8e:37:a8:a2:90:9c:6d:4b:d4:af:6b:8f:
d6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:F5:35:A6:5D:9A:52:40:33:BE:C8:17:46:81:27:D7:88:94:29:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
49:c4:a5:93:6c:0b:4c:5f:6e:d2:27:bc:2e:3b:a2:69:06:8d:
4d:47:35:20:56:c4:33:f6:05:e6:2f:a4:b1:da:a5:62:cb:23:
96:30:33:a2:3f:5e:20:2c:5a:12:3d:7f:ea:bc:a2:d9:72:7a:
f8:11:3b:50:69:d4:91:fe:63:76:fa:c8:74:ce:95:9a:ac:3b:
ea:3a:73:1e:3d:fc:c3:09:67:d3:89:4e:58:5d:4e:4e:47:07:
a4:e4:1e:f6:be:11:1f:e8:2f:f0:70:ff:ba:48:54:5d:a6:f3:
4b:a9:1d:24:ae:bb:38:78:73:bc:bc:de:d5:f7:eb:37:94:28:
e3:d9:bc:c5:10:b0:a5:f9:58:25:6a:77:11:9a:7f:53:c4:b1:
31:07:16:04:5a:82:48:af:aa:02:33:93:17:3e:a3:68:05:62:
c1:4d:dc:4e:9b:1e:20:9d:55:f8:7f:74:06:33:8c:75:f5:a2:
d5:84:2c:ea:49:2e:90:7d:62:2b:8d:84:0f:18:cb:e7:a0:20:
66:da:99:2c:8a:eb:9a:39:00:06:5d:08:6f:37:1c:59:0e:c4:
ec:5c:23:76:1b:f5:8a:b9:e8:15:d1:17:3f:e9:cb:4e:ad:b4:
49:40:f6:60:e8:77:46:38:62:e8:4a:fd:52:a4:f1:92:72:70:
9b:20:a6:a3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEUVvrP4YDHHDXqTwZiRxS/GwX6swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTAxMTFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2NzIzM2JmNGZiYzljNTFmZjliNmYxN2ZhODY2YTdkYmJkNjZmMGQ3ZjBh
MWIyNDFhZGFmNDIyYTQ3OWQwZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN+l3oANV26bRAc5flOsadnqjPUL3npQZmcGy6CbES0V2CPfmqMOjFqLfb1O
MOIxCnWheL1V7a5EH5sbizE3kAyMwDH3tFCzXfEKt/XtkREHREu5L7dSMogvvNdw
moLjTL8FCxsF9bMfWJpcEcJriWv9ALwIjLKWidk9XM4MpjKaj2FFYN7m93/8TscH
LUeoBy5ekfyco0GrlMnySh2clWmP6qT9tMJqG9Jlvr1JDPs1XE6p4lQ8AZNXex0Y
8sv4RhpUnpl0xLKdrTcGLjVlmdagv92OwsolcdqpvWMIynNSjABNXcnE4UMeGKnu
xv/eNT2SjjeoopCcbUvUr2uP1rcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQW9TWm
XZpSQDO+yBdGgSfXiJQpzTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2VmNWU3YjgtMjRhZC00MWFmLTgzMzQtMmVmZjI5MmE3NjlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9g
wDANBgkqhkiG9w0BAQsFAAOCAQEAScSlk2wLTF9u0ie8LjuiaQaNTUc1IFbEM/YF
5i+ksdqlYssjljAzoj9eICxaEj1/6ryi2XJ6+BE7UGnUkf5jdvrIdM6Vmqw76jpz
Hj38wwln04lOWF1OTkcHpOQe9r4RH+gv8HD/ukhUXabzS6kdJK67OHhzvLze1ffr
N5Qo49m8xRCwpflYJWp3EZp/U8SxMQcWBFqCSK+qAjOTFz6jaAViwU3cTpseIJ1V
+H90BjOMdfWi1YQs6kkukH1iK42EDxjL56AgZtqZLIrrmjkABl0IbzccWQ7E7Fwj
dhv1irnoFdEXP+nLTq20SUD2YOh3Rjhi6Er9UqTxknJwmyCmow==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:17 2025 by rpki-client