Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
File: 3f1caa71-8276-42c2-bf3a-470ac560fb89.roa (raw, json)
Hash identifier: cQJHZiWbM9an5PhjNIZHb8wrOLm8Yln86caa1BTrLfA=
Subject key identifier: 36:CE:1E:BD:94:41:A7:F7:D9:1D:28:CC:F9:AE:C8:0E:2D:AC:9D:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12E5D95C9D8B7002C2EC397C774F59DD76BD640E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
Signing time: Fri 26 Sep 2025 20:11:10 +0000
ROA not before: Fri 26 Sep 2025 20:11:10 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:e5:d9:5c:9d:8b:70:02:c2:ec:39:7c:77:4f:59:dd:76:bd:64:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:11:10 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=88c2b49bcb18d15bbc1e0ae8ad20b9419358819c8cc8f3962fd46be75f41deb0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:11:b0:e7:61:5b:55:0d:e0:c0:03:f5:58:c3:
f2:b7:b4:80:ae:e5:ee:8c:dc:ab:ea:4d:35:8a:ae:
99:21:11:1f:ee:51:df:4c:94:ef:80:f1:71:28:8b:
ad:64:4e:a4:39:5d:7a:36:cc:ca:53:28:6e:85:31:
21:33:5b:6a:ad:a4:9c:80:f2:73:85:ba:c7:2a:d3:
16:05:4b:c4:f8:e7:15:1b:57:15:43:51:bc:0f:50:
20:cd:d5:48:6e:97:5a:8c:1c:50:63:ef:a1:a0:a1:
2a:2b:b5:34:43:68:3a:b9:6d:d3:95:d4:f1:b0:4b:
45:5f:9f:5f:23:ec:1c:a9:c5:d9:70:1e:42:0a:8c:
3d:17:ec:d1:09:34:85:7d:63:e7:3b:22:6a:2c:44:
06:f5:78:dc:08:20:30:9a:23:6a:d0:4f:0f:32:19:
f5:42:e9:9b:f4:1c:78:63:61:0b:d7:a5:a6:83:94:
e6:d1:93:00:b8:5f:e5:16:f4:12:6f:e3:f6:65:81:
a4:ce:6c:52:32:14:5a:c9:64:78:34:66:7a:71:18:
30:74:26:1a:31:92:03:40:74:d5:8b:57:b0:58:2c:
5f:bd:19:f6:44:ac:22:3b:a2:9a:f1:4f:41:4b:82:
64:81:4b:29:d4:b1:85:e1:b7:32:40:99:15:4c:05:
e3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:CE:1E:BD:94:41:A7:F7:D9:1D:28:CC:F9:AE:C8:0E:2D:AC:9D:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d::/37
Signature Algorithm: sha256WithRSAEncryption
9a:ec:82:49:91:03:51:19:b3:15:53:78:88:82:b3:57:f6:3a:
ac:fd:f9:d0:97:5f:b4:a9:23:94:04:a4:37:26:48:94:05:97:
34:24:98:0c:f5:4a:63:b6:67:db:b1:20:a3:ff:fb:8f:4d:b8:
8e:b1:d7:9d:3e:01:9c:9a:bd:79:8b:7c:b7:b0:03:b4:38:be:
04:0d:24:fc:53:8f:9f:c5:55:50:a1:a7:59:bd:a3:3d:6a:db:
ae:d8:92:97:20:c6:d1:75:35:0e:66:b2:0d:eb:80:0c:3e:df:
11:0b:ce:b3:77:b3:5a:5d:8a:d3:bb:ec:15:4f:68:d6:a8:c1:
59:a3:8e:f2:cd:33:27:ce:dd:87:b2:46:43:fb:11:bf:ff:9c:
e0:f3:3e:74:26:34:68:f0:7a:f8:83:18:97:c1:99:f4:72:e0:
15:1a:da:94:28:b3:a3:60:14:d3:c9:0d:c2:a4:ed:9a:7a:f4:
45:b0:f7:cb:95:c3:b0:4c:31:ee:c1:28:ac:bf:12:ad:81:9d:
c3:f0:94:6b:8a:a5:7b:ac:3b:12:6a:3b:22:8f:ab:8e:86:95:
58:3d:ef:a5:5b:12:20:fd:cf:5c:fc:64:40:1d:68:37:d4:d9:
6b:7f:aa:35:29:0e:f8:cc:da:5d:5d:6d:14:72:6d:d2:2a:ee:
89:b3:a9:f8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEuXZXJ2LcALC7Dl8d09Z3Xa9ZA4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDExMTBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4YzJiNDliY2IxOGQxNWJiYzFlMGFlOGFkMjBiOTQxOTM1ODgxOWM4Y2M4
ZjM5NjJmZDQ2YmU3NWY0MWRlYjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0RsOdhW1UN4MAD9VjD8re0gK7l7ozcq+pNNYqumSERH+5R30yU74DxcSiL
rWROpDldejbMylMoboUxITNbaq2knIDyc4W6xyrTFgVLxPjnFRtXFUNRvA9QIM3V
SG6XWowcUGPvoaChKiu1NENoOrlt05XU8bBLRV+fXyPsHKnF2XAeQgqMPRfs0Qk0
hX1j5zsiaixEBvV43AggMJojatBPDzIZ9ULpm/QceGNhC9elpoOU5tGTALhf5Rb0
Em/j9mWBpM5sUjIUWslkeDRmenEYMHQmGjGSA0B01YtXsFgsX70Z9kSsIjuimvFP
QUuCZIFLKdSxheG3MkCZFUwF4+MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ2zh69
lEGn99kdKMz5rsgOLaydDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2YxY2FhNzEtODI3Ni00MmMyLWJmM2EtNDcwYWM1NjBmYjg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0A
MA0GCSqGSIb3DQEBCwUAA4IBAQCa7IJJkQNRGbMVU3iIgrNX9jqs/fnQl1+0qSOU
BKQ3JkiUBZc0JJgM9UpjtmfbsSCj//uPTbiOsdedPgGcmr15i3y3sAO0OL4EDST8
U4+fxVVQoadZvaM9atuu2JKXIMbRdTUOZrIN64AMPt8RC86zd7NaXYrTu+wVT2jW
qMFZo47yzTMnzt2HskZD+xG//5zg8z50JjRo8Hr4gxiXwZn0cuAVGtqUKLOjYBTT
yQ3CpO2aevRFsPfLlcOwTDHuwSisvxKtgZ3D8JRriqV7rDsSajsij6uOhpVYPe+l
WxIg/c9c/GRAHWg31Nlrf6o1KQ74zNpdXW0Ucm3SKu6Js6n4
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:48 2025 by rpki-client