Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa
File: 42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa (raw, json)
Hash identifier: GghGk+MsrBywDHqiAQ6feGzNuZVPtecmmiRqjOLVjqY=
Subject key identifier: 75:6A:8E:F8:AD:86:31:53:04:AB:0C:5E:8F:88:7A:A6:2A:22:E9:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36E675BCE535A8A622C9FB1F1721B90C40D7B5A1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa
Signing time: Fri 26 Sep 2025 18:41:06 +0000
ROA not before: Fri 26 Sep 2025 18:41:06 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8090::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:e6:75:bc:e5:35:a8:a6:22:c9:fb:1f:17:21:b9:0c:40:d7:b5:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:41:06 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a96f80b8fb73815b91d451debd2cfa7245a08c0b072304e5b0452f0417ee2aed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c9:bb:93:2b:61:77:c0:e3:db:64:61:16:be:
97:14:96:bb:40:83:d2:98:21:ba:da:ef:d1:b2:88:
77:d7:f9:78:3d:00:95:b8:0d:b9:d3:3f:a2:37:d5:
5f:2d:c9:85:db:51:0a:e4:b3:c2:1d:04:7d:f0:94:
0d:da:f9:5b:20:4f:d7:77:fe:30:34:f2:84:fc:be:
a2:fe:39:ca:fb:b3:69:16:af:43:a1:60:3e:a0:83:
e2:a1:eb:d8:69:a5:a1:13:94:81:d0:2c:9c:82:1b:
bd:ee:c3:a5:eb:23:03:27:d2:6c:38:db:3c:61:fe:
57:38:68:e1:64:9b:e1:e6:b8:fc:e7:2d:1d:5c:86:
e2:5a:94:97:bc:05:22:7f:d0:1b:b0:bc:64:1a:ee:
28:35:e4:d8:f3:61:91:04:de:26:e8:75:e3:de:3e:
f6:05:e9:34:a6:2e:95:72:3a:83:65:44:5b:19:30:
cc:6a:69:a6:db:a6:60:17:9f:1d:b3:ce:f7:25:9d:
d7:03:57:c3:d7:c9:59:09:26:5c:b3:3d:32:70:b7:
0b:4e:76:02:49:18:d1:7e:d0:13:c5:10:af:e9:c5:
cf:5d:a4:59:f1:fb:e7:5d:4f:7e:40:cc:c9:d3:70:
1f:aa:a7:6d:32:96:8a:dd:49:18:bb:54:3a:a1:26:
f5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6A:8E:F8:AD:86:31:53:04:AB:0C:5E:8F:88:7A:A6:2A:22:E9:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8090::/48
Signature Algorithm: sha256WithRSAEncryption
99:e1:ad:c9:48:ed:44:19:4e:24:4b:35:30:ba:7a:2b:07:31:
21:2f:e9:6c:23:f0:c0:d7:a7:9a:01:40:5c:c9:f9:29:33:8c:
e8:56:6e:6a:7e:a6:81:5a:27:aa:5a:96:a1:f5:22:e4:e2:6b:
c5:9b:46:d6:2e:f0:79:36:f4:ad:a6:9a:db:2a:16:d5:22:69:
e8:d9:4f:4e:6c:01:97:b4:3b:37:09:ae:5b:14:f5:44:c5:ac:
0f:0d:d3:9c:40:89:c6:dd:3c:c7:60:8c:be:3b:43:f2:62:c9:
1e:b7:b6:9d:42:ef:f3:28:6b:e7:c6:da:50:31:b6:1a:f8:bb:
a3:e9:59:5d:c2:d1:c5:78:53:80:89:8c:91:71:2f:52:56:35:
ee:1f:3d:5c:aa:23:36:62:62:73:80:4b:5a:cb:bf:5b:4f:54:
a9:d6:7f:75:27:f8:7f:dc:96:aa:31:64:e2:31:e7:32:93:c6:
15:0f:d5:1b:92:ca:c3:04:69:2e:0e:6f:4f:d0:51:e4:ec:44:
9e:b3:d6:4f:ea:2e:c8:6c:72:71:a6:7f:b5:56:52:ed:a2:9f:
6a:ba:0a:ba:03:75:a6:55:2d:47:9b:8f:99:97:d8:5d:97:0a:
a8:48:2b:2b:98:25:fe:da:49:85:42:da:9a:84:7d:a5:51:c0:
35:05:c1:c7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNuZ1vOU1qKYiyfsfFyG5DEDXtaEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODQxMDZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5NmY4MGI4ZmI3MzgxNWI5MWQ0NTFkZWJkMmNmYTcyNDVhMDhjMGIwNzIz
MDRlNWIwNDUyZjA0MTdlZTJhZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfJu5MrYXfA49tkYRa+lxSWu0CD0pghutrv0bKId9f5eD0AlbgNudM/ojfV
Xy3JhdtRCuSzwh0EffCUDdr5WyBP13f+MDTyhPy+ov45yvuzaRavQ6FgPqCD4qHr
2GmloROUgdAsnIIbve7DpesjAyfSbDjbPGH+Vzho4WSb4ea4/OctHVyG4lqUl7wF
In/QG7C8ZBruKDXk2PNhkQTeJuh1494+9gXpNKYulXI6g2VEWxkwzGppptumYBef
HbPO9yWd1wNXw9fJWQkmXLM9MnC3C052AkkY0X7QE8UQr+nFz12kWfH7511PfkDM
ydNwH6qnbTKWit1JGLtUOqEm9eMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR1ao74
rYYxUwSrDF6PiHqmKiLp1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDJlZjdkODktYjliZi00NjBmLWI5MDYtNzQ0M2Q5NmY0YTZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
kDANBgkqhkiG9w0BAQsFAAOCAQEAmeGtyUjtRBlOJEs1MLp6KwcxIS/pbCPwwNen
mgFAXMn5KTOM6FZuan6mgVonqlqWofUi5OJrxZtG1i7weTb0raaa2yoW1SJp6NlP
TmwBl7Q7NwmuWxT1RMWsDw3TnECJxt08x2CMvjtD8mLJHre2nULv8yhr58baUDG2
Gvi7o+lZXcLRxXhTgImMkXEvUlY17h89XKojNmJic4BLWsu/W09UqdZ/dSf4f9yW
qjFk4jHnMpPGFQ/VG5LKwwRpLg5vT9BR5OxEnrPWT+ouyGxycaZ/tVZS7aKfaroK
ugN1plUtR5uPmZfYXZcKqEgrK5gl/tpJhULamoR9pVHANQXBxw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:31 2025 by rpki-client