Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
File: 50b60672-d484-48a0-9016-474bafea8912.roa (raw, json)
Hash identifier: tdecOJFv6DeGemS7jDni0ilCTb6bYArB1mN6rdlVVd0=
Subject key identifier: 2B:18:D3:61:89:BD:F7:71:0B:00:74:57:DE:03:B4:64:26:5E:D8:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12892A44AB1431897DAA6E57405AC74AC5452A3D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
Signing time: Fri 26 Sep 2025 20:01:37 +0000
ROA not before: Fri 26 Sep 2025 20:01:37 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:89:2a:44:ab:14:31:89:7d:aa:6e:57:40:5a:c7:4a:c5:45:2a:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:01:37 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=aeae13d35a52368e6b65ce73b6538d6a2ae50218906e616686232561fcb3e211, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6a:a5:d0:82:ee:ed:ee:dd:ba:5a:dd:d5:53:
65:9f:de:60:67:e1:bc:db:9b:18:65:e7:cb:73:66:
7a:b5:4f:36:38:27:60:c2:6c:28:96:3f:7f:9a:58:
40:a5:ff:a9:29:97:38:01:a3:4a:14:a3:01:a3:0a:
19:0b:b9:22:8d:6f:0e:62:91:c2:ff:af:85:58:a9:
eb:c1:4d:51:8f:20:b5:6d:9d:96:9b:8f:0d:07:ae:
38:65:4b:cf:8d:fc:ec:a7:6b:4c:a9:23:2a:9b:8e:
70:e2:df:8f:bc:65:c6:45:25:00:b8:d4:fc:9f:97:
5b:40:a1:9a:34:40:cf:9b:04:16:09:9e:02:d8:ba:
5b:fb:7d:f9:fa:3f:86:29:50:df:19:4f:f8:0a:39:
d1:af:5b:e1:c6:39:db:3c:b9:88:44:19:e8:a9:e5:
a1:30:86:bd:84:a4:fa:95:fe:f3:6a:e7:aa:ac:cf:
64:a1:00:68:ce:f4:b7:72:87:e5:60:49:fa:45:b0:
39:e6:e7:b9:7e:b0:1e:b7:27:9d:5a:26:00:29:54:
9f:53:a5:23:3e:11:e8:0d:94:20:24:75:52:7c:b2:
73:58:df:c4:70:05:3c:44:fa:8d:35:57:5d:78:c5:
4c:e7:b0:2b:06:87:0c:c9:43:5b:b0:11:df:4e:6f:
1f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:18:D3:61:89:BD:F7:71:0B:00:74:57:DE:03:B4:64:26:5E:D8:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/36
Signature Algorithm: sha256WithRSAEncryption
60:f3:28:f2:19:60:df:0d:62:a3:fd:d2:e8:7c:35:4c:4f:0c:
4f:05:3f:0a:62:fd:18:3d:c5:7e:d7:ef:6d:43:7f:8f:1d:dc:
16:d3:39:4d:5a:80:5f:34:00:f1:1a:31:c9:b0:88:de:b7:16:
0f:4c:13:a6:71:ad:4d:5e:cc:7a:cc:6f:fe:03:12:8d:77:e4:
4d:fb:8a:77:cb:87:a3:81:09:64:24:53:86:d6:9d:e7:2d:24:
c0:5c:f9:e7:94:0a:d8:cf:c4:7d:90:d5:42:b7:4e:cf:a0:88:
09:b1:e4:71:d1:0f:af:47:d1:ed:0f:54:c7:44:79:c6:43:75:
97:36:6d:37:c9:91:a6:10:26:89:ba:ab:0a:a0:21:d4:0f:4f:
52:83:aa:e5:bf:f4:07:1a:96:83:1d:f1:8a:ec:21:b4:f2:c3:
30:57:d0:e8:29:dc:3f:c1:97:2b:0e:f1:fe:8f:0b:bc:fe:bf:
43:eb:36:85:d6:29:3c:5b:2a:24:8c:f4:62:58:d2:a7:43:50:
ba:1b:8a:77:99:57:52:fd:b4:f3:b3:05:34:95:b7:1b:f7:26:
f9:73:79:d6:28:d9:80:30:3c:05:4e:1f:65:54:5d:1c:89:f8:
25:ea:cb:69:00:39:70:fa:a4:0a:37:ac:d7:fe:77:46:9c:87:
c0:07:bc:9f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEokqRKsUMYl9qm5XQFrHSsVFKj0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDAxMzdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlYWUxM2QzNWE1MjM2OGU2YjY1Y2U3M2I2NTM4ZDZhMmFlNTAyMTg5MDZl
NjE2Njg2MjMyNTYxZmNiM2UyMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZqpdCC7u3u3bpa3dVTZZ/eYGfhvNubGGXny3NmerVPNjgnYMJsKJY/f5pY
QKX/qSmXOAGjShSjAaMKGQu5Io1vDmKRwv+vhVip68FNUY8gtW2dlpuPDQeuOGVL
z4387KdrTKkjKpuOcOLfj7xlxkUlALjU/J+XW0ChmjRAz5sEFgmeAti6W/t9+fo/
hilQ3xlP+Ao50a9b4cY52zy5iEQZ6KnloTCGvYSk+pX+82rnqqzPZKEAaM70t3KH
5WBJ+kWwOebnuX6wHrcnnVomAClUn1OlIz4R6A2UICR1Unyyc1jfxHAFPET6jTVX
XXjFTOewKwaHDMlDW7AR305vH9UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQrGNNh
ib33cQsAdFfeA7RkJl7Y1TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTBiNjA2NzItZDQ4NC00OGEwLTkwMTYtNDc0YmFmZWE4OTEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQBg8yjyGWDfDWKj/dLofDVMTwxPBT8KYv0YPcV+
1+9tQ3+PHdwW0zlNWoBfNADxGjHJsIjetxYPTBOmca1NXsx6zG/+AxKNd+RN+4p3
y4ejgQlkJFOG1p3nLSTAXPnnlArYz8R9kNVCt07PoIgJseRx0Q+vR9HtD1THRHnG
Q3WXNm03yZGmECaJuqsKoCHUD09Sg6rlv/QHGpaDHfGK7CG08sMwV9DoKdw/wZcr
DvH+jwu8/r9D6zaF1ik8WyokjPRiWNKnQ1C6G4p3mVdS/bTzswU0lbcb9yb5c3nW
KNmAMDwFTh9lVF0cifgl6stpADlw+qQKN6zX/ndGnIfAB7yf
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:05 2025 by rpki-client