Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
File: 515f7e85-9223-47e5-be2b-42ec6a12a88b.roa (raw, json)
Hash identifier: E85rESNjSUjBnmxGblimGFBExH6zh7EFNB5fffX8YiI=
Subject key identifier: 0B:E9:74:32:96:44:27:88:C9:8E:C6:1A:CF:01:26:26:03:BE:9A:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 42B6DA5EFD5CFABF1404CF2283935779F70C645E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
Signing time: Fri 26 Sep 2025 19:39:46 +0000
ROA not before: Fri 26 Sep 2025 19:39:46 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:b6:da:5e:fd:5c:fa:bf:14:04:cf:22:83:93:57:79:f7:0c:64:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:39:46 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a0d1d23ebb817c75e9c7353c8dfd6a3bca928b73d49c5c0305e56dca0a1707f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:0f:ca:0f:4d:51:1d:a7:6f:8a:bd:83:ce:56:
96:40:84:6a:b8:d8:0f:a9:d9:5e:84:de:ed:27:2b:
b5:e3:dd:a5:b8:01:08:b6:0c:3b:12:9a:ea:fb:d4:
f1:3b:88:36:59:b7:28:98:2a:ea:be:ca:58:c6:b3:
89:cc:5a:bf:6d:33:38:e7:f2:9e:57:ce:19:ce:4f:
2d:84:13:15:07:e0:01:f4:9d:ce:ad:9b:b9:65:81:
10:51:f4:2f:ed:26:4b:c0:7f:56:93:7b:6c:5b:91:
04:5d:0f:a4:87:19:11:da:bc:26:19:b5:0d:77:4c:
6a:f3:a6:e7:83:b6:34:60:81:46:08:18:57:70:d8:
1a:35:ce:eb:ff:87:42:8f:bb:f7:79:ae:f1:82:c5:
98:64:89:56:9b:9e:f1:1e:43:de:1f:a3:01:20:9a:
e1:df:d0:0c:6a:8e:4c:47:0a:d3:91:53:20:40:17:
5d:64:22:9c:48:2d:ed:b9:22:20:d1:6c:cc:15:68:
aa:c3:0f:aa:3a:8b:0c:69:80:40:b9:85:28:92:aa:
79:e2:ac:71:62:03:64:17:90:69:d9:66:30:cf:1e:
75:1f:32:39:02:10:67:4b:b5:ba:e3:ba:ed:67:54:
4b:ee:4a:60:60:f5:a6:bf:66:c5:3c:7f:bb:12:1d:
e7:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:E9:74:32:96:44:27:88:C9:8E:C6:1A:CF:01:26:26:03:BE:9A:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:9000::/40
Signature Algorithm: sha256WithRSAEncryption
be:9c:99:5b:73:b3:1b:c5:c8:20:9a:83:86:f5:a3:61:c7:c9:
70:6a:cd:a4:f1:34:da:28:f7:c5:71:a2:44:b7:80:f3:91:d9:
71:b2:7c:2c:08:f1:e3:98:12:13:fb:a4:8e:fd:ba:25:bd:19:
39:6e:e8:f2:72:7f:cc:7a:0d:be:8c:e5:c2:6e:f5:ca:e9:c0:
b4:9d:95:d3:6d:67:51:67:b4:5a:8b:8b:9b:f2:98:30:00:5c:
98:a0:a1:22:63:59:9c:85:75:9a:59:d3:73:1a:70:11:38:94:
46:77:0c:34:98:cc:02:76:07:24:90:2c:b9:d9:1a:55:35:57:
c2:af:15:77:4e:9f:a0:13:03:31:83:fc:a9:de:49:a8:71:f2:
2e:3c:4c:52:25:92:c1:82:aa:25:11:6e:61:e2:83:93:11:1f:
56:2b:29:61:d9:3e:63:1b:a3:8f:1a:a7:c9:dc:96:72:6a:7a:
35:b4:ab:63:89:9f:a3:0a:b5:d8:fb:3d:ec:44:ec:34:6b:da:
9e:53:99:e1:ac:cc:b8:30:a7:7d:53:8d:b2:e1:11:0f:fd:b3:
5d:c8:c3:84:d4:a7:dc:bf:c6:bb:2a:7e:55:b1:ee:7d:88:cc:
7b:2b:75:95:0b:4a:99:6c:47:7d:53:8c:3c:c5:aa:37:d6:83:
1d:33:6d:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQrbaXv1c+r8UBM8ig5NXefcMZF4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTM5NDZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwZDFkMjNlYmI4MTdjNzVlOWM3MzUzYzhkZmQ2YTNiY2E5MjhiNzNkNDlj
NWMwMzA1ZTU2ZGNhMGExNzA3ZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIQPyg9NUR2nb4q9g85WlkCEarjYD6nZXoTe7ScrtePdpbgBCLYMOxKa6vvU
8TuINlm3KJgq6r7KWMazicxav20zOOfynlfOGc5PLYQTFQfgAfSdzq2buWWBEFH0
L+0mS8B/VpN7bFuRBF0PpIcZEdq8Jhm1DXdMavOm54O2NGCBRggYV3DYGjXO6/+H
Qo+793mu8YLFmGSJVpue8R5D3h+jASCa4d/QDGqOTEcK05FTIEAXXWQinEgt7bki
INFszBVoqsMPqjqLDGmAQLmFKJKqeeKscWIDZBeQadlmMM8edR8yOQIQZ0u1uuO6
7WdUS+5KYGD1pr9mxTx/uxId5yMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQL6XQy
lkQniMmOxhrPASYmA76asDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTE1ZjdlODUtOTIyMy00N2U1LWJlMmItNDJlYzZhMTJhODhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2Q
MA0GCSqGSIb3DQEBCwUAA4IBAQC+nJlbc7MbxcggmoOG9aNhx8lwas2k8TTaKPfF
caJEt4DzkdlxsnwsCPHjmBIT+6SO/bolvRk5bujycn/Meg2+jOXCbvXK6cC0nZXT
bWdRZ7Rai4ub8pgwAFyYoKEiY1mchXWaWdNzGnAROJRGdww0mMwCdgckkCy52RpV
NVfCrxV3Tp+gEwMxg/yp3kmocfIuPExSJZLBgqolEW5h4oOTER9WKylh2T5jG6OP
GqfJ3JZyano1tKtjiZ+jCrXY+z3sROw0a9qeU5nhrMy4MKd9U42y4REP/bNdyMOE
1Kfcv8a7Kn5Vse59iMx7K3WVC0qZbEd9U4w8xao31oMdM21E
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:29 2025 by rpki-client