Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
File: 5246cdd9-6493-4560-b4c3-8d974de78b57.roa (raw, json)
Hash identifier: /masn/h1KeOu4g4BMoQez91FmY9CzZDBBZ89GIKBgE8=
Subject key identifier: E6:05:20:78:2B:9D:8C:9A:47:90:AB:8D:07:EC:27:AE:9B:A3:BD:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EA636ACE695B9FA572B0DE6256343A09881A4F7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
Signing time: Fri 26 Sep 2025 19:51:28 +0000
ROA not before: Fri 26 Sep 2025 19:51:28 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:a6:36:ac:e6:95:b9:fa:57:2b:0d:e6:25:63:43:a0:98:81:a4:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:51:28 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=2fe365f57f2d2d39801431c3973d99440653c6b3875b1fd65995daa01d7de55c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:38:af:79:69:cb:c3:c2:aa:de:f5:16:f8:fe:
27:77:11:4c:b6:5e:d5:e1:0b:66:f9:ec:11:e9:3d:
51:60:1e:0b:fb:f3:f4:78:bc:a7:a0:bd:20:23:ee:
14:53:c3:2e:e1:00:78:39:00:55:61:29:46:b9:2b:
6c:d6:ca:5b:c4:6c:07:e7:b4:67:19:7d:f2:14:2c:
05:13:51:14:76:fa:5c:57:fc:68:bf:af:27:7e:c7:
cd:c0:ae:09:34:e2:20:1a:a9:6e:00:de:04:22:2d:
bd:f3:51:31:e1:20:83:e3:3d:bd:a0:f5:ff:0f:7f:
ef:81:d6:12:a9:c8:50:7e:d1:43:0f:63:9e:1e:f9:
61:63:41:7b:7e:d6:56:3c:4b:75:00:95:69:a4:e4:
1a:c0:c8:2d:aa:36:7d:40:d6:9d:04:47:16:e0:2e:
2b:81:e3:d2:ca:28:2b:c8:8e:bc:25:da:b2:4b:4f:
49:7f:cf:65:d7:52:b9:23:27:5f:97:3c:3b:2d:31:
ac:5f:8d:b6:fa:03:6a:ee:14:d5:77:f5:e5:bf:6e:
20:a7:0a:df:bf:c0:c7:b2:66:f9:03:c6:ea:f1:bb:
76:49:85:37:e2:f2:e8:ef:2e:6e:66:c5:c4:cd:81:
ce:f4:44:ae:54:a4:a5:53:36:b4:09:75:1b:64:bc:
e8:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:05:20:78:2B:9D:8C:9A:47:90:AB:8D:07:EC:27:AE:9B:A3:BD:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:c000::/40
Signature Algorithm: sha256WithRSAEncryption
09:0b:02:d8:5a:f3:c2:de:78:f5:85:aa:ef:60:48:3a:73:80:
be:b5:c3:eb:9d:0e:be:a2:e3:ec:31:95:06:83:d6:e2:e4:a4:
d0:c1:3a:90:08:f4:0b:bc:19:bf:3b:cc:59:52:fb:d4:20:9b:
43:cc:8f:06:ed:7e:4b:07:aa:c3:7b:c7:e0:d5:23:b5:bb:dc:
fd:4d:aa:5a:a1:56:2b:1c:b5:fc:41:39:7c:4b:a4:71:66:53:
92:99:83:2b:c9:71:f0:8a:63:c7:ec:c0:1b:5d:c1:d7:e4:d7:
d9:db:36:8a:d8:21:fe:22:4a:03:d7:36:ff:cb:9b:2f:75:34:
bd:23:e3:72:38:89:c0:ec:c1:7d:e2:16:d4:ca:bc:3e:92:1f:
c5:11:45:5f:f1:e2:6e:b9:e4:e2:5b:c8:74:20:bb:f2:57:ac:
e3:05:70:5d:1e:dd:68:56:b9:35:3d:07:c7:05:9f:77:e1:b7:
75:02:fe:74:ac:bf:4d:a0:ff:ba:1b:a0:51:55:5b:c4:e1:74:
ff:4d:e1:62:00:9a:c8:6d:37:8b:55:3c:8c:67:10:0c:bd:17:
ce:cd:b3:d5:c1:44:a1:cc:d9:98:dd:33:74:12:42:77:4e:a8:
31:85:61:6b:5b:a7:78:0e:85:db:c2:15:76:84:c4:df:04:cf:
12:9e:f0:5a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXqY2rOaVufpXKw3mJWNDoJiBpPcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTUxMjhaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmZTM2NWY1N2YyZDJkMzk4MDE0MzFjMzk3M2Q5OTQ0MDY1M2M2YjM4NzVi
MWZkNjU5OTVkYWEwMWQ3ZGU1NWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOY4r3lpy8PCqt71Fvj+J3cRTLZe1eELZvnsEek9UWAeC/vz9Hi8p6C9ICPu
FFPDLuEAeDkAVWEpRrkrbNbKW8RsB+e0Zxl98hQsBRNRFHb6XFf8aL+vJ37HzcCu
CTTiIBqpbgDeBCItvfNRMeEgg+M9vaD1/w9/74HWEqnIUH7RQw9jnh75YWNBe37W
VjxLdQCVaaTkGsDILao2fUDWnQRHFuAuK4Hj0sooK8iOvCXasktPSX/PZddSuSMn
X5c8Oy0xrF+NtvoDau4U1Xf15b9uIKcK37/Ax7Jm+QPG6vG7dkmFN+Ly6O8ubmbF
xM2BzvRErlSkpVM2tAl1G2S86IECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTmBSB4
K52MmkeQq40H7Ceum6O9azAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI0NmNkZDktNjQ5My00NTYwLWI0YzMtOGQ5NzRkZTc4YjU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DjA
MA0GCSqGSIb3DQEBCwUAA4IBAQAJCwLYWvPC3nj1harvYEg6c4C+tcPrnQ6+ouPs
MZUGg9bi5KTQwTqQCPQLvBm/O8xZUvvUIJtDzI8G7X5LB6rDe8fg1SO1u9z9Tapa
oVYrHLX8QTl8S6RxZlOSmYMryXHwimPH7MAbXcHX5NfZ2zaK2CH+IkoD1zb/y5sv
dTS9I+NyOInA7MF94hbUyrw+kh/FEUVf8eJuueTiW8h0ILvyV6zjBXBdHt1oVrk1
PQfHBZ934bd1Av50rL9NoP+6G6BRVVvE4XT/TeFiAJrIbTeLVTyMZxAMvRfOzbPV
wUShzNmY3TN0EkJ3TqgxhWFrW6d4DoXbwhV2hMTfBM8SnvBa
-----END CERTIFICATE-----
Generated at Tue Oct 21 01:36:22 2025 by rpki-client