Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/528c97d8-1890-4c86-9eee-907363f046e1.roa
File: 528c97d8-1890-4c86-9eee-907363f046e1.roa (raw, json)
Hash identifier: 1G5RkCjJuEeMxBXCoMvGhI56JNfuU6ErpSj4KLMO5RE=
Subject key identifier: 8C:B5:C6:44:0F:D3:E1:E6:F5:37:89:49:C2:6E:A2:1C:20:CF:92:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6594DF84085FBB9F7951E716AB915CD654DBEAE6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/528c97d8-1890-4c86-9eee-907363f046e1.roa
Signing time: Mon 06 Oct 2025 18:01:02 +0000
ROA not before: Mon 06 Oct 2025 18:01:02 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:94:df:84:08:5f:bb:9f:79:51:e7:16:ab:91:5c:d6:54:db:ea:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 6 18:01:02 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=30262fd486a95c480b4d8bb9985547398e6b6e6cab46879d833dd635b1096603, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b4:3a:6c:54:82:c4:b1:14:fb:a2:c4:cb:f1:
4f:36:89:cf:39:99:48:f5:25:8b:77:74:af:bd:c8:
25:3b:fb:47:76:2e:54:cc:38:f0:35:f6:b1:76:41:
85:c3:6a:23:7d:e6:68:22:e9:8f:45:d6:33:65:c4:
7a:24:52:4d:c6:f2:55:81:84:8a:c1:e4:74:6f:25:
69:5e:35:dc:1a:a4:86:b6:ba:58:19:ac:6d:e0:a4:
c8:4e:8c:5b:95:3d:a5:95:c8:22:64:ca:79:1a:8b:
82:30:80:05:db:d9:91:9c:26:f1:ca:e4:81:a0:fb:
23:54:66:8c:ed:a3:a9:7b:93:ed:8b:65:a0:83:e7:
29:75:ad:14:13:a0:c8:bd:b4:b4:ea:16:6f:6f:2c:
3a:20:46:4a:d1:8f:33:ff:09:db:e6:10:44:60:03:
73:6c:5f:0a:67:b7:f0:c0:46:3c:d6:ca:b6:f9:5c:
9d:ed:ea:e0:8f:63:20:ee:34:46:bd:95:c7:11:60:
1e:3c:f9:55:2d:bd:99:ce:24:14:a0:77:32:15:e9:
c7:08:e2:58:95:99:de:bb:44:97:ec:00:92:a8:44:
4e:61:8d:76:ea:ce:d9:45:d7:69:35:13:51:df:37:
67:28:47:20:88:d2:c3:0b:38:fb:95:27:e8:ff:60:
51:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B5:C6:44:0F:D3:E1:E6:F5:37:89:49:C2:6E:A2:1C:20:CF:92:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/528c97d8-1890-4c86-9eee-907363f046e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:6000::/40
Signature Algorithm: sha256WithRSAEncryption
48:91:b1:19:ab:2b:57:e9:91:ef:e8:e8:18:1f:82:37:b4:05:
86:3d:ea:31:05:a3:a4:69:1f:02:e5:73:0f:7e:bb:23:b6:d0:
f6:7e:24:66:d6:15:b8:60:9f:18:aa:98:4f:6d:13:ed:0d:e8:
ed:ab:cb:47:86:64:e8:5d:6b:8a:50:33:28:17:f0:6c:db:b5:
d8:1a:9b:5d:22:ac:f7:ad:7b:1e:3e:9b:37:d2:8b:96:cf:ea:
0c:d8:92:ac:df:c7:4c:bb:83:98:c4:fa:f7:b2:a1:6c:ab:87:
15:48:85:87:42:73:47:69:1f:c1:4e:1d:37:05:e8:ef:61:cd:
55:72:8f:8e:68:7d:30:43:98:02:0d:3a:4b:e3:fa:7d:2c:10:
d0:9c:90:12:7b:19:9e:3b:2f:7b:9b:1c:39:74:ec:c9:03:fb:
67:2f:2e:f0:07:97:fe:98:d7:49:ed:75:76:4e:d2:d9:8c:33:
3c:9c:3e:af:da:cb:86:09:03:5a:b2:ac:d9:a2:cd:e9:7e:49:
3f:5a:07:63:99:d3:12:fc:f2:a4:b8:9a:6f:4d:5b:b4:06:d7:
01:cb:2a:9f:cb:7b:90:47:ce:47:a8:3a:25:9c:35:5a:5d:75:
12:61:a5:b2:4f:ef:89:9b:af:e2:cc:90:2b:31:96:a7:60:d4:
a7:9b:df:85
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZZTfhAhfu595UecWq5Fc1lTb6uYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMDYxODAxMDJaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwMjYyZmQ0ODZhOTVjNDgwYjRkOGJiOTk4NTU0NzM5OGU2YjZlNmNhYjQ2
ODc5ZDgzM2RkNjM1YjEwOTY2MDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMy0OmxUgsSxFPuixMvxTzaJzzmZSPUli3d0r73IJTv7R3YuVMw48DX2sXZB
hcNqI33maCLpj0XWM2XEeiRSTcbyVYGEisHkdG8laV413Bqkhra6WBmsbeCkyE6M
W5U9pZXIImTKeRqLgjCABdvZkZwm8crkgaD7I1RmjO2jqXuT7YtloIPnKXWtFBOg
yL20tOoWb28sOiBGStGPM/8J2+YQRGADc2xfCme38MBGPNbKtvlcne3q4I9jIO40
Rr2VxxFgHjz5VS29mc4kFKB3MhXpxwjiWJWZ3rtEl+wAkqhETmGNdurO2UXXaTUT
Ud83ZyhHIIjSwws4+5Un6P9gUfcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSMtcZE
D9Ph5vU3iUnCbqIcIM+S3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI4Yzk3ZDgtMTg5MC00Yzg2LTllZWUtOTA3MzYzZjA0NmUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HNg
MA0GCSqGSIb3DQEBCwUAA4IBAQBIkbEZqytX6ZHv6OgYH4I3tAWGPeoxBaOkaR8C
5XMPfrsjttD2fiRm1hW4YJ8YqphPbRPtDejtq8tHhmToXWuKUDMoF/Bs27XYGptd
Iqz3rXsePps30ouWz+oM2JKs38dMu4OYxPr3sqFsq4cVSIWHQnNHaR/BTh03Bejv
Yc1Vco+OaH0wQ5gCDTpL4/p9LBDQnJASexmeOy97mxw5dOzJA/tnLy7wB5f+mNdJ
7XV2TtLZjDM8nD6v2suGCQNasqzZos3pfkk/WgdjmdMS/PKkuJpvTVu0BtcByyqf
y3uQR85HqDolnDVaXXUSYaWyT++Jm6/izJArMZanYNSnm9+F
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:14 2025 by rpki-client