Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
File: 575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa (raw, json)
Hash identifier: 27FuBtv9utIgIJq0eevuAYsJz7Q/af/f2ObyZYYNqac=
Subject key identifier: DB:92:F6:6E:05:FC:27:FB:A9:83:35:61:4D:8B:DC:18:A4:34:B8:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 032CF73B550C38CA23D2315AF571B014CEB2B749
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
Signing time: Fri 26 Sep 2025 19:38:45 +0000
ROA not before: Fri 26 Sep 2025 19:38:45 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:2c:f7:3b:55:0c:38:ca:23:d2:31:5a:f5:71:b0:14:ce:b2:b7:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:38:45 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=66f9f14affc1ad99242afedf4ca83f07e90742491fbc350f2fca0149a3139106, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:30:61:7d:15:4e:87:de:f1:9d:fb:ce:33:c5:
5f:4c:59:66:56:9b:49:bd:00:df:8d:c4:93:4f:21:
ab:1b:e3:7b:7b:5b:36:01:15:4f:f1:8d:b9:0b:89:
4c:ed:af:17:fb:d2:5d:dd:c4:14:a6:8b:c9:3d:6e:
8b:b9:28:d5:1d:de:34:0f:af:bf:be:a6:f3:66:86:
c1:d2:f3:1f:5c:5f:98:ca:75:22:60:ae:bc:db:e1:
f0:ec:2f:a9:86:ec:2c:00:2f:70:e5:e3:fc:21:c0:
f9:6b:43:6e:c6:d8:ea:47:df:11:f6:2e:4d:aa:9c:
eb:39:2b:42:8e:b1:be:f1:56:4d:b0:3d:15:a6:49:
7f:f3:73:a9:f0:dc:c8:63:0c:ba:51:10:e6:a1:51:
13:60:c7:a7:4a:13:b6:74:cc:8d:c7:aa:37:81:c5:
fa:74:ee:de:1d:b9:82:14:ba:e5:1f:c3:4a:d9:4a:
61:76:64:64:7d:79:84:6a:b0:db:63:6a:bf:95:61:
06:61:b1:b8:a7:e7:ee:ae:b9:03:87:30:6b:f3:1a:
c2:3e:d0:bb:01:4f:db:15:7a:a0:a8:cb:3e:5d:0b:
db:39:4e:7a:b9:01:de:35:a9:c2:dc:8c:b3:83:0b:
67:14:8f:1b:cc:1d:28:9e:34:39:f5:49:d4:ff:34:
d6:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:92:F6:6E:05:FC:27:FB:A9:83:35:61:4D:8B:DC:18:A4:34:B8:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:4000::/40
Signature Algorithm: sha256WithRSAEncryption
ba:f8:77:ef:fd:6b:93:4d:62:51:91:db:5e:8a:ac:b6:63:c3:
a2:82:1f:ee:7e:da:b9:00:4e:38:e0:7c:16:a8:5b:3b:05:04:
6f:78:bf:4e:82:1d:eb:61:f1:80:95:d5:b5:2d:e1:17:0d:87:
91:25:7b:da:6c:2d:5a:a1:cb:f0:2d:94:02:b3:43:ca:24:e9:
a6:19:6c:f8:48:a4:71:67:86:22:09:83:b7:f4:c8:0c:33:d3:
08:61:f7:e6:6c:ed:e8:be:e7:12:53:bd:21:bd:6e:1a:9b:9d:
5e:f3:bf:52:10:88:c4:7f:0c:ef:29:ae:1c:54:26:5e:f5:7d:
a0:b4:0a:ef:97:80:99:fd:26:e4:e6:8d:d3:a4:3f:e6:24:3c:
22:7c:11:32:88:f0:93:2c:96:9d:fd:46:c1:0b:19:ad:5d:53:
ed:ca:6c:7f:99:59:96:44:37:32:cf:e4:f1:3e:f0:bf:72:c6:
98:7e:f4:2d:93:bc:fc:12:f8:2a:0d:44:b9:c7:d3:d0:60:9e:
d8:80:0d:12:18:ac:46:69:9b:b5:93:26:a9:f3:73:12:cd:27:
64:0f:94:4a:6f:ef:45:7a:3b:65:91:60:71:11:df:b6:8f:a9:
cf:7e:f8:9e:a7:ad:64:ea:72:16:c5:e0:64:2c:79:ea:14:20:
16:85:0d:82
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAyz3O1UMOMoj0jFa9XGwFM6yt0kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTM4NDVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2ZjlmMTRhZmZjMWFkOTkyNDJhZmVkZjRjYTgzZjA3ZTkwNzQyNDkxZmJj
MzUwZjJmY2EwMTQ5YTMxMzkxMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOgwYX0VTofe8Z37zjPFX0xZZlabSb0A343Ek08hqxvje3tbNgEVT/GNuQuJ
TO2vF/vSXd3EFKaLyT1ui7ko1R3eNA+vv76m82aGwdLzH1xfmMp1ImCuvNvh8Owv
qYbsLAAvcOXj/CHA+WtDbsbY6kffEfYuTaqc6zkrQo6xvvFWTbA9FaZJf/NzqfDc
yGMMulEQ5qFRE2DHp0oTtnTMjceqN4HF+nTu3h25ghS65R/DStlKYXZkZH15hGqw
22Nqv5VhBmGxuKfn7q65A4cwa/Mawj7QuwFP2xV6oKjLPl0L2zlOerkB3jWpwtyM
s4MLZxSPG8wdKJ40OfVJ1P801n0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTbkvZu
Bfwn+6mDNWFNi9wYpDS4ATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTc1ZTMwYzgtMmVhNS00ZTk3LTg3MmItNmFmMGIzZTgzMThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZA
MA0GCSqGSIb3DQEBCwUAA4IBAQC6+Hfv/WuTTWJRkdteiqy2Y8Oigh/uftq5AE44
4HwWqFs7BQRveL9Ogh3rYfGAldW1LeEXDYeRJXvabC1aocvwLZQCs0PKJOmmGWz4
SKRxZ4YiCYO39MgMM9MIYffmbO3ovucSU70hvW4am51e879SEIjEfwzvKa4cVCZe
9X2gtArvl4CZ/Sbk5o3TpD/mJDwifBEyiPCTLJad/UbBCxmtXVPtymx/mVmWRDcy
z+TxPvC/csaYfvQtk7z8EvgqDUS5x9PQYJ7YgA0SGKxGaZu1kyap83MSzSdkD5RK
b+9FejtlkWBxEd+2j6nPfviep61k6nIWxeBkLHnqFCAWhQ2C
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:47 2025 by rpki-client