Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa
File: 57cdb107-9a3c-4e41-87e2-149f989f7fae.roa (raw, json)
Hash identifier: 60U6n2kJypC5io4zeeMdvZqToelF58cyb7Wmr6opSt4=
Subject key identifier: 07:65:99:80:E7:B2:1F:9A:10:77:71:DA:0F:F2:9E:2F:23:A8:D2:68
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 66C7CFCD162652C1873AA77B2972740D491B5CB9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa
Signing time: Mon 29 Sep 2025 15:24:11 +0000
ROA not before: Mon 29 Sep 2025 15:24:11 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:60c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:c7:cf:cd:16:26:52:c1:87:3a:a7:7b:29:72:74:0d:49:1b:5c:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 29 15:24:11 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=4cafa62e0099bbf824fe3ae377eb45c5074d99a652f7196234f957bb4491b356, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1c:fc:75:6b:9d:ec:14:88:ae:ee:84:9e:9a:
0d:75:5d:98:79:e9:c9:6c:78:6e:52:1a:a8:38:f4:
71:cb:fb:86:25:ca:1b:c3:4d:40:51:f5:9f:be:93:
c8:05:a6:0b:93:b6:ea:9c:71:a1:1e:3e:69:35:97:
98:a7:57:2c:9d:5b:1b:2f:9b:33:58:5b:77:fd:27:
91:a9:9c:37:ff:db:33:fc:25:db:6c:33:55:ad:1d:
5f:8d:58:a9:e9:4a:db:c9:da:64:36:c2:5b:fd:a5:
63:c6:61:d4:06:80:82:e6:d2:9b:d7:64:7b:d5:6e:
c7:6c:1a:e5:44:0a:02:6b:92:51:2e:57:4c:13:d5:
8e:0f:a1:bd:65:dc:fb:88:62:38:9b:1a:d5:6b:a6:
fc:4e:34:30:5a:d2:ac:d8:c0:43:e5:79:65:b3:0f:
31:ce:56:fb:8e:12:2a:f4:5f:a5:e5:3f:8b:7c:66:
e8:ed:04:27:a9:c9:5f:c7:da:7c:01:84:32:63:e0:
e9:8e:5c:ac:7d:7d:12:83:15:3e:71:d9:23:82:ac:
99:27:a9:35:5f:91:34:5c:ac:5d:fd:3e:05:cc:5d:
0b:ca:45:36:bf:48:8c:7a:9f:4c:eb:bd:a6:b5:4c:
58:0b:f5:ce:99:96:f0:ce:01:43:01:f0:95:be:61:
4b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:65:99:80:E7:B2:1F:9A:10:77:71:DA:0F:F2:9E:2F:23:A8:D2:68
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
bc:52:ab:4c:5f:31:ca:28:09:2c:91:72:ff:95:85:ab:eb:e0:
91:32:b3:be:6d:7c:ad:db:07:61:f3:66:5a:3e:3c:ec:de:34:
99:8e:51:03:71:47:24:e7:31:c4:58:79:e6:39:74:ee:73:69:
6f:97:8d:53:1e:2a:18:a6:3c:86:75:77:f1:9d:b7:48:d9:63:
0b:1e:67:e9:ed:27:60:4d:9f:bd:7e:5e:b0:e9:bb:60:9d:49:
69:1f:98:b3:f2:18:45:88:09:82:ff:86:fe:9f:b4:c5:26:75:
ec:ca:6f:58:84:82:8a:7d:46:62:b3:d1:ac:e6:6d:34:ed:93:
50:3d:43:9c:fb:6e:6d:ed:d1:e3:d7:f4:44:09:eb:07:05:4a:
88:60:cc:9a:e7:ce:90:80:b7:f6:d1:19:e4:25:f8:89:5d:a2:
c5:54:79:44:c6:1f:2f:c7:67:21:59:c1:d4:1e:e1:4b:5a:d6:
c2:f3:4a:14:57:93:7e:4a:de:86:4c:9e:b7:10:17:cc:42:a3:
3c:21:6e:60:1a:7f:29:7d:44:3d:f9:e5:bf:b0:08:5c:bf:f8:
a3:f4:19:42:78:7c:5a:7a:a0:0a:3f:4d:60:9a:b2:87:f6:18:
6d:5e:18:17:5c:fe:46:ca:0f:35:d5:3d:c3:8f:43:5f:47:25:
74:a6:75:b6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZsfPzRYmUsGHOqd7KXJ0DUkbXLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjkxNTI0MTFaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjYWZhNjJlMDA5OWJiZjgyNGZlM2FlMzc3ZWI0NWM1MDc0ZDk5YTY1MmY3
MTk2MjM0Zjk1N2JiNDQ5MWIzNTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgc/HVrnewUiK7uhJ6aDXVdmHnpyWx4blIaqDj0ccv7hiXKG8NNQFH1n76T
yAWmC5O26pxxoR4+aTWXmKdXLJ1bGy+bM1hbd/0nkamcN//bM/wl22wzVa0dX41Y
qelK28naZDbCW/2lY8Zh1AaAgubSm9dke9Vux2wa5UQKAmuSUS5XTBPVjg+hvWXc
+4hiOJsa1Wum/E40MFrSrNjAQ+V5ZbMPMc5W+44SKvRfpeU/i3xm6O0EJ6nJX8fa
fAGEMmPg6Y5crH19EoMVPnHZI4KsmSepNV+RNFysXf0+BcxdC8pFNr9IjHqfTOu9
prVMWAv1zpmW8M4BQwHwlb5hS+8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQHZZmA
57IfmhB3cdoP8p4vI6jSaDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTdjZGIxMDctOWEzYy00ZTQxLTg3ZTItMTQ5Zjk4OWY3ZmFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
wDANBgkqhkiG9w0BAQsFAAOCAQEAvFKrTF8xyigJLJFy/5WFq+vgkTKzvm18rdsH
YfNmWj487N40mY5RA3FHJOcxxFh55jl07nNpb5eNUx4qGKY8hnV38Z23SNljCx5n
6e0nYE2fvX5esOm7YJ1JaR+Ys/IYRYgJgv+G/p+0xSZ17MpvWISCin1GYrPRrOZt
NO2TUD1DnPtube3R49f0RAnrBwVKiGDMmufOkIC39tEZ5CX4iV2ixVR5RMYfL8dn
IVnB1B7hS1rWwvNKFFeTfkrehkyetxAXzEKjPCFuYBp/KX1EPfnlv7AIXL/4o/QZ
Qnh8WnqgCj9NYJqyh/YYbV4YF1z+RsoPNdU9w49DX0cldKZ1tg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:13:26 2025 by rpki-client