Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
File: 5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa (raw, json)
Hash identifier: 6STh4myZBjtAi0fMSzCAeB52q720RkWxQ1k3vG08Yas=
Subject key identifier: 7F:FE:D5:1A:07:C7:00:3F:6F:D2:EF:56:4D:7E:27:FA:51:3B:2D:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21884E16510F7B64BE7907529BB5EF77BA8EA45A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
Signing time: Fri 26 Sep 2025 18:41:15 +0000
ROA not before: Fri 26 Sep 2025 18:41:15 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:88:4e:16:51:0f:7b:64:be:79:07:52:9b:b5:ef:77:ba:8e:a4:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:41:15 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a307af7e6c5c55c27a7d5b75778bafe0b332e1e82c819a003882c1b1010e474d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:73:24:c9:b6:05:b3:79:fb:85:aa:ea:ea:11:
a9:5c:28:d2:43:d9:2e:dd:2b:c6:f5:87:42:35:52:
f1:9e:dc:ef:c5:65:37:12:a5:6a:de:21:31:b9:52:
37:3c:49:af:ae:0a:e9:49:35:ad:8a:63:df:cb:c1:
36:55:2f:9d:f6:2e:40:3b:44:df:b3:a7:c7:74:02:
22:2f:db:9a:7c:16:a6:98:77:5a:7d:f4:d8:25:ca:
5d:d0:0a:ff:f1:4d:41:9d:b2:97:1d:43:0c:72:38:
6f:7c:d9:d3:20:73:b0:5f:57:ff:1c:f7:c9:f1:b1:
e5:ed:79:f1:5a:e9:5b:68:7d:76:5c:0f:f0:f0:83:
7d:7d:88:c9:b4:97:b8:c6:39:d9:92:9a:bf:23:fa:
86:b0:fd:a5:db:5e:b9:24:7c:01:ba:16:cd:d5:c4:
d4:65:5a:57:50:47:a8:22:12:ed:50:c3:7e:61:6b:
8f:78:e6:70:33:c3:36:63:45:99:8a:3b:f4:b5:f6:
96:9f:12:92:97:0c:4f:f9:d3:7a:8d:c0:8f:00:b3:
c6:b5:cb:f7:2d:60:28:d8:40:48:42:49:9c:03:c6:
c5:90:df:c8:05:0b:7a:e5:09:57:67:18:d0:db:8a:
94:28:a6:b1:6f:e2:55:2a:3f:bc:3b:c1:1b:60:21:
8a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:FE:D5:1A:07:C7:00:3F:6F:D2:EF:56:4D:7E:27:FA:51:3B:2D:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80b0::/48
Signature Algorithm: sha256WithRSAEncryption
87:3a:64:52:ec:53:19:b8:db:16:1b:46:1e:5d:e3:49:6d:80:
b0:8f:01:f6:b2:5b:a1:e5:33:54:77:fb:b2:64:ef:7b:60:57:
1e:37:9e:f6:d6:74:c7:ea:41:16:57:cb:40:64:56:ac:1f:66:
03:1d:0e:21:60:d5:0c:d0:34:76:ce:e0:52:bf:94:91:be:dd:
0d:d4:0b:3c:27:38:08:e5:4d:81:ae:f4:08:18:ba:22:7c:dc:
47:c1:99:54:a8:a3:45:25:d2:03:62:09:2c:52:91:c3:64:ed:
87:fe:4b:de:e8:e2:88:32:6f:f3:c6:25:56:0c:9b:0f:64:41:
0a:c9:0a:d4:2e:c8:ee:f5:9f:fd:03:91:3e:d6:5a:a1:65:11:
76:46:32:8a:7a:cf:74:ee:d7:4d:8c:f5:7e:2e:fc:39:a4:e7:
d9:67:a0:f3:cd:60:56:a4:94:86:73:41:65:fa:d9:0b:9a:c8:
cf:6c:49:59:09:e4:cd:f5:e6:05:ec:39:67:57:b7:12:f3:9c:
f7:bf:01:db:b4:72:b2:31:9e:b8:c5:37:d2:a1:e9:76:e4:3d:
b8:9b:f7:55:aa:c3:75:4e:4f:3d:9a:ac:bc:e1:7d:11:9d:b6:
ba:4f:cf:c0:06:bb:9e:f2:bc:23:ff:3f:4e:a6:c8:d5:68:31:
68:b7:c9:66
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIYhOFlEPe2S+eQdSm7Xvd7qOpFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODQxMTVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzMDdhZjdlNmM1YzU1YzI3YTdkNWI3NTc3OGJhZmUwYjMzMmUxZTgyYzgx
OWEwMDM4ODJjMWIxMDEwZTQ3NGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJzJMm2BbN5+4Wq6uoRqVwo0kPZLt0rxvWHQjVS8Z7c78VlNxKlat4hMblS
NzxJr64K6Uk1rYpj38vBNlUvnfYuQDtE37Onx3QCIi/bmnwWpph3Wn302CXKXdAK
//FNQZ2ylx1DDHI4b3zZ0yBzsF9X/xz3yfGx5e158VrpW2h9dlwP8PCDfX2IybSX
uMY52ZKavyP6hrD9pdteuSR8AboWzdXE1GVaV1BHqCIS7VDDfmFrj3jmcDPDNmNF
mYo79LX2lp8SkpcMT/nTeo3AjwCzxrXL9y1gKNhASEJJnAPGxZDfyAULeuUJV2cY
0NuKlCimsW/iVSo/vDvBG2AhikcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR//tUa
B8cAP2/S71ZNfif6UTstSTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQxZmZmOTgtNDQxNS00Y2QwLWIyY2MtMjZmNjFhOGNhZTdiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
sDANBgkqhkiG9w0BAQsFAAOCAQEAhzpkUuxTGbjbFhtGHl3jSW2AsI8B9rJboeUz
VHf7smTve2BXHjee9tZ0x+pBFlfLQGRWrB9mAx0OIWDVDNA0ds7gUr+Ukb7dDdQL
PCc4COVNga70CBi6InzcR8GZVKijRSXSA2IJLFKRw2Tth/5L3ujiiDJv88YlVgyb
D2RBCskK1C7I7vWf/QORPtZaoWURdkYyinrPdO7XTYz1fi78OaTn2Weg881gVqSU
hnNBZfrZC5rIz2xJWQnkzfXmBew5Z1e3EvOc978B27RysjGeuMU30qHpduQ9uJv3
VarDdU5PPZqsvOF9EZ22uk/PwAa7nvK8I/8/TqbI1WgxaLfJZg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:14 2025 by rpki-client