Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fae084a-25bc-483a-9a0a-2dc71c247184.roa
File: 5fae084a-25bc-483a-9a0a-2dc71c247184.roa (raw, json)
Hash identifier: UU/jD0KLYNeFmja27lqL1PncSn8DModeuc1ioG0Tmn8=
Subject key identifier: 4F:0D:C8:5C:15:64:6A:3C:81:16:AD:3C:45:FD:88:E7:81:3A:F8:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 417A96425176A0452C768FEF165CB0A2C0113E34
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fae084a-25bc-483a-9a0a-2dc71c247184.roa
Signing time: Sun 19 Oct 2025 23:50:09 +0000
ROA not before: Sun 19 Oct 2025 23:50:09 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:7a:96:42:51:76:a0:45:2c:76:8f:ef:16:5c:b0:a2:c0:11:3e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 19 23:50:09 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=2cbb7b07870393d29211dce7772caeb908cb4d6d5cefebaf57842d059900ee81, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1f:82:40:d2:98:84:07:90:b2:fd:d1:ee:50:
bc:3f:7b:a9:28:77:25:4c:31:2e:43:58:ac:c8:7f:
a0:65:e8:b1:de:8e:69:ef:6c:8b:90:48:d0:e6:39:
c1:de:5b:33:78:24:e1:98:e7:c4:a1:34:71:cf:6b:
10:d3:b7:45:a5:46:d6:3c:ec:38:fe:2c:1d:46:be:
f0:41:4a:92:7a:08:f1:82:4a:fc:84:a3:76:d2:57:
a7:42:3d:44:8c:22:aa:80:af:f8:79:c2:57:fa:a3:
13:06:32:78:ee:9e:de:84:b8:56:f8:fb:6e:9a:0f:
0f:fa:53:e8:96:4d:cb:2a:23:f2:c2:33:81:04:fb:
98:4d:49:da:66:50:bb:98:b2:17:e7:28:91:4d:47:
b9:59:80:02:a9:ee:14:21:50:68:5f:6b:34:41:14:
b1:17:c1:97:cc:c9:63:c5:86:30:e0:76:56:94:e4:
e3:9a:1e:9f:b9:5f:e9:d9:15:5c:e2:bb:4f:9b:6a:
f2:b9:76:f9:6e:7d:b2:47:a3:7e:95:f0:1d:22:d1:
5c:12:80:11:5e:69:84:7e:33:04:a0:b8:3c:a5:ab:
e3:db:c2:9c:09:85:62:2f:22:25:9d:66:18:38:77:
5a:cf:26:95:4a:71:2d:aa:14:e8:b9:2b:56:06:82:
87:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:0D:C8:5C:15:64:6A:3C:81:16:AD:3C:45:FD:88:E7:81:3A:F8:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fae084a-25bc-483a-9a0a-2dc71c247184.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:800::/40
Signature Algorithm: sha256WithRSAEncryption
6b:bd:d2:91:28:62:82:6a:03:ad:6d:89:c8:f7:34:d8:be:9d:
7b:1c:e0:6d:e3:4d:95:be:e4:1f:82:67:fd:ad:09:9d:95:06:
25:44:c3:9a:9b:c7:3f:cb:0c:b8:6e:ba:e2:ee:70:f5:89:4e:
c6:f6:44:e9:bf:e4:89:6a:88:d8:6b:23:3a:13:9d:b4:88:ef:
35:ca:63:95:d7:6a:52:f0:08:e9:28:d1:58:22:33:5b:e6:01:
4e:7b:86:28:82:ad:eb:30:6e:bd:de:6c:9e:e5:e6:b9:a9:bb:
d2:5f:7d:a8:98:f9:39:92:9e:af:81:ef:25:1e:53:7d:39:91:
67:a5:9b:e7:d7:da:1c:40:78:c7:d0:57:8d:0c:0d:26:dd:0c:
51:ae:21:11:01:65:29:f9:51:dd:96:c9:34:d5:c1:fd:1f:8d:
19:ba:c8:86:e8:b3:d6:98:b1:4e:a1:59:f5:4c:06:e5:30:dd:
b3:08:71:e9:b1:b5:8c:d3:88:c1:2f:f7:44:e3:27:d4:c0:33:
70:cf:c0:0a:44:39:45:dd:be:41:33:dd:ce:a4:7d:dc:54:dc:
66:0e:b6:24:ef:e6:90:3d:42:7a:d7:56:f6:8a:e5:78:f0:9b:
f6:8e:df:9b:50:28:10:6b:22:f1:1f:74:cc:6a:0b:27:1b:62:
39:b8:a9:87
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQXqWQlF2oEUsdo/vFlywosARPjQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTkyMzUwMDlaFw0yNTExMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjYmI3YjA3ODcwMzkzZDI5MjExZGNlNzc3MmNhZWI5MDhjYjRkNmQ1Y2Vm
ZWJhZjU3ODQyZDA1OTkwMGVlODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYfgkDSmIQHkLL90e5QvD97qSh3JUwxLkNYrMh/oGXosd6Oae9si5BI0OY5
wd5bM3gk4ZjnxKE0cc9rENO3RaVG1jzsOP4sHUa+8EFKknoI8YJK/ISjdtJXp0I9
RIwiqoCv+HnCV/qjEwYyeO6e3oS4Vvj7bpoPD/pT6JZNyyoj8sIzgQT7mE1J2mZQ
u5iyF+cokU1HuVmAAqnuFCFQaF9rNEEUsRfBl8zJY8WGMOB2VpTk45oen7lf6dkV
XOK7T5tq8rl2+W59skejfpXwHSLRXBKAEV5phH4zBKC4PKWr49vCnAmFYi8iJZ1m
GDh3Ws8mlUpxLaoU6LkrVgaChxUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRPDchc
FWRqPIEWrTxF/YjngTr40DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWZhZTA4NGEtMjViYy00ODNhLTlhMGEtMmRjNzFjMjQ3MTg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8I
MA0GCSqGSIb3DQEBCwUAA4IBAQBrvdKRKGKCagOtbYnI9zTYvp17HOBt402VvuQf
gmf9rQmdlQYlRMOam8c/ywy4brri7nD1iU7G9kTpv+SJaojYayM6E520iO81ymOV
12pS8AjpKNFYIjNb5gFOe4Yogq3rMG693mye5ea5qbvSX32omPk5kp6vge8lHlN9
OZFnpZvn19ocQHjH0FeNDA0m3QxRriERAWUp+VHdlsk01cH9H40ZusiG6LPWmLFO
oVn1TAblMN2zCHHpsbWM04jBL/dE4yfUwDNwz8AKRDlF3b5BM93OpH3cVNxmDrYk
7+aQPUJ611b2iuV48Jv2jt+bUCgQayLxH3TMagsnG2I5uKmH
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:07:54 2025 by rpki-client